ead: message handling fixes

author nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>

Fri, 2 Jan 2009 23:51:57 +0000 (23:51 +0000)

committer nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>

Fri, 2 Jan 2009 23:51:57 +0000 (23:51 +0000)
author nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Fri, 2 Jan 2009 23:51:57 +0000 (23:51 +0000)
committer nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Fri, 2 Jan 2009 23:51:57 +0000 (23:51 +0000)
diff --git a/package/ead/src/ead-client.c b/package/ead/src/ead-client.c

index 111dc8a..14e04c4 100644 (file)
--- a/package/ead/src/ead-client.c
+++ b/package/ead/src/ead-client.c
@@ -143,7 +143,10 @@ static bool
  handle_pong(void)
  {
         struct ead_msg_pong *pong = EAD_DATA(msg, pong);
-       int len = msg->len - sizeof(struct ead_msg_pong);
+       int len = ntohl(msg->len) - sizeof(struct ead_msg_pong);
+
+       if (len <= 0)
+               return false;
  
         pong->name[len] = 0;
         auth_type = ntohs(pong->auth_type);
diff --git a/package/ead/src/ead.c b/package/ead/src/ead.c

index 7367c38..c4d3dd9 100644 (file)
--- a/package/ead/src/ead.c
+++ b/package/ead/src/ead.c
@@ -330,7 +330,7 @@ handle_ping(struct ead_packet *pkt, int len, int *nstate)
  
         msg->len = htonl(sizeof(struct ead_msg_pong) + slen);
         strncpy(pong->name, dev_name, slen);
-       pong->name[len] = 0;
+       pong->name[slen] = 0;
         pong->auth_type = htons(EAD_AUTH_MD5);
  
         return true;
author	nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
	Fri, 2 Jan 2009 23:51:57 +0000 (23:51 +0000)
committer	nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
	Fri, 2 Jan 2009 23:51:57 +0000 (23:51 +0000)
package/ead/src/ead-client.c		patch \| blob \| history
package/ead/src/ead.c		patch \| blob \| history