# HG changeset patch
# User rubidium
# Date 1168354101 0
# Node ID 7cd91e6e5c7169b799f68745fbf9f58548f26ac5
# Parent  d3cb74db65ff2c1f205bf87e1a4f33a6b3bd90b3
(svn r8000) -Codechange: drop UDP packets when their internal size does not match the received size. If that is the case, the packet was not received in one piece (or got somehow mangled with another packet), which will cause us to drop the packet later on because we are (for example) trying to read beyond the end of the packet.

diff -r d3cb74db65ff -r 7cd91e6e5c71 src/network/core/udp.c
--- a/src/network/core/udp.c	Tue Jan 09 07:24:35 2007 +0000
+++ b/src/network/core/udp.c	Tue Jan 09 14:48:21 2007 +0000
@@ -116,11 +116,19 @@
 	/* Try to receive anything */
 	nbytes = recvfrom(udp, p.buffer, packet_len, 0, (struct sockaddr *)&client_addr, &client_len);
 
-	/* We got some bytes for the base header of the packet.
-	 * Assume we received the whole packet. */
+	/* We got some bytes for the base header of the packet. */
 	if (nbytes > 2) {
 		NetworkRecv_ReadPacketSize(&p);
 
+		/* If the size does not match the packet must be corrupted.
+		 * Otherwise it will be marked as corrupted later on. */
+		if (nbytes != p.size) {
+			DEBUG(net, 1, "received a packet with mismatching size from %s:%d",
+					inet_ntoa(client_addr.sin_addr), ntohs(client_addr.sin_port));
+
+			return;
+		}
+
 		/* Put the position on the right place */
 		p.pos = 2;
 		p.next = NULL;