We verify that every packet we store in a pool (and every partial packet
we retreive from it) has a length no longer than UINT16_MAX. This
originated in the older packet pool implementation which stored packet
lengths in a uint16_t. Now, that packets are represented by a struct
iovec with its size_t length, this check serves only as a sanity / security
check that we don't have some wildly out of range length due to a bug
elsewhere.
We have may reasons to (slightly) increase this limit in future, so in
preparation, give this quantity an explicit name - PACKET_MAX_LEN.
Signed-off-by: David Gibson <david(a)gibson.dropbear.id.au>
---
packet.c | 4 ++--
packet.h | 3 +++
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/packet.c b/packet.c
index 0330b548..bcac0375 100644
--- a/packet.c
+++ b/packet.c
@@ -83,7 +83,7 @@ void packet_add_do(struct pool *p, size_t len, const char *start,
if (packet_check_range(p, start, len, func, line))
return;
- if (len > UINT16_MAX) {
+ if (len > PACKET_MAX_LEN) {
trace("add packet length %zu, %s:%i", len, func, line);
return;
}
@@ -119,7 +119,7 @@ void *packet_get_do(const struct pool *p, size_t idx, size_t offset,
return NULL;
}
- if (len > UINT16_MAX) {
+ if (len > PACKET_MAX_LEN) {
if (func) {
trace("packet data length %zu, %s:%i",
len, func, line);
diff --git a/packet.h b/packet.h
index bdc07fef..d099f026 100644
--- a/packet.h
+++ b/packet.h
@@ -6,6 +6,9 @@
#ifndef PACKET_H
#define PACKET_H
+/* Maximum size of a single packet stored in pool, including headers */
+#define PACKET_MAX_LEN UINT16_MAX
+
/**
* struct pool - Generic pool of packets stored in a buffer
* @buf: Buffer storing packet descriptors,
--
2.48.1