aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim
diff options
context:
space:
mode:
authorMelanie2011-07-27 08:35:19 +0200
committerMelanie2011-07-27 09:12:00 +0100
commitc4ffcd4b7d978ad3a675da0f8ae3f97f027beae8 (patch)
tree4a4f4ce1684d1332fb4b92bb89102f5a3a4f994c /OpenSim
parentFix LLTextBox to work with the updated libOMV (diff)
downloadopensim-SC_OLD-c4ffcd4b7d978ad3a675da0f8ae3f97f027beae8.zip
opensim-SC_OLD-c4ffcd4b7d978ad3a675da0f8ae3f97f027beae8.tar.gz
opensim-SC_OLD-c4ffcd4b7d978ad3a675da0f8ae3f97f027beae8.tar.bz2
opensim-SC_OLD-c4ffcd4b7d978ad3a675da0f8ae3f97f027beae8.tar.xz
Ensure that packet headers get parsed correctly
Diffstat (limited to 'OpenSim')
-rw-r--r--OpenSim/Region/ClientStack/Linden/UDP/LLUDPServer.cs29
1 files changed, 29 insertions, 0 deletions
diff --git a/OpenSim/Region/ClientStack/Linden/UDP/LLUDPServer.cs b/OpenSim/Region/ClientStack/Linden/UDP/LLUDPServer.cs
index aff90c5..f2388cd 100644
--- a/OpenSim/Region/ClientStack/Linden/UDP/LLUDPServer.cs
+++ b/OpenSim/Region/ClientStack/Linden/UDP/LLUDPServer.cs
@@ -160,6 +160,8 @@ namespace OpenSim.Region.ClientStack.LindenUDP
160 160
161 public Socket Server { get { return null; } } 161 public Socket Server { get { return null; } }
162 162
163 private int m_malformedCount = 0; // Guard against a spamming attack
164
163 public LLUDPServer(IPAddress listenIP, ref uint port, int proxyPortOffsetParm, bool allow_alternate_port, IConfigSource configSource, AgentCircuitManager circuitManager) 165 public LLUDPServer(IPAddress listenIP, ref uint port, int proxyPortOffsetParm, bool allow_alternate_port, IConfigSource configSource, AgentCircuitManager circuitManager)
164 : base(listenIP, (int)port) 166 : base(listenIP, (int)port)
165 { 167 {
@@ -612,6 +614,21 @@ namespace OpenSim.Region.ClientStack.LindenUDP
612 614
613 #region Decoding 615 #region Decoding
614 616
617 if (buffer.DataLength < 7)
618 return; // Drop undersizd packet
619
620 int headerLen = 7;
621 if (buffer.Data[6] == 0xFF)
622 {
623 if (buffer.Data[7] == 0xFF)
624 headerLen = 10;
625 else
626 headerLen = 8;
627 }
628
629 if (buffer.DataLength < headerLen)
630 return; // Malformed header
631
615 try 632 try
616 { 633 {
617 packet = Packet.BuildPacket(buffer.Data, ref packetEnd, 634 packet = Packet.BuildPacket(buffer.Data, ref packetEnd,
@@ -621,6 +638,18 @@ namespace OpenSim.Region.ClientStack.LindenUDP
621 catch (MalformedDataException) 638 catch (MalformedDataException)
622 { 639 {
623 } 640 }
641 catch (IndexOutOfRangeException)
642 {
643 return; // Drop short packet
644 }
645 catch(Exception e)
646 {
647 if (m_malformedCount < 100)
648 m_log.DebugFormat("[LLUDPSERVER]: Dropped malformed packet: " + e.ToString());
649 m_malformedCount++;
650 if ((m_malformedCount % 100000) == 0)
651 m_log.DebugFormat("[LLUDPSERVER]: Received {0} malformed packets so far, probable network attack.", m_malformedCount);
652 }
624 653
625 // Fail-safe check 654 // Fail-safe check
626 if (packet == null) 655 if (packet == null)