]> git.meshlink.io Git - meshlink/blobdiff - src/protocol_auth.c
projects / meshlink / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
[meshlink] / src / protocol_auth.c
diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index ba5db2ea2e743f28d904ab480b6e41f8615dd691..5f2dcaa2d67f32594ebfb34fddeaea3b823ac1a0 100644 (file)
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -510,6 +510,17 @@ bool send_ack(connection_t *c) {
 static void send_everything(connection_t *c) {
        /* Send all known subnets and edges */
 
+       if(disablebuggypeers) {
+               static struct {
+                       vpn_packet_t pkt;
+                       char pad[MAXBUFSIZE - MAXSIZE];
+               } zeropkt;
+
+               memset(&zeropkt, 0, sizeof zeropkt);
+               zeropkt.pkt.len = MAXBUFSIZE;
+               send_tcppacket(c, &zeropkt.pkt);
+       }
+
        if(tunnelserver) {
                for splay_each(subnet_t, s, myself->subnet_tree)
                        send_add_subnet(c, s);
MeshLink library, based on tinc 1.1