summaryrefslogtreecommitdiffstats
path: root/package/ppp/patches/350-survive_bad_pads_packets.patch
blob: 66c656dc745adf330d4cb84007178ba91974d25e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
--- a/pppd/plugins/rp-pppoe/common.c
+++ b/pppd/plugins/rp-pppoe/common.c
@@ -75,7 +75,9 @@ parsePacket(PPPoEPacket *packet, ParseFu
 	    error("Invalid PPPoE tag length (%u)", tagLen);
 	    return -1;
 	}
-	func(tagType, tagLen, curTag+TAG_HDR_SIZE, extra);
+	if (func(tagType, tagLen, curTag+TAG_HDR_SIZE, extra)) {
+		return -1;
+	}
 	curTag = curTag + TAG_HDR_SIZE + tagLen;
     }
     return 0;
--- a/pppd/plugins/rp-pppoe/discovery.c
+++ b/pppd/plugins/rp-pppoe/discovery.c
@@ -48,7 +48,7 @@ static char const RCSID[] =
 *%DESCRIPTION:
 * If a HostUnique tag is found which matches our PID, sets *extra to 1.
 ***********************************************************************/
-void
+int
 parseForHostUniq(UINT16_t type, UINT16_t len, unsigned char *data,
 		 void *extra)
 {
@@ -60,6 +60,7 @@ parseForHostUniq(UINT16_t type, UINT16_t
 	    *val = 1;
 	}
     }
+    return 0;
 }
 
 /**********************************************************************
@@ -102,7 +103,7 @@ packetIsForMe(PPPoEConnection *conn, PPP
 *%DESCRIPTION:
 * Picks interesting tags out of a PADO packet
 ***********************************************************************/
-void
+int
 parsePADOTags(UINT16_t type, UINT16_t len, unsigned char *data,
 	      void *extra)
 {
@@ -181,6 +182,7 @@ parsePADOTags(UINT16_t type, UINT16_t le
 	}
 	break;
     }
+    return 0;
 }
 
 /**********************************************************************
@@ -195,7 +197,7 @@ parsePADOTags(UINT16_t type, UINT16_t le
 *%DESCRIPTION:
 * Picks interesting tags out of a PADS packet
 ***********************************************************************/
-void
+int
 parsePADSTags(UINT16_t type, UINT16_t len, unsigned char *data,
 	      void *extra)
 {
@@ -205,17 +207,21 @@ parsePADSTags(UINT16_t type, UINT16_t le
 	dbglog("PADS: Service-Name: '%.*s'", (int) len, data);
 	break;
     case TAG_SERVICE_NAME_ERROR:
-	fatal("PADS: Service-Name-Error: %.*s", (int) len, data);
+	error("PADS: Service-Name-Error: %.*s", (int) len, data);
+	return -1;
     case TAG_AC_SYSTEM_ERROR:
-	fatal("PADS: System-Error: %.*s", (int) len, data);
+	error("PADS: System-Error: %.*s", (int) len, data);
+	return -1;
     case TAG_GENERIC_ERROR:
-	fatal("PADS: Generic-Error: %.*s", (int) len, data);
+	error("PADS: Generic-Error: %.*s", (int) len, data);
+	return -1;
     case TAG_RELAY_SESSION_ID:
 	conn->relayId.type = htons(type);
 	conn->relayId.length = htons(len);
 	memcpy(conn->relayId.payload, data, len);
 	break;
     }
+    return 0;
 }
 
 /***********************************************************************
@@ -532,9 +538,11 @@ waitForPADS(PPPoEConnection *conn, int t
 	/* Is it PADS?  */
 	if (packet.code == CODE_PADS) {
 	    /* Parse for goodies */
-	    parsePacket(&packet, parsePADSTags, conn);
-	    conn->discoveryState = STATE_SESSION;
-	    break;
+	    if (!parsePacket(&packet, parsePADSTags, conn))
+	    {
+		conn->discoveryState = STATE_SESSION;
+		break;
+	    }
 	}
     } while (conn->discoveryState != STATE_SESSION);
 
--- a/pppd/plugins/rp-pppoe/pppoe.h
+++ b/pppd/plugins/rp-pppoe/pppoe.h
@@ -238,7 +238,7 @@ typedef struct PPPoETagStruct {
 #define READ_CHUNK 4096
 
 /* Function passed to parsePacket */
-typedef void ParseFunc(UINT16_t type,
+typedef int ParseFunc(UINT16_t type,
 		       UINT16_t len,
 		       unsigned char *data,
 		       void *extra);