[Git][NTPsec/ntpsec][master] Allow receipt of packets long enough to contain extension fields.

Mon Jan 28 15:39:34 UTC 2019

Eric S. Raymond pushed to branch master at NTPsec / ntpsec


Commits:
4c6c346c by Eric S. Raymond at 2019-01-28T15:38:08Z
Allow receipt of packets long enough to contain extension fields.

- - - - -


2 changed files:

- include/ntp.h
- ntpd/ntp_proto.c


Changes:

=====================================
include/ntp.h
=====================================
@@ -345,7 +345,10 @@ struct peer {
 /* #define	MODE_BCLIENT	6	** broadcast client mode */
 #define	MODE_BCLIENTX	6	/* for pylib/util.py */
 
-#define	LEN_PKT_NOMAC	48 /* min header length */
+#define	LEN_PKT_NOMAC	48	/* min header length */
+
+/* The RFCs carefully avoid specifying this. */
+#define MAX_EXT_LEN	4096	/* maximum length of extension-field data */
 
 /* pythonize-header: start ignoring */
 
@@ -374,6 +377,13 @@ struct peer {
 #define	FLAG_DNS	0x0800u	/* needs DNS lookup */
 #define FLAG_TSTAMP_PPS	0x4cd000u	/* PPS source provides absolute timestamp */
 
+/* The MAC follows any extension fields. */
+/* Its length includes 1 word of keyID. */
+/* MD5 length is 16 bytes => 4+1 */
+/* SHA length is 20 bytes => 5+1 */
+#define MIN_MAC_LEN	(1 * sizeof(uint32_t))	/* crypto_NAK */
+#define	MAX_MAC_LEN	(6 * sizeof(uint32_t))	/* maximum MAC length */
+
 /* This is the new, sane way of representing packets. All fields are
    in host byte order, and the fixed-point time fields are just integers,
    with uints of 2^-16 or 2^-32 seconds as appropriate. */
@@ -418,16 +428,7 @@ struct pkt {
 	l_fp_w	org;		/* originate time stamp */
 	l_fp_w	rec;		/* receive time stamp */
 	l_fp_w	xmt;		/* transmit time stamp */
-
-/* Old style authentication was just appended
- * without the type/length of an extension header. */
-/* Length includes 1 word of keyID */
-/* MD5 length is 16 bytes => 4+1 */
-/* SHA length is 20 bytes => 5+1 */
-#define MIN_MAC_LEN	(1 * sizeof(uint32_t))	/* crypto_NAK */
-#define	MAX_MAC_LEN	(6 * sizeof(uint32_t))	/* MAX of old style */
-
-	uint32_t	exten[(MAX_MAC_LEN) / sizeof(uint32_t)];
+	uint32_t	exten[(MAX_MAC_LEN + MAX_EXT_LEN) / sizeof(uint32_t)];
 } __attribute__ ((aligned));
 
 /* pythonize-header: stop ignoring */


=====================================
ntpd/ntp_proto.c
=====================================
@@ -248,7 +248,13 @@ parse_packet(
 	uint8_t const* recv_buf = rbufp->recv_space.X_recv_buffer;
 
 	if(recv_length < LEN_PKT_NOMAC) {
-		/* Packet is too short to possibly be valid. */
+		/* Data is too short to possibly be a valid packet. */
+		return false;
+	}
+
+	if(recv_length > sizeof(struct pkt)) {
+		/* Data is too long to be punned into the wire-packet struct. */
+		/* If this happens it will be due to too much extension data. */
 		return false;
 	}
 



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/4c6c346cfdcfb17287960548fb9806d008a1f444

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/4c6c346cfdcfb17287960548fb9806d008a1f444
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20190128/49662490/attachment-0001.html>
