fixed some bugs that can lead to remove segfaults

author: elnerd <erlend.leiknes@gmail.com> 2019-01-16 20:40:58 +0100
committer: elnerd <erlend.leiknes@gmail.com> 2019-01-16 20:40:58 +0100
commit: bf54c7ed64a17693762a9db4fbaa3765d182a501 (patch)
tree: 6127139aee5d3c3b10f70d092a775f7f94774517 /src
parent: d9d7a33d2e2f1627845001b98152cd05b5781ab3 (diff)
2 files changed, 12 insertions, 2 deletions
diff --git a/src/pdesc.c b/src/pdesc.c
index 5ba2003..51fa3ab 100644
--- a/src/pdesc.c
+++ b/src/pdesc.c
@@ -56,7 +56,7 @@
  * the descriptor chain. If the sock argument is 0, the function will establish
  * a TCP connection to the ip and port given by dst_ip, dst_port.
  */
-proxy_desc_t* create_and_insert_proxy_desc(uint16_t id_no, uint16_t icmp_id,
+proxy_desc_t *create_and_insert_proxy_desc(uint16_t id_no, uint16_t icmp_id,
                                            int sock, struct sockaddr_in *addr,
 			                               uint32_t dst_ip, uint32_t dst_port,
                                            uint32_t init_state, uint32_t type) {
diff --git a/src/pkt.c b/src/pkt.c
index 06dfd91..9ba2181 100644
--- a/src/pkt.c
+++ b/src/pkt.c
@@ -124,6 +124,10 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a
   
 			pkt_flag        = pt_pkt->state & kFlag_mask;
 			pt_pkt->state   &= ~kFlag_mask;
+			if (pt_pkt->state > (kNum_proto_types-1)) {
+				pt_log(kLog_error, "Dropping packet with invalid state.\n");
+				return;
+			}
 			pt_log(kLog_sendrecv, "Recv: %d [%d] bytes "
 			                      "[seq = %d] [type = %s] "
 			                      "[ack = %d] [icmp = %d] "
@@ -166,14 +170,20 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a
 						else
 							init_state  = kProto_data;
 
-						cur = create_and_insert_proxy_desc(pt_pkt->id_no, pkt->identifier, 0,
+						cur = (proxy_desc_t*) create_and_insert_proxy_desc(pt_pkt->id_no, pkt->identifier, 0,
 						                                   addr, pt_pkt->dst_ip,
 						                                   ntohl(pt_pkt->dst_port),
 						                                   init_state, kProxy_flag);
+					       if (!cur) {
+							/* if failed, abort. Logging is done in create_insert_proxy_desc */
+							pt_log(kLog_info, "failed to create proxy descriptor\n");
+							return;
+						}
 						if (init_state == kProto_authenticate) {
 							pt_log(kLog_debug, "Sending authentication challenge..\n");
 							/* Send challenge */
 							cur->challenge  = generate_challenge();
+							pt_log(kLog_debug, "Challenge generated\n");
 							memcpy(cur->buf, cur->challenge, sizeof(challenge_t));
 							queue_packet(icmp_sock, cur->pkt_type, cur->buf,
 							             sizeof(challenge_t), cur->id_no,
author	elnerd <erlend.leiknes@gmail.com>	2019-01-16 20:40:58 +0100
committer	elnerd <erlend.leiknes@gmail.com>	2019-01-16 20:40:58 +0100
commit	bf54c7ed64a17693762a9db4fbaa3765d182a501 (patch)
tree	6127139aee5d3c3b10f70d092a775f7f94774517 /src
parent	d9d7a33d2e2f1627845001b98152cd05b5781ab3 (diff)