Root/package/ppp/patches/350-survive_bad_pads_packets.patch

1--- a/pppd/plugins/rp-pppoe/common.c
2+++ b/pppd/plugins/rp-pppoe/common.c
3@@ -75,7 +75,9 @@ parsePacket(PPPoEPacket *packet, ParseFu
4         error("Invalid PPPoE tag length (%u)", tagLen);
5         return -1;
6     }
7- func(tagType, tagLen, curTag+TAG_HDR_SIZE, extra);
8+ if (func(tagType, tagLen, curTag+TAG_HDR_SIZE, extra)) {
9+ return -1;
10+ }
11     curTag = curTag + TAG_HDR_SIZE + tagLen;
12     }
13     return 0;
14--- a/pppd/plugins/rp-pppoe/discovery.c
15+++ b/pppd/plugins/rp-pppoe/discovery.c
16@@ -48,7 +48,7 @@ static char const RCSID[] =
17 *%DESCRIPTION:
18 * If a HostUnique tag is found which matches our PID, sets *extra to 1.
19 ***********************************************************************/
20-void
21+int
22 parseForHostUniq(UINT16_t type, UINT16_t len, unsigned char *data,
23          void *extra)
24 {
25@@ -60,6 +60,7 @@ parseForHostUniq(UINT16_t type, UINT16_t
26         *val = 1;
27     }
28     }
29+ return 0;
30 }
31 
32 /**********************************************************************
33@@ -102,7 +103,7 @@ packetIsForMe(PPPoEConnection *conn, PPP
34 *%DESCRIPTION:
35 * Picks interesting tags out of a PADO packet
36 ***********************************************************************/
37-void
38+int
39 parsePADOTags(UINT16_t type, UINT16_t len, unsigned char *data,
40           void *extra)
41 {
42@@ -181,6 +182,7 @@ parsePADOTags(UINT16_t type, UINT16_t le
43     }
44     break;
45     }
46+ return 0;
47 }
48 
49 /**********************************************************************
50@@ -195,7 +197,7 @@ parsePADOTags(UINT16_t type, UINT16_t le
51 *%DESCRIPTION:
52 * Picks interesting tags out of a PADS packet
53 ***********************************************************************/
54-void
55+int
56 parsePADSTags(UINT16_t type, UINT16_t len, unsigned char *data,
57           void *extra)
58 {
59@@ -205,17 +207,21 @@ parsePADSTags(UINT16_t type, UINT16_t le
60     dbglog("PADS: Service-Name: '%.*s'", (int) len, data);
61     break;
62     case TAG_SERVICE_NAME_ERROR:
63- fatal("PADS: Service-Name-Error: %.*s", (int) len, data);
64+ error("PADS: Service-Name-Error: %.*s", (int) len, data);
65+ return -1;
66     case TAG_AC_SYSTEM_ERROR:
67- fatal("PADS: System-Error: %.*s", (int) len, data);
68+ error("PADS: System-Error: %.*s", (int) len, data);
69+ return -1;
70     case TAG_GENERIC_ERROR:
71- fatal("PADS: Generic-Error: %.*s", (int) len, data);
72+ error("PADS: Generic-Error: %.*s", (int) len, data);
73+ return -1;
74     case TAG_RELAY_SESSION_ID:
75     conn->relayId.type = htons(type);
76     conn->relayId.length = htons(len);
77     memcpy(conn->relayId.payload, data, len);
78     break;
79     }
80+ return 0;
81 }
82 
83 /***********************************************************************
84@@ -532,9 +538,11 @@ waitForPADS(PPPoEConnection *conn, int t
85     /* Is it PADS? */
86     if (packet.code == CODE_PADS) {
87         /* Parse for goodies */
88- parsePacket(&packet, parsePADSTags, conn);
89- conn->discoveryState = STATE_SESSION;
90- break;
91+ if (!parsePacket(&packet, parsePADSTags, conn))
92+ {
93+ conn->discoveryState = STATE_SESSION;
94+ break;
95+ }
96     }
97     } while (conn->discoveryState != STATE_SESSION);
98 
99--- a/pppd/plugins/rp-pppoe/pppoe.h
100+++ b/pppd/plugins/rp-pppoe/pppoe.h
101@@ -238,7 +238,7 @@ typedef struct PPPoETagStruct {
102 #define READ_CHUNK 4096
103 
104 /* Function passed to parsePacket */
105-typedef void ParseFunc(UINT16_t type,
106+typedef int ParseFunc(UINT16_t type,
107                UINT16_t len,
108                unsigned char *data,
109                void *extra);
110

Archive Download this file

Branches:
backfire
history
master
release_2010-11-17
release_2010-12-14
release_2011-02-23
release_2011-05-28
release_2011-08-27
release_2011-11-13
release_2012-03-18
release_2012-04-09
release_2012-10-11
uclibc_nptl



interactive