should discard packet when received AUTH header length < 20 ?
hi all, in src/main/listen.c , auth_socket_recv function, rad_recv_header uses MSG_PEEK flag. in case 0 <= rcode < 20, malfromed request still in the receive queue, should it be cleaned before line 757 ? 751 rcode = rad_recv_header(listener->fd, &src_ipaddr, &src_port, &code ); 752 if (rcode < 0) return 0; 753 754 RAD_STATS_TYPE_INC(listener, total_requests); 755 756 if (rcode < 20) { /* AUTH_HDR_LEN */ 757 RAD_STATS_TYPE_INC(listener, total_malformed_requests); 758 return 0; 759 } here is my patch against branch v2.1.x , does it make sense? thanks Tinggong --- src/main/listen.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/main/listen.c b/src/main/listen.c index 59ff314..855ee9c 100644 --- a/src/main/listen.c +++ b/src/main/listen.c @@ -754,6 +754,7 @@ static int auth_socket_recv(rad_listen_t *listener, RAD_STATS_TYPE_INC(listener, total_requests); if (rcode < 20) { /* AUTH_HDR_LEN */ + rad_recv_discard(listener->fd); RAD_STATS_TYPE_INC(listener, total_malformed_requests); return 0; }
WANG Tinggong wrote:
hi all,
in src/main/listen.c , auth_socket_recv function, rad_recv_header uses MSG_PEEK flag. in case 0 <= rcode < 20, malfromed request still in the receive queue,
No. Read the rest of rad_recv_header(). If the message is too short, it calls recvfrom() to discard the packet.
should it be cleaned before line 757 ?
No. This would discard the *next* packet on the socket, which might be fine! Alan DeKok.
participants (2)
-
Alan DeKok -
WANG Tinggong