summaryrefslogtreecommitdiff
path: root/main/openvpn/src
diff options
context:
space:
mode:
Diffstat (limited to 'main/openvpn/src')
-rw-r--r--main/openvpn/src/openvpn/ssl.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/main/openvpn/src/openvpn/ssl.c b/main/openvpn/src/openvpn/ssl.c
index 94b7b6d9..f79f42d9 100644
--- a/main/openvpn/src/openvpn/ssl.c
+++ b/main/openvpn/src/openvpn/ssl.c
@@ -2826,7 +2826,17 @@ tls_pre_decrypt (struct tls_multi *multi,
opt->flags &= multi->opt.crypto_flags_and;
opt->flags |= multi->opt.crypto_flags_or;
- ASSERT (buf_advance (buf, (op == P_DATA_V2) ? 4 : 1));
+ ASSERT (buf_advance (buf, 1));
+ if (op == P_DATA_V2)
+ {
+ if (buf->len < 4)
+ {
+ msg (D_TLS_ERRORS, "Protocol error: received P_DATA_V2 from %s but length is < 4",
+ print_link_socket_actual (from, &gc));
+ goto error;
+ }
+ ASSERT (buf_advance (buf, 3));
+ }
++ks->n_packets;
ks->n_bytes += buf->len;