diff options
| author | Andrew Tridgell <tridge@samba.org> | 2007-05-26 16:32:32 +1000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2007-05-26 16:32:32 +1000 |
| commit | 9aa692669bc0dc0b7282b294e85230159917bae0 (patch) | |
| tree | 8d7466d57889f6e7f0fd1d32581c5b19b8f5a956 /ctdb/tcp/tcp_io.c | |
| parent | 2b86216b668337403fbf92fa13ff77a7a2fb2822 (diff) | |
| download | samba-9aa692669bc0dc0b7282b294e85230159917bae0.tar.gz | |
paranoid checks for bad packets in tcp layer. Close the socket if it gets a bad packet
(This used to be ctdb commit 1277089e5c6e1036517c63ee8c8e4ff98cb76cf8)
Diffstat (limited to 'ctdb/tcp/tcp_io.c')
| -rw-r--r-- | ctdb/tcp/tcp_io.c | 40 |
1 files changed, 25 insertions, 15 deletions
diff --git a/ctdb/tcp/tcp_io.c b/ctdb/tcp/tcp_io.c index 3e267e504cd..e90770ec73c 100644 --- a/ctdb/tcp/tcp_io.c +++ b/ctdb/tcp/tcp_io.c @@ -34,38 +34,48 @@ void ctdb_tcp_read_cb(uint8_t *data, size_t cnt, void *args) { struct ctdb_incoming *in = talloc_get_type(args, struct ctdb_incoming); - struct ctdb_req_header *hdr; + struct ctdb_req_header *hdr = (struct ctdb_req_header *)data; if (data == NULL) { /* incoming socket has died */ - talloc_free(in); - return; + goto failed; } if (cnt < sizeof(*hdr)) { - ctdb_set_error(in->ctdb, "Bad packet length %u\n", (unsigned)cnt); - return; + DEBUG(0,(__location__ " Bad packet length %u\n", (unsigned)cnt)); + goto failed; } - hdr = (struct ctdb_req_header *)data; + + if (cnt & (CTDB_TCP_ALIGNMENT-1)) { + DEBUG(0,(__location__ " Length 0x%x not multiple of alignment\n", cnt)); + goto failed; + } + + if (cnt != hdr->length) { - ctdb_set_error(in->ctdb, "Bad header length %u expected %u\n", - (unsigned)hdr->length, (unsigned)cnt); - return; + DEBUG(0,(__location__ " Bad header length %u expected %u\n", + (unsigned)hdr->length, (unsigned)cnt)); + goto failed; } if (hdr->ctdb_magic != CTDB_MAGIC) { - ctdb_set_error(in->ctdb, "Non CTDB packet rejected\n"); - return; + DEBUG(0,(__location__ " Non CTDB packet 0x%x rejected\n", + hdr->ctdb_magic)); + goto failed; } if (hdr->ctdb_version != CTDB_VERSION) { - ctdb_set_error(in->ctdb, "Bad CTDB version 0x%x rejected\n", hdr->ctdb_version); - return; + DEBUG(0, (__location__ " Bad CTDB version 0x%x rejected\n", + hdr->ctdb_version)); + goto failed; } - /* most common case - we got a whole packet in one go - tell the ctdb layer above that we have a packet */ + /* tell the ctdb layer above that we have a packet */ in->ctdb->upcalls->recv_pkt(in->ctdb, data, cnt); + return; + +failed: + talloc_free(in); } /* |