--- ./slpd/slpd_incoming.c.orig 2014-02-14 14:41:40.468720908 +0000 +++ ./slpd/slpd_incoming.c 2014-02-14 14:49:02.307720126 +0000 @@ -75,6 +75,7 @@ static void IncomingDatagramRead(SLPList socklen_t peeraddrlen = sizeof(struct sockaddr_storage); char addr_str[INET6_ADDRSTRLEN]; sockfd_t sendsock = SLP_INVALID_SOCKET; + int truncate; (void)socklist; @@ -85,6 +86,10 @@ static void IncomingDatagramRead(SLPList { sock->recvbuf->end = sock->recvbuf->start + bytesread; + truncate = G_SlpdProperty.MTU; + if (G_SlpdProperty.oversizedUDP) + truncate = 0; + if (!sock->sendbuf) /* Some of the error handling code expects a sendbuf to be available * to be emptied, so make sure there is at least a minimal buffer @@ -92,7 +97,7 @@ static void IncomingDatagramRead(SLPList sock->sendbuf = SLPBufferAlloc(1); switch (SLPDProcessMessage(&sock->peeraddr, &sock->localaddr, - sock->recvbuf, &sock->sendbuf, 0)) + sock->recvbuf, &sock->sendbuf, 0, truncate)) { case SLP_ERROR_PARSE_ERROR: case SLP_ERROR_VER_NOT_SUPPORTED: @@ -281,7 +286,7 @@ static void IncomingStreamRead(SLPList * */ sock->sendbuf = SLPBufferAlloc(1); switch (SLPDProcessMessage(&sock->peeraddr, - &sock->localaddr, sock->recvbuf, &sock->sendbuf, 0)) + &sock->localaddr, sock->recvbuf, &sock->sendbuf, 0, 0)) { case SLP_ERROR_PARSE_ERROR: case SLP_ERROR_VER_NOT_SUPPORTED: --- ./slpd/slpd_outgoing.c.orig 2014-02-14 14:41:33.205720921 +0000 +++ ./slpd/slpd_outgoing.c 2014-02-14 14:49:31.691720074 +0000 @@ -77,7 +77,7 @@ void OutgoingDatagramRead(SLPList * sock */ sock->sendbuf = SLPBufferAlloc(1); SLPDProcessMessage(&sock->peeraddr, &sock->localaddr, - sock->recvbuf, &sock->sendbuf, &sock->sendlist); + sock->recvbuf, &sock->sendbuf, &sock->sendlist, 0); /* Completely ignore the message */ @@ -267,7 +267,7 @@ void OutgoingStreamRead(SLPList * sockli /* check to see if everything was read */ if (sock->recvbuf->curpos == sock->recvbuf->end) switch (SLPDProcessMessage(&(sock->peeraddr), &(sock->localaddr), - sock->recvbuf, &(sock->sendbuf), 0)) + sock->recvbuf, &(sock->sendbuf), 0, 0)) { case SLP_ERROR_DA_BUSY_NOW: sock->state = STREAM_WRITE_WAIT; --- ./slpd/slpd_process.c.orig 2014-02-14 14:31:18.532722009 +0000 +++ ./slpd/slpd_process.c 2014-02-14 14:39:14.059721168 +0000 @@ -400,7 +400,7 @@ static int ProcessDASrvRqst(SLPMessage * * @internal */ static int ProcessSrvRqst(SLPMessage * message, SLPBuffer * sendbuf, - int errorcode) + int errorcode, int truncate) { int i; SLPUrlEntry * urlentry; @@ -408,11 +408,6 @@ static int ProcessSrvRqst(SLPMessage * m size_t size = 0; SLPBuffer result = *sendbuf; -#ifdef ENABLE_SLPv2_SECURITY - SLPAuthBlock * authblock = 0; - int j; -#endif - /* If errorcode is set, we can not be sure that message is good Go directly to send response code */ @@ -514,32 +509,26 @@ RESPOND: { for (i = 0; i < db->urlcount; i++) { + /* check size limitation */ + if (truncate && size > truncate) + break; + /* urlentry is the url from the db result */ urlentry = db->urlarray[i]; - size += urlentry->urllen + 6; /* 1 byte for reserved */ - /* 2 bytes for lifetime */ - /* 2 bytes for urllen */ - /* 1 byte for authcount */ -#ifdef ENABLE_SLPv2_SECURITY - /* make room to include the authblock that was asked for */ - if (G_SlpdProperty.securityEnabled - && message->body.srvrqst.spistrlen) +#ifdef ENABLE_SLPv1 + if (urlentry->opaque == 0) { - for (j = 0; j < urlentry->authcount; j++) - { - if (SLPCompareString(urlentry->autharray[j].spistrlen, - urlentry->autharray[j].spistr, - message->body.srvrqst.spistrlen, - message->body.srvrqst.spistr) == 0) - { - authblock = &(urlentry->autharray[j]); - size += authblock->length; - break; - } - } + size += urlentry->urllen + 6; /* 1 byte for reserved */ + /* 2 bytes for lifetime */ + /* 2 bytes for urllen */ + /* 1 byte for authcount */ } + else #endif + { + size += urlentry->opaquelen; + } } } @@ -590,6 +579,10 @@ RESPOND: PutUINT16(&result->curpos, db->urlcount); for (i = 0; i < db->urlcount; i++) { + /* check size limitation */ + if (truncate && result->curpos - result->start > truncate) + break; + /* urlentry is the url from the db result */ urlentry = db->urlarray[i]; @@ -1337,7 +1330,7 @@ static int ProcessSAAdvert(SLPMessage * */ int SLPDProcessMessage(struct sockaddr_storage * peerinfo, struct sockaddr_storage * localaddr, SLPBuffer recvbuf, - SLPBuffer * sendbuf, SLPList * psendlist) + SLPBuffer * sendbuf, SLPList * psendlist, int truncate) { SLPHeader header; SLPMessage * message = 0; @@ -1398,7 +1391,7 @@ int SLPDProcessMessage(struct sockaddr_s switch (message->header.functionid) { case SLP_FUNCT_SRVRQST: - errorcode = ProcessSrvRqst(message, sendbuf, errorcode); + errorcode = ProcessSrvRqst(message, sendbuf, errorcode, truncate); break; case SLP_FUNCT_SRVREG: --- ./slpd/slpd_process.h.orig 2014-02-14 14:39:26.340721146 +0000 +++ ./slpd/slpd_process.h 2014-02-14 14:39:38.538721124 +0000 @@ -55,7 +55,7 @@ int CheckAndResizeBuffer(SLPBuffer * sendbuf, SLPBuffer tmp, size_t grow_size); int SLPDProcessMessage(struct sockaddr_storage * peerinfo, struct sockaddr_storage * localaddr, SLPBuffer recvbuf, - SLPBuffer * sendbuf, SLPList * psendlist); + SLPBuffer * sendbuf, SLPList * psendlist, int truncate); #if defined(ENABLE_SLPv1) int SLPDv1ProcessMessage(struct sockaddr_storage * peeraddr, --- ./slpd/slpd_property.c.orig 2014-02-14 14:39:50.229721103 +0000 +++ ./slpd/slpd_property.c 2014-02-14 14:40:54.266720990 +0000 @@ -142,6 +142,7 @@ void SLPDPropertyReinit(void) G_SlpdProperty.securityEnabled = SLPPropertyAsBoolean("net.slp.securityEnabled"); G_SlpdProperty.checkSourceAddr = SLPPropertyAsBoolean("net.slp.checkSourceAddr"); G_SlpdProperty.DAHeartBeat = SLPPropertyAsInteger("net.slp.DAHeartBeat"); + G_SlpdProperty.oversizedUDP = SLPPropertyAsBoolean("net.slp.oversizedUDP"); if (G_SlpdProperty.staleDACheckPeriod > 0) { /* Adjust the heartbeat interval if we need to send it faster for --- ./slpd/slpd_property.h.orig 2014-02-14 14:39:55.205721095 +0000 +++ ./slpd/slpd_property.h 2014-02-14 14:41:11.378720960 +0000 @@ -116,6 +116,7 @@ typedef struct _SLPDProperty int appendLog; int MTU; int useDHCP; + int oversizedUDP; } SLPDProperty; extern SLPDProperty G_SlpdProperty;