From: psyc://loupsycedyglgamf.onion/~lynX <ircs://psyced.org/youbroketheinternet>
Date: Mon, 12 Feb 2018 01:26:25 +0000 (+0000)
Subject: multicast hotfix: relay_count is coerced from ul to us
X-Git-Tag: v0.11.0pre66~209
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d58a3cdedff02a94f1aba715b6ea75e79156cf36;p=oweals%2Fgnunet.git

multicast hotfix: relay_count is coerced from ul to us
---

diff --git a/src/multicast/gnunet-service-multicast.c b/src/multicast/gnunet-service-multicast.c
index d01227e2c..ab7d1c5a0 100644
--- a/src/multicast/gnunet-service-multicast.c
+++ b/src/multicast/gnunet-service-multicast.c
@@ -1450,6 +1450,7 @@ check_client_member_join (void *cls,
   uint16_t msg_size = ntohs (msg->header.size);
   struct GNUNET_PeerIdentity *relays = (struct GNUNET_PeerIdentity *) &msg[1];
   uint32_t relay_count = ntohl (msg->relay_count);
+  if (relay_count > MAX_RELAY_COUNT) return GNUNET_SYSERR;
   uint16_t relay_size = relay_count * sizeof (*relays);
   struct GNUNET_MessageHeader *join_msg = NULL;
   uint16_t join_msg_size = 0;
diff --git a/src/multicast/multicast.h b/src/multicast/multicast.h
index aeb3c0b41..8ff6af237 100644
--- a/src/multicast/multicast.h
+++ b/src/multicast/multicast.h
@@ -30,6 +30,11 @@
 #include "platform.h"
 #include "gnunet_multicast_service.h"
 
+/* FIXME: What is a reasonable value here?
+ * Should it be in an include file that clients can also see?
+ */
+#define MAX_RELAY_COUNT 123
+
 GNUNET_NETWORK_STRUCT_BEGIN