message: Limit maximum number of IKEv2 fragments
The maximum for IKEv1 is already 255 due to the 8-bit fragment number. With an overhead of 17 bytes (x64) per fragment and a default maximum of 10000 bytes per packet the maximum memory required is 14 kB for a fragmented message.
This commit is contained in:
parent
f00a9c1715
commit
8dbe128c8c
|
@ -930,6 +930,11 @@ struct private_message_t {
|
|||
fragment_data_t *frag;
|
||||
};
|
||||
|
||||
/**
|
||||
* Maximum number of fragments we will handle
|
||||
*/
|
||||
#define MAX_FRAGMENTS 255
|
||||
|
||||
/**
|
||||
* A single fragment within a fragmented message
|
||||
*/
|
||||
|
@ -2779,7 +2784,12 @@ METHOD(message_t, add_fragment_v2, status_t,
|
|||
}
|
||||
encrypted_fragment = (encrypted_fragment_payload_t*)payload;
|
||||
total = encrypted_fragment->get_total_fragments(encrypted_fragment);
|
||||
|
||||
if (total > MAX_FRAGMENTS)
|
||||
{
|
||||
DBG1(DBG_IKE, "maximum fragment count exceeded");
|
||||
reset_defrag(this);
|
||||
return FAILED;
|
||||
}
|
||||
if (!this->fragments || total > this->frag->last)
|
||||
{
|
||||
reset_defrag(this);
|
||||
|
|
Loading…
Reference in New Issue