]> git.saurik.com Git - apple/network_cmds.git/blobdiff - alias/alias.c
projects / apple / network_cmds.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
network_cmds-307.0.1.tar.gz
[apple/network_cmds.git] / alias / alias.c
diff --git a/alias/alias.c b/alias/alias.c
index 53273abe14aa96c3d6a81e800e53f7b121175db3..a9e39c643915d28991633e1d13110d33d03bc955 100644 (file)
--- a/alias/alias.c
+++ b/alias/alias.c
@@ -193,16 +193,22 @@ static void DoMSSClamp(struct tcphdr *tc)
 
     while (optionEnd > option)
     {
-        switch (option[0])
-        {
-            case TCPOPT_EOL:
-                option = optionEnd;
+        /* Bounds checking to avoid infinite loops */
+        if (option[0] == TCPOPT_EOL)
+            break;
+        
+        if (option[0] == TCPOPT_NOP) {
+            ++option;
+            continue;
+        } else {
+            if (optionEnd - option < 2)
                 break;
-
-            case TCPOPT_NOP:
-                ++option;
+            if (option[1] < 2 || option + option[1] >= optionEnd)
                 break;
+       }
 
+        switch (option[0])
+        {
             case TCPOPT_MAXSEG:
                 if (option[1] == 4)
                 {
@@ -212,10 +218,11 @@ static void DoMSSClamp(struct tcphdr *tc)
                     if (packetAliasMSS < mssVal)
                     {
                         int accumulate = mssVal;
-                       int accnetorder = 0 ;
+                        int accnetorder = 0 ;
+                        
                         accumulate -= packetAliasMSS;
                         *mssPtr = htons(packetAliasMSS);
-                       accnetorder = htons(accumulate);
+                        accnetorder = htons(accumulate);
                         ADJUST_CHECKSUM(accnetorder, tc->th_sum);
                     }
 
mirror of network_cmds