unsigned char *dst_id; /* Destination ID */
SilcUInt32 send_psn; /* Sending sequence */
SilcUInt32 receive_psn; /* Receiving sequence */
- SilcAtomic8 refcnt; /* Reference counter */
+ SilcAtomic32 refcnt; /* Reference counter */
SilcUInt8 sid; /* Security ID, set if IV included */
unsigned int src_id_len : 6;
unsigned int src_id_type : 2;
return NULL;
ps->stream = stream;
- silc_atomic_init8(&ps->refcnt, 1);
+ silc_atomic_init32(&ps->refcnt, 1);
silc_mutex_alloc(&ps->lock);
/* Allocate out buffer */
return NULL;
ps->sc = stream->sc;
- silc_atomic_init8(&ps->refcnt, 1);
+ silc_atomic_init32(&ps->refcnt, 1);
silc_mutex_alloc(&ps->lock);
/* Set the UDP packet stream as underlaying stream */
if (!stream)
return;
- if (silc_atomic_sub_int8(&stream->refcnt, 1) > 0) {
+ if (silc_atomic_sub_int32(&stream->refcnt, 1) > 0) {
if (stream->destroyed)
return;
stream->destroyed = TRUE;
silc_free(stream->src_id);
silc_free(stream->dst_id);
- silc_atomic_uninit8(&stream->refcnt);
+ silc_atomic_uninit32(&stream->refcnt);
silc_mutex_free(stream->lock);
silc_free(stream);
}
stream->process = silc_dlist_init();
if (!stream->process) {
silc_mutex_unlock(stream->lock);
+ silc_free(p);
return FALSE;
}
}
void silc_packet_stream_ref(SilcPacketStream stream)
{
- silc_atomic_add_int8(&stream->refcnt, 1);
+ silc_atomic_add_int32(&stream->refcnt, 1);
SILC_LOG_DEBUG(("Stream %p, refcnt %d->%d", stream,
- silc_atomic_get_int8(&stream->refcnt) - 1,
- silc_atomic_get_int8(&stream->refcnt)));
+ silc_atomic_get_int32(&stream->refcnt) - 1,
+ silc_atomic_get_int32(&stream->refcnt)));
}
/* Unreference packet stream */
void silc_packet_stream_unref(SilcPacketStream stream)
{
SILC_LOG_DEBUG(("Stream %p, refcnt %d->%d", stream,
- silc_atomic_get_int8(&stream->refcnt),
- silc_atomic_get_int8(&stream->refcnt) - 1));
- if (silc_atomic_sub_int8(&stream->refcnt, 1) > 0)
+ silc_atomic_get_int32(&stream->refcnt),
+ silc_atomic_get_int32(&stream->refcnt) - 1));
+ if (silc_atomic_sub_int32(&stream->refcnt, 1) > 0)
return;
- silc_atomic_add_int8(&stream->refcnt, 1);
+ silc_atomic_add_int32(&stream->refcnt, 1);
silc_packet_stream_destroy(stream);
}
{
SilcUInt32 len;
unsigned char tmp[32];
+ void *tmp_id;
if (!src_id && !dst_id)
return FALSE;
if (src_id) {
SILC_LOG_DEBUG(("Setting source ID to packet stream %p", stream));
- silc_free(stream->src_id);
if (!silc_id_id2str(src_id, src_id_type, tmp, sizeof(tmp), &len)) {
silc_mutex_unlock(stream->lock);
return FALSE;
}
- stream->src_id = silc_memdup(tmp, len);
- if (!stream->src_id) {
+ tmp_id = silc_memdup(tmp, len);
+ if (!tmp_id) {
silc_mutex_unlock(stream->lock);
return FALSE;
}
+ silc_free(stream->src_id);
+ stream->src_id = tmp_id;
stream->src_id_type = src_id_type;
stream->src_id_len = len;
}
if (dst_id) {
SILC_LOG_DEBUG(("Setting destination ID to packet stream %p", stream));
- silc_free(stream->dst_id);
if (!silc_id_id2str(dst_id, dst_id_type, tmp, sizeof(tmp), &len)) {
silc_mutex_unlock(stream->lock);
return FALSE;
}
- stream->dst_id = silc_memdup(tmp, len);
- if (!stream->dst_id) {
+ tmp_id = silc_memdup(tmp, len);
+ if (!tmp_id) {
silc_mutex_unlock(stream->lock);
return FALSE;
}
+ silc_free(stream->dst_id);
+ stream->dst_id = tmp_id;
stream->dst_id_type = dst_id_type;
stream->dst_id_len = len;
}
/* Get packet length and full packet length with padding */
SILC_PACKET_LENGTH(header, packetlen, paddedlen);
- /* Sanity checks */
- if (silc_unlikely(packetlen < SILC_PACKET_MIN_LEN)) {
- if (!stream->udp && !silc_socket_stream_is_udp(stream->stream, NULL))
- SILC_LOG_ERROR(("Received too short packet"));
+ /* Padding sanity checks */
+ if (cipher && silc_cipher_get_mode(cipher) != SILC_CIPHER_MODE_CTR &&
+ (paddedlen % block_len) != 0) {
+ SILC_LOG_DEBUG(("Packet length %d not multiple by cipher block length",
+ paddedlen));
silc_mutex_unlock(stream->lock);
SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_MALFORMED);
silc_mutex_lock(stream->lock);
goto out;
}
+ /* Sanity checks */
+ if (silc_unlikely(packetlen < SILC_PACKET_MIN_LEN)) {
+ if (!stream->udp && !silc_socket_stream_is_udp(stream->stream, NULL))
+ SILC_LOG_ERROR(("Received too short packet"));
+ silc_mutex_unlock(stream->lock);
+ SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_MALFORMED);
+ silc_mutex_lock(stream->lock);
+ memset(tmp, 0, sizeof(tmp));
+ goto out;
+ }
+
/* Get packet */
packet = silc_packet_alloc(stream->sc->engine);
if (silc_unlikely(!packet)) {