From 4267b714f4276671f718136a1279f681a4231aee Mon Sep 17 00:00:00 2001
From: Eric Blossom <eb@comsec.com>
Date: Wed, 19 May 2010 20:27:10 -0700
Subject: [PATCH] Defend against a peer that sends an invalid message length.

---
 gnuradio-core/src/lib/io/gr_udp_source.cc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/gnuradio-core/src/lib/io/gr_udp_source.cc b/gnuradio-core/src/lib/io/gr_udp_source.cc
index f8727c4d..1197a0c4 100755
--- a/gnuradio-core/src/lib/io/gr_udp_source.cc
+++ b/gnuradio-core/src/lib/io/gr_udp_source.cc
@@ -281,6 +281,11 @@ gr_udp_source::work (int noutput_items,
     // This is a non-blocking call with a timeout set in the constructor
     r = recv(d_socket, d_temp_buff, d_payload_size, 0);  // get the entire payload or the what's available
 
+    // If r > 0, round it down to a multiple of d_itemsize 
+    // (If sender is broken, don't propagate problem)
+    if (r > 0)
+      r = (r/d_itemsize) * d_itemsize;
+
     // Check if there was a problem; forget it if the operation just timed out
     if(r == -1) {
       if( is_error(EAGAIN) ) {  // handle non-blocking call timeout
-- 
2.30.2