1 |
--- trunk/common/packets.c 2012/07/31 22:29:54 21669 |
2 |
+++ trunk/common/packets.c 2012/07/31 22:41:50 21670 |
3 |
@@ -339,7 +339,7 @@ |
4 |
return a NULL packet even if everything is OK (receive_packet_goto_route). |
5 |
**************************************************************************/ |
6 |
void *get_packet_from_connection(struct connection *pc, |
7 |
- enum packet_type *ptype, bool * presult) |
8 |
+ enum packet_type *ptype, bool *presult) |
9 |
{ |
10 |
int len_read; |
11 |
int whole_packet_len; |
12 |
@@ -396,6 +396,14 @@ |
13 |
return NULL; /* not all data has been read */ |
14 |
} |
15 |
|
16 |
+ if (whole_packet_len < header_size) { |
17 |
+ log_verbose("The packet size is reported to be less than header alone. " |
18 |
+ "The connection will be closed now."); |
19 |
+ connection_close(pc, _("illegal packet size")); |
20 |
+ |
21 |
+ return NULL; |
22 |
+ } |
23 |
+ |
24 |
#ifdef USE_COMPRESSION |
25 |
if (compressed_packet) { |
26 |
uLong compressed_size = whole_packet_len - header_size; |