From abd12cabccd56f7574548d6d576b772220389b7b Mon Sep 17 00:00:00 2001
From: t3sserakt <t3ss@posteo.de>
Date: Fri, 16 Feb 2018 18:45:25 +0100
Subject: [PATCH] fixed codesonar: 463.634, 1216.1564, 547.830, 1215.1563,
 441.612, 478.650

Signed-off-by: t3sserakt <t3ss@posteo.de>
---
 src/multicast/gnunet-service-multicast.c | 27 ++++++++++++++++++------
 src/multicast/multicast.h                |  5 -----
 2 files changed, 20 insertions(+), 12 deletions(-)

diff --git a/src/multicast/gnunet-service-multicast.c b/src/multicast/gnunet-service-multicast.c
index ab7d1c5a0..66f18da9f 100644
--- a/src/multicast/gnunet-service-multicast.c
+++ b/src/multicast/gnunet-service-multicast.c
@@ -1450,8 +1450,12 @@ check_client_member_join (void *cls,
   uint16_t msg_size = ntohs (msg->header.size);
   struct GNUNET_PeerIdentity *relays = (struct GNUNET_PeerIdentity *) &msg[1];
   uint32_t relay_count = ntohl (msg->relay_count);
-  if (relay_count > MAX_RELAY_COUNT) return GNUNET_SYSERR;
-  uint16_t relay_size = relay_count * sizeof (*relays);
+  if (UINT32_MAX - relay_count > sizeof (*relays)){
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                    "relay_size exceeds UINT32_MAX!");
+      return GNUNET_SYSERR;
+  }
+  uint32_t relay_size = relay_count * sizeof (*relays);
   struct GNUNET_MessageHeader *join_msg = NULL;
   uint16_t join_msg_size = 0;
   if (sizeof (*msg) + relay_size + sizeof (struct GNUNET_MessageHeader)
@@ -1460,11 +1464,19 @@ check_client_member_join (void *cls,
     join_msg = (struct GNUNET_MessageHeader *)
       (((char *) &msg[1]) + relay_size);
     join_msg_size = ntohs (join_msg->size);
+    if (UINT16_MAX - join_msg_size > sizeof (struct MulticastJoinRequestMessage)){
+        GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                    "join_msg_size exceeds UINT16_MAX!");
+        return GNUNET_SYSERR;
+    } 
+  }
+  if (msg_size != (sizeof (*msg) + relay_size + join_msg_size)){
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                    "msg_size does not match real size of message!");
+      return GNUNET_SYSERR;
+  }else{
+      return GNUNET_OK;
   }
-  return
-    msg_size == (sizeof (*msg) + relay_size + join_msg_size)
-    ? GNUNET_OK
-    : GNUNET_SYSERR;
 }
 
 
@@ -1888,6 +1900,7 @@ handle_client_replay_request (void *cls,
     else
     {
       /* FIXME: not yet connected to origin */
+      
       GNUNET_assert (0);
       GNUNET_SERVICE_client_drop (client);
       return;
@@ -1976,7 +1989,7 @@ static int
 check_client_replay_response (void *cls,
                               const struct MulticastReplayResponseMessage *res)
 {
-  const struct GNUNET_MessageHeader *msg = &res->header;
+  const struct GNUNET_MessageHeader *msg;
   if (GNUNET_MULTICAST_REC_OK == res->error_code)
   {
     msg = GNUNET_MQ_extract_nested_mh (res);
diff --git a/src/multicast/multicast.h b/src/multicast/multicast.h
index 8ff6af237..aeb3c0b41 100644
--- a/src/multicast/multicast.h
+++ b/src/multicast/multicast.h
@@ -30,11 +30,6 @@
 #include "platform.h"
 #include "gnunet_multicast_service.h"
 
-/* FIXME: What is a reasonable value here?
- * Should it be in an include file that clients can also see?
- */
-#define MAX_RELAY_COUNT 123
-
 GNUNET_NETWORK_STRUCT_BEGIN
 
 
-- 
2.25.1