• Gerrit Renker's avatar
    dccp: Silently ignore options with nonsensical lengths · 1efa6bba
    Gerrit Renker authored
    This updates the option-parsing code with regard to RFC 4340, 5.8:
     "[..] options with nonsensical lengths (length byte less than two or more
      than the remaining space in the options portion of the header) MUST be
      ignored, and any option space following an option with nonsensical length
      MUST likewise be ignored."
    
    Hence in the following cases erratic options will be ignored:
     1. The type byte of a multi-byte option is the last byte of the header
        options (i.e. effective option length of 1).
     2. The value of the length byte is less than the minimum 2. This has been 
        changed from previously 3: although no multi-byte option with a length
        less than 3 yet exists (cf. table 3 in 5.8), a length of 2 is valid.
        (The switch-statement in dccp_parse has further per-option length checks.)
     3. The option length exceeds the length of the remaining option space.
    Signed-off-by: default avatarGerrit Renker <gerrit@erg.abdn.ac.uk>
    1efa6bba
options.c 16.3 KB