If we pass a packet length larger than 2^16, we should panic() instead - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	patrick <patrick@openbsd.org>	2020-05-19 12:54:37 +0000
committer	patrick <patrick@openbsd.org>	2020-05-19 12:54:37 +0000
commit	396ee6d6b62cd4725fd412b6e857e55aee684d35 (patch)
tree	f689c39f52aa7077e5d43f39321bceaa0d6608b9 /lib/libssl/ssl_both.c
parent	Move back to FFS1 by default for MFS as suggested by millert@. OK otto@ (diff)
download	wireguard-openbsd-396ee6d6b62cd4725fd412b6e857e55aee684d35.tar.xz wireguard-openbsd-396ee6d6b62cd4725fd412b6e857e55aee684d35.zip

If we pass a packet length larger than 2^16, we should panic() instead

of returning -1. With a return type of u_int16_t, -1 is not different to a valid checksum. For incoming packets, the header lengths don't exceed that size anyway, but for outgoing packets it's better to see if our bootloader crafts a broken one. Discussed with gerhard@ ok deraadt@ procter@

Diffstat (limited to 'lib/libssl/ssl_both.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: