]> git.deb.at Git - pkg/netris.git/blobdiff - inet.c
projects / pkg / netris.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Imported Debian patch 0.52-2
[pkg/netris.git] / inet.c
diff --git a/inet.c b/inet.c
index dbfe7484f0d8b9bb2a65f956ce9afc7e9d979bb5..068cb8915cf1249a64a0dc3540b88b09e6ae4ce0 100644 (file)
--- a/inet.c
+++ b/inet.c
@@ -42,6 +42,8 @@ static int isServer, lostConn, gotEndConn;
 
 ExtFunc void InitNet(void)
 {
+       lostConn = 0;
+       gotEndConn = 0;
        AtExit(CloseNet);
 }
 
@@ -151,6 +153,9 @@ static MyEventType NetGenFunc(EventGenRec *gen, MyEvent *event)
        memcpy(data, netBuf, sizeof(data));
        type = ntoh2(data[0]);
        size = ntoh2(data[1]);
+       if (size >= sizeof(netBuf))
+               fatal("Received an invalid packet (too large), possibly an attempt\n"
+                         "  to exploit a vulnerability in versions before 0.52 !");
        netBufGoal = size;
        if (netBufSize < netBufGoal)
                return E_none;