diff options
author | Guanhao Yin <sopium@mysterious.site> | 2017-03-25 00:51:32 +0800 |
---|---|---|
committer | Guanhao Yin <sopium@mysterious.site> | 2017-03-25 00:51:32 +0800 |
commit | a4fd452178f033cafae3c12f00926504686a5ef8 (patch) | |
tree | fc503e9681a8f5ca9ad0dbb9300a082a25037827 | |
parent | Implement RX/TX bytes counting (diff) | |
download | wireguard-rs-a4fd452178f033cafae3c12f00926504686a5ef8.tar.xz wireguard-rs-a4fd452178f033cafae3c12f00926504686a5ef8.zip |
Check for length of decrypted packet
-rw-r--r-- | src/protocol/controller.rs | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/protocol/controller.rs b/src/protocol/controller.rs index 9c0a2fb..d4a0680 100644 --- a/src/protocol/controller.rs +++ b/src/protocol/controller.rs @@ -347,7 +347,11 @@ fn udp_process_transport(wg: &WgState, tun: &Tun, p: &[u8], addr: SocketAddr) { if peer1.is_none() || !Arc::ptr_eq(&peer0, &peer1.unwrap()) { debug!("Get transport message: allowed IPs check failed."); } else { - tun.write(&decrypted[..len as usize]).unwrap(); + if len as usize <= decrypted.len() { + tun.write(&decrypted[..len as usize]).unwrap(); + } else { + debug!("Get transport message: packet truncated?"); + } } } peer.on_recv(decrypted.len() == 0); |