Packet engine: moved packet sanity checks after MAC check

[silc.git] / lib / silccore / silcpacket.c

diff --git a/lib/silccore/silcpacket.c b/lib/silccore/silcpacket.c
index 2c01e6dd65fb1886d7723e83b081dff1a82e54e0..8b68c5ed17d00ddca0bb61f4456d9b0e33cc0d5b 100644 (file)
--- a/lib/silccore/silcpacket.c
+++ b/lib/silccore/silcpacket.c
@@ -81,7 +81,7 @@ struct SilcPacketStreamStruct {
   unsigned char *dst_id;                /* Destination ID */
   SilcUInt32 send_psn;                  /* Sending sequence */
   SilcUInt32 receive_psn;               /* Receiving sequence */
-  SilcAtomic8 refcnt;                   /* Reference counter */
+  SilcAtomic32 refcnt;                  /* Reference counter */
   SilcUInt8 sid;                        /* Security ID, set if IV included */
   unsigned int src_id_len  : 6;
   unsigned int src_id_type : 2;
@@ -695,7 +695,7 @@ SilcPacketStream silc_packet_stream_create(SilcPacketEngine engine,
     return NULL;
 
   ps->stream = stream;
-  silc_atomic_init8(&ps->refcnt, 1);
+  silc_atomic_init32(&ps->refcnt, 1);
   silc_mutex_alloc(&ps->lock);
 
   /* Allocate out buffer */
@@ -816,7 +816,7 @@ SilcPacketStream silc_packet_stream_add_remote(SilcPacketStream stream,
     return NULL;
   ps->sc = stream->sc;
 
-  silc_atomic_init8(&ps->refcnt, 1);
+  silc_atomic_init32(&ps->refcnt, 1);
   silc_mutex_alloc(&ps->lock);
 
   /* Set the UDP packet stream as underlaying stream */
@@ -884,7 +884,7 @@ void silc_packet_stream_destroy(SilcPacketStream stream)
   if (!stream)
     return;
 
-  if (silc_atomic_sub_int8(&stream->refcnt, 1) > 0) {
+  if (silc_atomic_sub_int32(&stream->refcnt, 1) > 0) {
     if (stream->destroyed)
       return;
     stream->destroyed = TRUE;
@@ -972,7 +972,7 @@ void silc_packet_stream_destroy(SilcPacketStream stream)
   silc_free(stream->src_id);
   silc_free(stream->dst_id);
 
-  silc_atomic_uninit8(&stream->refcnt);
+  silc_atomic_uninit32(&stream->refcnt);
   silc_mutex_free(stream->lock);
   silc_free(stream);
 }
@@ -1030,6 +1030,7 @@ static SilcBool silc_packet_stream_link_va(SilcPacketStream stream,
     stream->process = silc_dlist_init();
     if (!stream->process) {
       silc_mutex_unlock(stream->lock);
+      silc_free(p);
       return FALSE;
     }
   }
@@ -1153,10 +1154,10 @@ SilcBool silc_packet_get_sender(SilcPacket packet,
 
 void silc_packet_stream_ref(SilcPacketStream stream)
 {
-  silc_atomic_add_int8(&stream->refcnt, 1);
+  silc_atomic_add_int32(&stream->refcnt, 1);
   SILC_LOG_DEBUG(("Stream %p, refcnt %d->%d", stream,
-                 silc_atomic_get_int8(&stream->refcnt) - 1,
-                 silc_atomic_get_int8(&stream->refcnt)));
+                 silc_atomic_get_int32(&stream->refcnt) - 1,
+                 silc_atomic_get_int32(&stream->refcnt)));
 }
 
 /* Unreference packet stream */
@@ -1164,11 +1165,11 @@ void silc_packet_stream_ref(SilcPacketStream stream)
 void silc_packet_stream_unref(SilcPacketStream stream)
 {
   SILC_LOG_DEBUG(("Stream %p, refcnt %d->%d", stream,
-                 silc_atomic_get_int8(&stream->refcnt),
-                 silc_atomic_get_int8(&stream->refcnt) - 1));
-  if (silc_atomic_sub_int8(&stream->refcnt, 1) > 0)
+                 silc_atomic_get_int32(&stream->refcnt),
+                 silc_atomic_get_int32(&stream->refcnt) - 1));
+  if (silc_atomic_sub_int32(&stream->refcnt, 1) > 0)
     return;
-  silc_atomic_add_int8(&stream->refcnt, 1);
+  silc_atomic_add_int32(&stream->refcnt, 1);
   silc_packet_stream_destroy(stream);
 }
 
@@ -1323,6 +1324,7 @@ SilcBool silc_packet_set_ids(SilcPacketStream stream,
 {
   SilcUInt32 len;
   unsigned char tmp[32];
+  void *tmp_id;
 
   if (!src_id && !dst_id)
     return FALSE;
@@ -1332,16 +1334,17 @@ SilcBool silc_packet_set_ids(SilcPacketStream stream,
   if (src_id) {
     SILC_LOG_DEBUG(("Setting source ID to packet stream %p", stream));
 
-    silc_free(stream->src_id);
     if (!silc_id_id2str(src_id, src_id_type, tmp, sizeof(tmp), &len)) {
       silc_mutex_unlock(stream->lock);
       return FALSE;
     }
-    stream->src_id = silc_memdup(tmp, len);
-    if (!stream->src_id) {
+    tmp_id = silc_memdup(tmp, len);
+    if (!tmp_id) {
       silc_mutex_unlock(stream->lock);
       return FALSE;
     }
+    silc_free(stream->src_id);
+    stream->src_id = tmp_id;
     stream->src_id_type = src_id_type;
     stream->src_id_len = len;
   }
@@ -1349,16 +1352,17 @@ SilcBool silc_packet_set_ids(SilcPacketStream stream,
   if (dst_id) {
     SILC_LOG_DEBUG(("Setting destination ID to packet stream %p", stream));
 
-    silc_free(stream->dst_id);
     if (!silc_id_id2str(dst_id, dst_id_type, tmp, sizeof(tmp), &len)) {
       silc_mutex_unlock(stream->lock);
       return FALSE;
     }
-    stream->dst_id = silc_memdup(tmp, len);
-    if (!stream->dst_id) {
+    tmp_id = silc_memdup(tmp, len);
+    if (!tmp_id) {
       silc_mutex_unlock(stream->lock);
       return FALSE;
     }
+    silc_free(stream->dst_id);
+    stream->dst_id = tmp_id;
     stream->dst_id_type = dst_id_type;
     stream->dst_id_len = len;
   }
@@ -2193,17 +2197,6 @@ static void silc_packet_read_process(SilcPacketStream stream)
     /* Get packet length and full packet length with padding */
     SILC_PACKET_LENGTH(header, packetlen, paddedlen);
 
-    /* Sanity checks */
-    if (silc_unlikely(packetlen < SILC_PACKET_MIN_LEN)) {
-      if (!stream->udp && !silc_socket_stream_is_udp(stream->stream, NULL))
-       SILC_LOG_ERROR(("Received too short packet"));
-      silc_mutex_unlock(stream->lock);
-      SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_MALFORMED);
-      silc_mutex_lock(stream->lock);
-      memset(tmp, 0, sizeof(tmp));
-      goto out;
-    }
-
     if (silc_buffer_len(inbuf) < paddedlen + ivlen + mac_len) {
       SILC_LOG_DEBUG(("Received partial packet, waiting for the rest "
                      "(%d bytes)",
@@ -2227,6 +2220,17 @@ static void silc_packet_read_process(SilcPacketStream stream)
       goto out;
     }
 
+    /* Sanity checks */
+    if (silc_unlikely(packetlen < SILC_PACKET_MIN_LEN)) {
+      if (!stream->udp && !silc_socket_stream_is_udp(stream->stream, NULL))
+       SILC_LOG_ERROR(("Received too short packet"));
+      silc_mutex_unlock(stream->lock);
+      SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_MALFORMED);
+      silc_mutex_lock(stream->lock);
+      memset(tmp, 0, sizeof(tmp));
+      goto out;
+    }
+
     /* Get packet */
     packet = silc_packet_alloc(stream->sc->engine);
     if (silc_unlikely(!packet)) {