1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 03:57:43 +00:00

Kernel: Truncate UDP packets on read

When reading UDP packets from userspace with recvmsg()/recv() we
would hit a VERIFY() if the supplied buffer is smaller than the
received UDP packet. Instead we should just return truncated data
to the caller.

This can be reproduced with:

    $ dd if=/dev/zero bs=1k count=1 | nc -u 192.168.3.190 68
This commit is contained in:
Gunnar Beutner 2021-05-06 08:27:51 +02:00 committed by Andreas Kling
parent 928f16d360
commit 9213d1e926

View file

@ -64,10 +64,10 @@ KResultOr<size_t> UDPSocket::protocol_receive(ReadonlyBytes raw_ipv4_packet, Use
auto& ipv4_packet = *(const IPv4Packet*)(raw_ipv4_packet.data());
auto& udp_packet = *static_cast<const UDPPacket*>(ipv4_packet.payload());
VERIFY(udp_packet.length() >= sizeof(UDPPacket)); // FIXME: This should be rejected earlier.
VERIFY(buffer_size >= (udp_packet.length() - sizeof(UDPPacket)));
if (!buffer.write(udp_packet.payload(), udp_packet.length() - sizeof(UDPPacket)))
size_t read_size = min(buffer_size, udp_packet.length() - sizeof(UDPPacket));
if (!buffer.write(udp_packet.payload(), read_size))
return EFAULT;
return udp_packet.length() - sizeof(UDPPacket);
return read_size;
}
KResultOr<size_t> UDPSocket::protocol_send(const UserOrKernelBuffer& data, size_t data_length)