From a4fd452178f033cafae3c12f00926504686a5ef8 Mon Sep 17 00:00:00 2001
From: Guanhao Yin <sopium@mysterious.site>
Date: Sat, 25 Mar 2017 00:51:32 +0800
Subject: Check for length of decrypted packet

---
 src/protocol/controller.rs | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/protocol/controller.rs b/src/protocol/controller.rs
index 9c0a2fb..d4a0680 100644
--- a/src/protocol/controller.rs
+++ b/src/protocol/controller.rs
@@ -347,7 +347,11 @@ fn udp_process_transport(wg: &WgState, tun: &Tun, p: &[u8], addr: SocketAddr) {
                     if peer1.is_none() || !Arc::ptr_eq(&peer0, &peer1.unwrap()) {
                         debug!("Get transport message: allowed IPs check failed.");
                     } else {
-                        tun.write(&decrypted[..len as usize]).unwrap();
+                        if len as usize <= decrypted.len() {
+                            tun.write(&decrypted[..len as usize]).unwrap();
+                        } else {
+                            debug!("Get transport message: packet truncated?");
+                        }
                     }
                 }
                 peer.on_recv(decrypted.len() == 0);
-- 
cgit v1.2.3-59-g8ed1b