X-Git-Url: https://git.distorted.org.uk/~mdw/secnet/blobdiff_plain/a28d65a5e8624c92be4fc3c4a9d8a0d46d92dcc5..b24a72ef9d47c9e51f6efe79b51073d690584aa5:/slip.c

diff --git a/slip.c b/slip.c
index 9e63cb3..17b3c18 100644
--- a/slip.c
+++ b/slip.c
@@ -27,7 +27,6 @@ struct slip {
     bool_t ignoring_packet; /* If this packet was corrupt or overlong,
 			       we ignore everything up to the next END */
     netlink_deliver_fn *netlink_to_tunnel;
-    uint32_t local_address;
 };
 
 /* Generic SLIP mangling code */
@@ -147,8 +146,6 @@ static void slip_init(struct slip *st, struct cloc loc, dict_t *dict,
 	netlink_init(&st->nl,st,loc,dict,
 		     "netlink-userv-ipif",NULL,to_host);
     st->buff=find_cl_if(dict,"buffer",CL_BUFFER,True,"name",loc);
-    st->local_address=string_item_to_ipaddr(
-	dict_find_item(dict,"local-address", True, name, loc),"netlink");
     BUF_ALLOC(st->buff,"slip_init");
     st->pending_esc=False;
     st->ignoring_packet=False;
@@ -213,6 +210,14 @@ static void userv_deliver_to_kernel(void *sst, struct buffer_if *buf)
 {
     struct userv *st=sst;
 
+    if (buf->size > st->slip.nl.mtu) {
+	Message(M_ERR,"%s: packet of size %"PRIu32" exceeds mtu %"PRIu32":"
+		" cannot be injected into kernel, dropped\n",
+		st->slip.nl.name, buf->size, st->slip.nl.mtu);
+	BUF_FREE(buf);
+	return;
+    }
+
     slip_stuff(&st->slip,buf,st->txfd);
 }
 
@@ -289,7 +294,7 @@ static void userv_invoke_userv(struct userv *st)
 
     addrs=safe_malloc(512,"userv_invoke_userv:addrs");
     snprintf(addrs,512,"%s,%s,%d,slip",
-	     ipaddr_to_string(st->slip.local_address),
+	     ipaddr_to_string(st->slip.nl.local_address),
 	     ipaddr_to_string(st->slip.nl.secnet_address),st->slip.nl.mtu);
 
     allnets=ipset_new();