Hesham/wintun
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revise buffer size calculation to work across 32/64-bit boundary

Browse Source 
Signed-off-by: Simon Rozman <simon@rozman.si>
This commit is contained in:
Simon Rozman 2019-06-10 13:38:33 +02:00
parent c7fbe74d0e
commit 2e744ebde5
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
wintun.c
View File

@ -678,7 +678,7 @@ static NTSTATUS TunWriteFromIrp(_Inout_ TUN_CTX *ctx, _Inout_ IRP *Irp)
{ NULL, NULL, 0 }, { NULL, NULL, 0 },
{ NULL, NULL, 0 } { NULL, NULL, 0 }
}; };
while (b + sizeof(TUN_PACKET) <= b_end) { while (b_end - b >= sizeof(TUN_PACKET)) {
if (nbl_queue[ethtypeidx_ipv4].count + nbl_queue[ethtypeidx_ipv6].count >= MAXLONG) { if (nbl_queue[ethtypeidx_ipv4].count + nbl_queue[ethtypeidx_ipv6].count >= MAXLONG) {
status = STATUS_INVALID_USER_BUFFER; status = STATUS_INVALID_USER_BUFFER;
goto cleanup_nbl_queues; goto cleanup_nbl_queues;
@ -689,8 +689,8 @@ static NTSTATUS TunWriteFromIrp(_Inout_ TUN_CTX *ctx, _Inout_ IRP *Irp)
status = STATUS_INVALID_USER_BUFFER; status = STATUS_INVALID_USER_BUFFER;
goto cleanup_nbl_queues; goto cleanup_nbl_queues;
} }
UINT p_size = TunPacketAlign(sizeof(TUN_PACKET) + p->Size); ptrdiff_t p_size = TunPacketAlign(sizeof(TUN_PACKET) + p->Size);
if (b + p_size > b_end) { if (b_end - b < p_size) {
status = STATUS_INVALID_USER_BUFFER; status = STATUS_INVALID_USER_BUFFER;
goto cleanup_nbl_queues; goto cleanup_nbl_queues;
} }