MEDIUM: netscaler: do not analyze original IP packet size

Original informations about the client are stored in the CIP encapsulated
IP header, hence there is no need to consider original IP packet length
to determine if data are missing. Instead this change detect missing
data if the remaining buffer is large enough to contain a minimal IP and
TCP header and if the buffer has as much data as CIP is telling.
This commit is contained in:
Bertrand Jacquin 2017-12-13 01:29:56 +00:00 committed by Willy Tarreau
parent 67de5a295c
commit a341a2f479
1 changed files with 2 additions and 2 deletions

View File

@ -763,7 +763,7 @@ int conn_recv_netscaler_cip(struct connection *conn, int flag)
hdr_ip4 = (struct ip *)line; hdr_ip4 = (struct ip *)line;
if (trash.len < (ntohs(hdr_ip4->ip_len) + 20)) { if (trash.len < 40 || trash.len < hdr_len) {
/* Fail if buffer length is not large enough to contain /* Fail if buffer length is not large enough to contain
* IPv4 header, TCP header */ * IPv4 header, TCP header */
goto missing; goto missing;
@ -793,7 +793,7 @@ int conn_recv_netscaler_cip(struct connection *conn, int flag)
hdr_ip6 = (struct ip6_hdr *)line; hdr_ip6 = (struct ip6_hdr *)line;
if (trash.len < 60) { if (trash.len < 60 || trash.len < hdr_len) {
/* Fail if buffer length is not large enough to contain /* Fail if buffer length is not large enough to contain
* IPv6 header, TCP header */ * IPv6 header, TCP header */
goto missing; goto missing;