From e1cf60c56fd3759eb93d130e4d99ecefd831c10d Mon Sep 17 00:00:00 2001
From: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>
Date: Mon, 11 Aug 2008 03:37:40 +0000
Subject: LZO compression buffer overflow errors will now invalidate the packet
 rather than trigger a fatal assertion.

git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3221 e7ae566f-a301-0410-adde-c780ea21d3b5
---
 lzo.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'lzo.c')

diff --git a/lzo.c b/lzo.c
index cdb685a..58bf9f2 100644
--- a/lzo.c
+++ b/lzo.c
@@ -156,7 +156,13 @@ lzo_compress (struct buffer *buf, struct buffer work,
     {
       ASSERT (buf_init (&work, FRAME_HEADROOM (frame)));
       ASSERT (buf_safe (&work, LZO_EXTRA_BUFFER (PAYLOAD_SIZE (frame))));
-      ASSERT (buf->len <= PAYLOAD_SIZE (frame));
+
+      if (!(buf->len <= PAYLOAD_SIZE (frame)))
+	{
+	  dmsg (D_COMP_ERRORS, "LZO compression buffer overflow");
+	  buf->len = 0;
+	  return;
+	}
 
       err = LZO_COMPRESS (BPTR (buf), BLEN (buf), BPTR (&work), &zlen, lzowork->wmem);
       if (err != LZO_E_OK)
-- 
cgit