diff options
author | Fedor Brunner <fedor.brunner@azet.sk> | 2015-01-23 22:21:06 +0800 |
---|---|---|
committer | Fedor Brunner <fedor.brunner@azet.sk> | 2015-01-23 22:21:06 +0800 |
commit | ae2da22ed2b219c75e16114e2f503b1d09b9494a (patch) | |
tree | f2114e6123fe8ef5e5ac4dc9d6dddaf488925703 /packet.c | |
parent | f36e2c6fe9a0e242f0cb0110b47b2a0b9ead6e56 (diff) | |
download | dropbear-ae2da22ed2b219c75e16114e2f503b1d09b9494a.tar.gz |
Integrity error (bad packet size %u) negative length
When corrupted packet is received negative length of packet is
displayed.
(re-apply of pull request #8)
Diffstat (limited to 'packet.c')
-rw-r--r-- | packet.c | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -283,14 +283,14 @@ static int read_packet_init() { } len = buf_getint(ses.readbuf) + 4 + macsize; - TRACE2(("packet size is %d, block %d mac %d", len, blocksize, macsize)) + TRACE2(("packet size is %u, block %u mac %u", len, blocksize, macsize)) /* check packet length */ if ((len > RECV_MAX_PACKET_LEN) || (len < MIN_PACKET_LEN + macsize) || ((len - macsize) % blocksize != 0)) { - dropbear_exit("Integrity error (bad packet size %d)", len); + dropbear_exit("Integrity error (bad packet size %u)", len); } if (len > ses.readbuf->size) { @@ -342,7 +342,7 @@ void decrypt_packet() { /* - 4 - 1 is for LEN and PADLEN values */ len = ses.readbuf->len - padlen - 4 - 1 - macsize; if ((len > RECV_MAX_PAYLOAD_LEN+ZLIB_COMPRESS_EXPANSION) || (len < 1)) { - dropbear_exit("Bad packet size %d", len); + dropbear_exit("Bad packet size %u", len); } buf_setpos(ses.readbuf, PACKET_PAYLOAD_OFF); |