LZO compression buffer overflow errors will now invalidate

the packet rather than trigger a fatal assertion. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3221 e7ae566f-a301-0410-adde-c780ea21d3b5
author: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> 2008-08-11 03:37:40 +0000
committer: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> 2008-08-11 03:37:40 +0000
commit: e1cf60c56fd3759eb93d130e4d99ecefd831c10d (patch)
tree: 47ce754d85217de84ce01d725bc6378aa6630f3a
parent: c282a2c296f6273a46a4d99b7a9ca83e5293dd42 (diff)
download: openvpn-e1cf60c56fd3759eb93d130e4d99ecefd831c10d.tar.gz
openvpn-e1cf60c56fd3759eb93d130e4d99ecefd831c10d.tar.xz
openvpn-e1cf60c56fd3759eb93d130e4d99ecefd831c10d.zip
1 files changed, 7 insertions, 1 deletions
diff --git a/lzo.c b/lzo.c
index cdb685a..58bf9f2 100644
--- a/lzo.c
+++ b/lzo.c
@@ -156,7 +156,13 @@ lzo_compress (struct buffer *buf, struct buffer work,
     {
       ASSERT (buf_init (&work, FRAME_HEADROOM (frame)));
       ASSERT (buf_safe (&work, LZO_EXTRA_BUFFER (PAYLOAD_SIZE (frame))));
-      ASSERT (buf->len <= PAYLOAD_SIZE (frame));
+
+      if (!(buf->len <= PAYLOAD_SIZE (frame)))
+	{
+	  dmsg (D_COMP_ERRORS, "LZO compression buffer overflow");
+	  buf->len = 0;
+	  return;
+	}
 
       err = LZO_COMPRESS (BPTR (buf), BLEN (buf), BPTR (&work), &zlen, lzowork->wmem);
       if (err != LZO_E_OK)
author	james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>	2008-08-11 03:37:40 +0000
committer	james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>	2008-08-11 03:37:40 +0000
commit	e1cf60c56fd3759eb93d130e4d99ecefd831c10d (patch)
tree	47ce754d85217de84ce01d725bc6378aa6630f3a
parent	c282a2c296f6273a46a4d99b7a9ca83e5293dd42 (diff)
download	openvpn-e1cf60c56fd3759eb93d130e4d99ecefd831c10d.tar.gz openvpn-e1cf60c56fd3759eb93d130e4d99ecefd831c10d.tar.xz openvpn-e1cf60c56fd3759eb93d130e4d99ecefd831c10d.zip