fixed buffer bug in CRawSocket::IcmpReceive()

5 years ago · e4d1c8d058
parent e58a99385d
commit e4d1c8d058
3 changed files with 12 additions and 18 deletions
--- a/src/cg3protocol.cpp
+++ b/src/cg3protocol.cpp
@ -340,11 +340,11 @@ void CG3Protocol::ConfigTask(void)

 void CG3Protocol::IcmpTask(void)
 {
-	CBuffer Buffer;
+	uint8_t Buffer[RAW_BUFFER_LENMAX];
 	CIp Ip;
 	int iIcmpType;

-	if ((iIcmpType = m_IcmpRawSocket.IcmpReceive(&Buffer, &Ip, 20)) != -1)
+	if ((iIcmpType = m_IcmpRawSocket.IcmpReceive(Buffer, &Ip, 20)) != -1)
 	{
 		if (iIcmpType == ICMP_DEST_UNREACH)
 		{
--- a/src/crawsocket.cpp
+++ b/src/crawsocket.cpp
@ -56,7 +56,7 @@ bool CRawSocket::Open(uint16 uiProto)
 	int on = 1;

 	// create socket
-	m_Socket = socket(AF_INET,SOCK_RAW,uiProto);
+	m_Socket = socket(AF_INET, SOCK_RAW, uiProto);
 	if ( m_Socket != -1 )
 	{
 		fcntl(m_Socket, F_SETFL, O_NONBLOCK);
@ -80,7 +80,7 @@ void CRawSocket::Close(void)
 ////////////////////////////////////////////////////////////////////////////////////////
 // read

-int CRawSocket::Receive(CBuffer *Buffer, CIp *Ip, int timeout)
+int CRawSocket::Receive(uint8_t *Buffer, CIp *Ip, int timeout)
 {
 	struct sockaddr_in Sin;
 	fd_set FdSet;
@ -91,9 +91,6 @@ int CRawSocket::Receive(CBuffer *Buffer, CIp *Ip, int timeout)
 	// socket valid ?
 	if ( m_Socket != -1 )
 	{
-		// allocate buffer
-		Buffer->resize(UDP_BUFFER_LENMAX);
-
 		// control socket
 		FD_ZERO(&FdSet);
 		FD_SET(m_Socket, &FdSet);
@ -102,16 +99,11 @@ int CRawSocket::Receive(CBuffer *Buffer, CIp *Ip, int timeout)
 		select(m_Socket + 1, &FdSet, 0, 0, &tv);

 		// read
-		iRecvLen = (int)recvfrom(m_Socket,
-								 (void *)Buffer->data(), RAW_BUFFER_LENMAX,
-								 0, (struct sockaddr *)&Sin, &uiFromLen);
+		iRecvLen = (int)recvfrom(m_Socket, Buffer, RAW_BUFFER_LENMAX, 0, (struct sockaddr *)&Sin, &uiFromLen);

 		// handle
 		if ( iRecvLen != -1 )
 		{
-			// adjust buffer size
-			Buffer->resize(iRecvLen);
-
 			// get IP
 			memcpy(Ip->GetPointer(), &Sin, sizeof(struct sockaddr_in));
 		}
@ -125,7 +117,7 @@ int CRawSocket::Receive(CBuffer *Buffer, CIp *Ip, int timeout)

 // ICMP

-int CRawSocket::IcmpReceive(CBuffer *Buffer, CIp *Ip, int timeout)
+int CRawSocket::IcmpReceive(uint8_t *Buffer, CIp *Ip, int timeout)
 {
 	int iIcmpType = -1;
 	int iRecv;
@ -136,7 +128,7 @@ int CRawSocket::IcmpReceive(CBuffer *Buffer, CIp *Ip, int timeout)

 		if (iRecv >= (int)(sizeof(struct ip) + sizeof(struct icmp)))
 		{
-			struct ip *iph = (struct ip *)Buffer->data();
+			struct ip *iph = (struct ip *)Buffer;
 			int iphdrlen = iph->ip_hl * 4;
 			struct icmp *icmph = (struct icmp *)((unsigned char *)iph + iphdrlen);
 			struct ip *remote_iph = (struct ip *)((unsigned char *)icmph + 8);
--- a/src/crawsocket.h
+++ b/src/crawsocket.h
@ -44,7 +44,7 @@
 ////////////////////////////////////////////////////////////////////////////////////////
 // define

-#define RAW_BUFFER_LENMAX       65536
+#define RAW_BUFFER_LENMAX 65536


 ////////////////////////////////////////////////////////////////////////////////////////
@ -72,7 +72,8 @@ public:
 	// For specific protocols, the data content may vary depending on the protocol
 	// Returns the number of received bytes in buffer

-	int Receive(CBuffer *, CIp *, int);
+protected:
+	int Receive(uint8_t *, CIp *, int);

 	// ICMP receive helper
 	// parameters:
@ -82,7 +83,8 @@ public:
 	// return value:
 	//   ICMP type, -1 if nothing was received

-	int IcmpReceive(CBuffer *, CIp *, int);
+public:
+	int IcmpReceive(uint8_t *, CIp *, int);

 	// write
 	// no write support - complexity makes it out of scope for now