Re: [Linuxptp-devel] ptp4l wrongly takes padding bytes as TLV?
PTP IEEE 1588 stack for Linux
Brought to you by:
rcochran
Menu
▾
▴
Re: [Linuxptp-devel] ptp4l wrongly takes padding bytes as TLV?
|
From: Vincent Li X <vin...@er...> - 2019-02-01 13:15:31
|
Sorry Miroslav again for missing your msg again in Junk box! How about the combination with the length-check mentioned in my last msg? -----Original Message----- From: Miroslav Lichvar <mli...@re...> Sent: Friday, February 1, 2019 9:19 AM To: Vincent Li X <vin...@er...> Cc: Jiri Benc <jb...@re...>; Richard Cochran <ric...@gm...>; Mats Bergman H <mat...@er...>; Richard Jönsson <ric...@er...>; Lin...@li... Subject: Re: [Linuxptp-devel] ptp4l wrongly takes padding bytes as TLV? On Thu, Jan 31, 2019 at 04:28:30PM +0000, Vincent Li X wrote: > But we still think it's more safe to use header.messageLength instead > of socket count, Msg.c > err = suffix_post_recv(m, cnt - pdulen); ==> > err = suffix_post_recv(m, m->header.messageLength - pdulen); I'm not sure that is more safe. If the field had a large value, it might enable reading of uninitialized data, possibly even past the buffer. A better way is to check the length in each transport specific code and either remove the padding or drop the packet if the transport doesn't allow padding. -- Miroslav Lichvar |
