Skip to content

Fixes #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
danielinux merged 7 commits into from
Feb 4, 2026
Merged

Fixes #17

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
2f00d54
validate minimum packet length (ethernet header+ ip header, with no o…
gasbytes Feb 4, 2026
6db4754
validate minimum ARP packet length
gasbytes Feb 4, 2026
507b696
validate minimum ICMP packet length
gasbytes Feb 4, 2026
e98b730
validate minimum TCP segment length
gasbytes Feb 4, 2026
7d66090
validate minimum UDP datagram length
gasbytes Feb 4, 2026
3ac8ea7
memchr instead of strchr to respect length of the url
gasbytes Feb 4, 2026
d1162bb
fix mixed declaration
gasbytes Feb 4, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/http/httpd.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -265,7 +265,7 @@ int http_url_encode(char *buf, size_t len, size_t max_len) {
char *p = buf;
char *q = NULL;
while (p < buf + len) {
q = strchr(p, ' ');
q = memchr(p, ' ', len - (size_t)(p - buf));
if (!q) {
break;
}
Expand Down
32 changes: 30 additions & 2 deletions src/wolfip.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1230,8 +1230,16 @@ static void udp_try_recv(struct wolfIP *s, unsigned int if_idx, struct wolfIP_ud
{
struct ipconf *conf = wolfIP_ipconf_at(s, if_idx);
int i;
ip4 local_ip = conf ? conf->ip : IPADDR_ANY;
ip4 dst_ip = ee32(udp->ip.dst);
ip4 local_ip;
ip4 dst_ip;

/* validate minimum UDP datagram length */
if (frame_len < sizeof(struct wolfIP_udp_datagram))
return;

local_ip = conf ? conf->ip : IPADDR_ANY;
dst_ip = ee32(udp->ip.dst);

if (wolfIP_filter_notify_udp(WOLFIP_FILT_RECEIVING, s, if_idx, udp, frame_len) != 0)
return;
for (i = 0; i < MAX_UDPSOCKETS; i++) {
Expand Down Expand Up @@ -1739,6 +1747,11 @@ static void tcp_ack(struct tsocket *t, const struct wolfIP_tcp_seg *tcp)
static void tcp_input(struct wolfIP *S, unsigned int if_idx, struct wolfIP_tcp_seg *tcp, uint32_t frame_len)
{
int i;

/* validate minimum TCP segment length */
if (frame_len < sizeof(struct wolfIP_tcp_seg))
return;

if (wolfIP_filter_notify_tcp(WOLFIP_FILT_RECEIVING, S, if_idx, tcp, frame_len) != 0)
return;
for (i = 0; i < MAX_TCPSOCKETS; i++) {
Expand Down Expand Up @@ -2783,6 +2796,12 @@ static void icmp_input(struct wolfIP *s, unsigned int if_idx, struct wolfIP_ip_p
struct wolfIP_icmp_packet *icmp = (struct wolfIP_icmp_packet *)ip;
uint32_t tmp;
struct wolfIP_ll_dev *ll = wolfIP_ll_at(s, if_idx);

/* validate minimum ICMP packet length */
if (len < sizeof(struct wolfIP_icmp_packet))
return;


if (wolfIP_filter_notify_icmp(WOLFIP_FILT_RECEIVING, s, if_idx, icmp, len) != 0)
return;
if (icmp->type == ICMP_ECHO_REPLY) {
Expand Down Expand Up @@ -3255,6 +3274,11 @@ static void arp_recv(struct wolfIP *s, unsigned int if_idx, void *buf, int len)
struct wolfIP_ll_dev *ll = wolfIP_ll_at(s, if_idx);
struct ipconf *conf;


/* validate minimum ARP packet length */
if (len < (int)sizeof(struct arp_packet))
return;

if (!ll)
return;
conf = wolfIP_ipconf_at(s, if_idx);
Expand Down Expand Up @@ -3365,6 +3389,10 @@ static inline void ip_recv(struct wolfIP *s, unsigned int if_idx, struct wolfIP_
#if WOLFIP_ENABLE_FORWARDING
unsigned int i;
#endif
/* validate minimum packet length
* (ethernet header+ ip header, with no options) */
if (len < sizeof(struct wolfIP_ip_packet))
return;
#if WOLFIP_ENABLE_LOOPBACK
if (!wolfIP_is_loopback_if(if_idx)) {
ip4 dest = ee32(ip->dst);
Expand Down