From: Eric Blossom <eb@comsec.com>
Date: Thu, 20 May 2010 03:27:10 +0000 (-0700)
Subject: Defend against a peer that sends an invalid message length.
X-Git-Url: https://git.gag.com/?p=debian%2Fgnuradio;a=commitdiff_plain;h=4267b714f4276671f718136a1279f681a4231aee

Defend against a peer that sends an invalid message length.
---

diff --git a/gnuradio-core/src/lib/io/gr_udp_source.cc b/gnuradio-core/src/lib/io/gr_udp_source.cc
index f8727c4d..1197a0c4 100755
--- a/gnuradio-core/src/lib/io/gr_udp_source.cc
+++ b/gnuradio-core/src/lib/io/gr_udp_source.cc
@@ -281,6 +281,11 @@ gr_udp_source::work (int noutput_items,
     // This is a non-blocking call with a timeout set in the constructor
     r = recv(d_socket, d_temp_buff, d_payload_size, 0);  // get the entire payload or the what's available
 
+    // If r > 0, round it down to a multiple of d_itemsize 
+    // (If sender is broken, don't propagate problem)
+    if (r > 0)
+      r = (r/d_itemsize) * d_itemsize;
+
     // Check if there was a problem; forget it if the operation just timed out
     if(r == -1) {
       if( is_error(EAGAIN) ) {  // handle non-blocking call timeout