diff options
| author | Matej Pristak <matej.pristak@gmail.com> | 2014-03-06 23:10:42 +0100 |
|---|---|---|
| committer | Matej Pristak <matej.pristak@gmail.com> | 2014-03-06 23:10:42 +0100 |
| commit | 7dd4dafae93c8560cb3e2dd78b9806f36f3ee0ca (patch) | |
| tree | 15183e784faf7fdbb441272c444baf1d83fa81a5 | |
| parent | d30ceb11e52efea9536bb048ac2140d923b0a728 (diff) | |
| download | hercules-7dd4dafae93c8560cb3e2dd78b9806f36f3ee0ca.tar.gz hercules-7dd4dafae93c8560cb3e2dd78b9806f36f3ee0ca.tar.bz2 hercules-7dd4dafae93c8560cb3e2dd78b9806f36f3ee0ca.tar.xz hercules-7dd4dafae93c8560cb3e2dd78b9806f36f3ee0ca.zip | |
When working with packets with variable length (defined with -1 length) in HPM,
we are leaving these in stack when the size of packet exceeds declared size due to this line.
This was probably meant as if( packet_declared_size > packet_actual_size ) do_not_parse_it_yet,
but was doing the opposite.
| -rwxr-xr-x[-rw-r--r--] | src/common/HPM.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/common/HPM.c b/src/common/HPM.c index bd2ce93ab..a25a17782 100644..100755 --- a/src/common/HPM.c +++ b/src/common/HPM.c @@ -512,7 +512,7 @@ unsigned char hplugins_parse_packets(int fd, enum HPluginPacketHookingPoints poi short length; if( (length = packet->len) == -1 ) { - if( (length = RFIFOW(fd, 2)) < (int)RFIFOREST(fd) ) + if( (length = RFIFOW(fd, 2)) > (int)RFIFOREST(fd) ) return 2; } |