diff options
| author | David Gwynne <dlg@cvs.openbsd.org> | 2020-06-21 04:58:53 +0000 |
|---|---|---|
| committer | David Gwynne <dlg@cvs.openbsd.org> | 2020-06-21 04:58:53 +0000 |
| commit | 708df011895c466572519abe7cb5ba2a62b9b91f (patch) | |
| tree | 0f83cb52ecedcd31509990c6e51fcbe124daa1f3 /usr.sbin/tcpdump | |
| parent | 0c978e387b56ea7d8b7a4a256e64d079b39ed01a (diff) | |
don't claim packets as wg if there's not enough captured bytes to read.
Diffstat (limited to 'usr.sbin/tcpdump')
| -rw-r--r-- | usr.sbin/tcpdump/print-wg.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/usr.sbin/tcpdump/print-wg.c b/usr.sbin/tcpdump/print-wg.c index 452c3f53ac6..1d6c9c255c9 100644 --- a/usr.sbin/tcpdump/print-wg.c +++ b/usr.sbin/tcpdump/print-wg.c @@ -61,11 +61,21 @@ struct wg_data { uint32_t wg_match(const u_char *bp, u_int length) { + u_int caplen; uint32_t type; - if (length < 4) + if (length < sizeof(type)) return 0; + if (snapend - bp < sizeof(type)) { + /* + * we don't have enough bytes to tell if it is wg, + * so don't claim it, and don't claim it's truncated + * wireguard either. + */ + return (0); + } + type = EXTRACT_LE_32BITS(bp); if (type == INITIATION && length == sizeof(struct wg_initiation)) |