faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ntp: check for extension fields only in NTPv4 packets

Browse source
This commit is contained in:
Miroslav Lichvar 2016-07-20 12:47:38 +02:00
parent d322c8e6e5
commit 8220e51ae4
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
ntp_core.c
View file

@ -1104,12 +1104,13 @@ check_packet_format(NTP_Packet *message, int length)
static int static int
check_packet_auth(NTP_Packet *pkt, int length, int *has_auth, uint32_t *key_id) check_packet_auth(NTP_Packet *pkt, int length, int *has_auth, uint32_t *key_id)
{ {
int i, remainder, ext_length; int i, version, remainder, ext_length;
unsigned char *data; unsigned char *data;
uint32_t id; uint32_t id;
/* Go through extension fields and see if there is a valid MAC */ /* Go through extension fields and see if there is a valid MAC */
version = NTP_LVM_TO_VERSION(pkt->lvm);
i = NTP_NORMAL_PACKET_LENGTH; i = NTP_NORMAL_PACKET_LENGTH;
data = (void *)pkt; data = (void *)pkt;
@ -1131,9 +1132,9 @@ check_packet_auth(NTP_Packet *pkt, int length, int *has_auth, uint32_t *key_id)
} }
} }
/* Check if this is a valid field extension. They consist of 16-bit type, /* Check if this is a valid NTPv4 extension field and skip it. It should
16-bit length of the whole field aligned to 32 bits and data. */ have a 16-bit type, 16-bit length, and data padded to 32 bits. */
if (remainder >= NTP_MIN_EXTENSION_LENGTH) { if (version == 4 && remainder >= NTP_MIN_EXTENSION_LENGTH) {
ext_length = ntohs(*(uint16_t *)(data + i + 2)); ext_length = ntohs(*(uint16_t *)(data + i + 2));
if (ext_length >= NTP_MIN_EXTENSION_LENGTH && if (ext_length >= NTP_MIN_EXTENSION_LENGTH &&
ext_length <= remainder && ext_length % 4 == 0) { ext_length <= remainder && ext_length % 4 == 0) {