PacketEngine: Don't free underlaying stream in packet stream create error

[silc.git] / lib / silccore / silcpacket.c

diff --git a/lib/silccore/silcpacket.c b/lib/silccore/silcpacket.c
index 9a44f87c9f74948fce9202b1fcfc43bbcf6fba14..5ccf822fb16977c29274d82db3679be6883250f8 100644 (file)
--- a/lib/silccore/silcpacket.c
+++ b/lib/silccore/silcpacket.c
@@ -4,7 +4,7 @@
 
   Author: Pekka Riikonen <priikone@silcnet.org>
 
-  Copyright (C) 1997 - 2008 Pekka Riikonen
+  Copyright (C) 1997 - 2009 Pekka Riikonen
 
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -710,6 +710,7 @@ SilcPacketStream silc_packet_stream_create(SilcPacketEngine engine,
   /* Initialize packet procesors list */
   ps->process = silc_dlist_init();
   if (!ps->process) {
+    ps->stream = NULL;
     silc_packet_stream_destroy(ps);
     return NULL;
   }
@@ -722,6 +723,7 @@ SilcPacketStream silc_packet_stream_create(SilcPacketEngine engine,
     ps->sc = silc_calloc(1, sizeof(*ps->sc));
     if (!ps->sc) {
       silc_mutex_unlock(engine->lock);
+      ps->stream = NULL;
       silc_packet_stream_destroy(ps);
       return NULL;
     }
@@ -734,6 +736,7 @@ SilcPacketStream silc_packet_stream_create(SilcPacketEngine engine,
       silc_free(ps->sc);
       ps->sc = NULL;
       silc_mutex_unlock(engine->lock);
+      ps->stream = NULL;
       silc_packet_stream_destroy(ps);
       return NULL;
     }
@@ -745,6 +748,7 @@ SilcPacketStream silc_packet_stream_create(SilcPacketEngine engine,
       silc_free(ps->sc);
       ps->sc = NULL;
       silc_mutex_unlock(engine->lock);
+      ps->stream = NULL;
       silc_packet_stream_destroy(ps);
       return NULL;
     }
@@ -757,6 +761,7 @@ SilcPacketStream silc_packet_stream_create(SilcPacketEngine engine,
       silc_free(ps->sc);
       ps->sc = NULL;
       silc_mutex_unlock(engine->lock);
+      ps->stream = NULL;
       silc_packet_stream_destroy(ps);
       return NULL;
     }
@@ -779,6 +784,7 @@ SilcPacketStream silc_packet_stream_create(SilcPacketEngine engine,
   if (!silc_stream_set_notifier(ps->stream, schedule,
                                silc_packet_stream_io, ps)) {
     SILC_LOG_DEBUG(("Cannot set stream notifier for packet stream"));
+    ps->stream = NULL;
     silc_packet_stream_destroy(ps);
     return NULL;
   }
@@ -1869,6 +1875,14 @@ static inline void silc_packet_receive_ctr_increment(SilcPacketStream stream,
   SILC_LOG_HEXDUMP(("Counter Block"), iv, 16);
 }
 
+/* Return special packet's encrypted length */
+
+static inline int silc_packet_special_len(unsigned char *data)
+{
+  return (((SilcUInt8)data[4] + (SilcUInt8)data[6] +
+          (SilcUInt8)data[7] + SILC_PACKET_HEADER_LEN));
+}
+
 /* Decrypts SILC packet.  Handles both normal and special packet decryption.
    Return 0 when packet is normal and 1 when it it special, -1 on error. */
 
@@ -1898,9 +1912,7 @@ static inline int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac,
       /* Padding length + src id len + dst id len + header length - 16
         bytes already decrypted, gives the rest of the encrypted packet */
       silc_buffer_push(buffer, block_len);
-      len = (((SilcUInt8)buffer->data[4] + (SilcUInt8)buffer->data[6] +
-             (SilcUInt8)buffer->data[7] + SILC_PACKET_HEADER_LEN) -
-            block_len);
+      len = silc_packet_special_len(buffer->data) - block_len;
       silc_buffer_pull(buffer, block_len);
 
       if (silc_unlikely(len > silc_buffer_len(buffer))) {
@@ -2095,7 +2107,7 @@ static void silc_packet_read_process(SilcPacketStream stream)
   SilcCipher cipher;
   SilcHmac hmac;
   SilcPacket packet;
-  SilcUInt8 sid;
+  SilcUInt8 sid, flags, type;
   SilcUInt16 packetlen;
   SilcUInt32 paddedlen, mac_len, block_len, ivlen, psnlen;
   unsigned char tmp[SILC_PACKET_MIN_HEADER_LEN], *header;
@@ -2197,8 +2209,30 @@ static void silc_packet_read_process(SilcPacketStream stream)
     /* Get packet length and full packet length with padding */
     SILC_PACKET_LENGTH(header, packetlen, paddedlen);
 
+    /* Parse packet header */
+    flags = (SilcPacketFlags)header[2];
+    type = (SilcPacketType)header[3];
+
+    if (stream->sc->engine->local_is_router) {
+      if (type == SILC_PACKET_PRIVATE_MESSAGE &&
+         (flags & SILC_PACKET_FLAG_PRIVMSG_KEY))
+       normal = FALSE;
+      else if (type != SILC_PACKET_CHANNEL_MESSAGE ||
+              (type == SILC_PACKET_CHANNEL_MESSAGE &&
+               stream->is_router == TRUE))
+       normal = TRUE;
+    } else {
+      if (type == SILC_PACKET_PRIVATE_MESSAGE &&
+         (flags & SILC_PACKET_FLAG_PRIVMSG_KEY))
+       normal = FALSE;
+      else if (type != SILC_PACKET_CHANNEL_MESSAGE)
+       normal = TRUE;
+    }
+
     /* Padding sanity checks */
-    if (cipher && (paddedlen % block_len) != 0) {
+    if (cipher && silc_cipher_get_mode(cipher) != SILC_CIPHER_MODE_CTR &&
+       ((normal && paddedlen % block_len != 0) ||
+        (!normal && silc_packet_special_len(header) % block_len != 0))) {
       SILC_LOG_DEBUG(("Packet length %d not multiple by cipher block length",
                      paddedlen));
       silc_mutex_unlock(stream->lock);
@@ -2252,6 +2286,8 @@ static void silc_packet_read_process(SilcPacketStream stream)
       goto out;
     }
     packet->stream = stream;
+    packet->flags = flags;
+    packet->type = type;
 
     /* Allocate more space to packet buffer, if needed */
     if (silc_unlikely(silc_buffer_truelen(&packet->buffer) < paddedlen)) {
@@ -2268,26 +2304,6 @@ static void silc_packet_read_process(SilcPacketStream stream)
       }
     }
 
-    /* Parse packet header */
-    packet->flags = (SilcPacketFlags)header[2];
-    packet->type = (SilcPacketType)header[3];
-
-    if (stream->sc->engine->local_is_router) {
-      if (packet->type == SILC_PACKET_PRIVATE_MESSAGE &&
-         (packet->flags & SILC_PACKET_FLAG_PRIVMSG_KEY))
-       normal = FALSE;
-      else if (packet->type != SILC_PACKET_CHANNEL_MESSAGE ||
-              (packet->type == SILC_PACKET_CHANNEL_MESSAGE &&
-               stream->is_router == TRUE))
-       normal = TRUE;
-    } else {
-      if (packet->type == SILC_PACKET_PRIVATE_MESSAGE &&
-         (packet->flags & SILC_PACKET_FLAG_PRIVMSG_KEY))
-       normal = FALSE;
-      else if (packet->type != SILC_PACKET_CHANNEL_MESSAGE)
-       normal = TRUE;
-    }
-
     SILC_LOG_HEXDUMP(("Incoming packet (%d) len %d",
                      stream->receive_psn, paddedlen + ivlen + mac_len),
                     inbuf->data, paddedlen + ivlen + mac_len);