From b873085c1cf35e12a8090bfb5b316ffdf305abd9 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@anytun.org>
Date: Wed, 13 Jan 2010 02:12:05 +0000
Subject: fixed packet length check

---
 src/anytun.cpp | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/anytun.cpp b/src/anytun.cpp
index 51c2b1d..5036fa1 100644
--- a/src/anytun.cpp
+++ b/src/anytun.cpp
@@ -230,7 +230,8 @@ void receiver(TunDevice* dev, PacketSource* src)
     std::auto_ptr<Cipher> c(CipherFactory::create(gOpt.getCipher(), KD_INBOUND));
     std::auto_ptr<AuthAlgo> a(AuthAlgoFactory::create(gOpt.getAuthAlgo(), KD_INBOUND));
     
-    EncryptedPacket encrypted_packet(MAX_PACKET_LENGTH, gOpt.getAuthTagLength());
+    u_int32_t auth_tag_length = gOpt.getAuthTagLength();
+    EncryptedPacket encrypted_packet(MAX_PACKET_LENGTH, auth_tag_length);
     PlainPacket plain_packet(MAX_PACKET_LENGTH);
     
     while(1) {
@@ -252,7 +253,7 @@ void receiver(TunDevice* dev, PacketSource* src)
       if(len < 0)
         continue; // silently ignore socket recv errors, this is probably no good idea...
 
-      if(static_cast<u_int32_t>(len) < EncryptedPacket::getHeaderLength())
+      if(static_cast<u_int32_t>(len) < (EncryptedPacket::getHeaderLength() + auth_tag_length))
         continue; // ignore short packets
       encrypted_packet.setLength(len);
       
-- 
cgit v1.2.3