From: Joseph C. Lehner <joseph.c.lehner@gmail.com>
Date: Fri, 18 Nov 2016 15:53:21 +0000 (+0100)
Subject: Fix hangs in nmrp code
X-Git-Tag: v0.9.8~5
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=03ffca3544b4d4e6b4db8a84a27935f87ccd1eac;p=oweals%2Fnmrpflash.git

Fix hangs in nmrp code
---

diff --git a/nmrp.c b/nmrp.c
index 0fb583e..7a3bd7d 100644
--- a/nmrp.c
+++ b/nmrp.c
@@ -144,27 +144,6 @@ static void msg_dump(struct nmrp_msg *msg, int dump_opts)
 
 	remain_len = msg->len - NMRP_HDR_LEN;
 	fprintf(stderr, "%s\n", remain_len ? "" : " (no opts)");
-
-	if (dump_opts) {
-		opt = msg->opts;
-
-		while (remain_len > 0) {
-			len = opt->len;
-			fprintf(stderr, "  opt type=%u, len=%u", opt->type, len);
-			if (len) {
-				for (i = 0; i != len - NMRP_OPT_HDR_LEN; ++i) {
-					if (!(i % 16)) {
-						fprintf(stderr, "\n  ");
-					}
-
-					fprintf(stderr, "%02x ", ((char*)&opt->val)[i] & 0xff);
-				}
-				fprintf(stderr, "\n");
-			}
-			remain_len -= len;
-			opt = NMRP_OPT_NEXT(opt);
-		}
-	}
 }
 
 static void msg_hton(struct nmrp_msg *msg)
@@ -207,7 +186,7 @@ static int msg_ntoh(struct nmrp_msg *msg)
 			opt->type = ntohs(opt->type);
 			opt->len = ntohs(opt->len);
 
-			if (opt->len > NMRP_MAX_OPT_SIZE) {
+			if (!opt->len || opt->len > NMRP_MAX_OPT_SIZE) {
 				break;
 			}
 
@@ -243,6 +222,10 @@ static void *msg_opt_data(struct nmrp_msg *msg, uint16_t type, uint16_t *len)
 			return buf;
 		}
 
+		if (!opt->len) {
+			break;
+		}
+
 		remaining -= opt->len;
 		opt = NMRP_OPT_NEXT(opt);
 	}