Corrupt application data in the beginning instead of the end in UDP proxy

The UDP proxy corrupts application data at the end of the datagram. If
there are multiple DTLS records within the same datagram, this leads
to the wrong message being corrupted. This commit always corrupts the
beginning of the message to prevent this.

Overall, the UDP proxy needs reworking if it is supposed to reliably
support multiple records within a single datagram, because it
determines its actions from the type of the first record in the
current datagram only.
This commit is contained in:
Hanno Becker 2017-05-26 16:55:07 +01:00
parent 1dd62ea811
commit fbb0b701e4

View file

@ -418,9 +418,17 @@ int send_packet( const packet *p, const char *why )
{ {
unsigned char buf[MAX_MSG_SIZE]; unsigned char buf[MAX_MSG_SIZE];
memcpy( buf, p->buf, p->len ); memcpy( buf, p->buf, p->len );
++buf[p->len - 1];
print_packet( p, "corrupted" ); if( p->len <= 13 )
{
mbedtls_printf( " ! can't corrupt empty AD record" );
}
else
{
++buf[13];
print_packet( p, "corrupted" );
}
if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 ) if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 )
{ {
mbedtls_printf( " ! dispatch returned %d\n", ret ); mbedtls_printf( " ! dispatch returned %d\n", ret );