From d672e0fa1d4502603a064e390fba21691735a6d3 Mon Sep 17 00:00:00 2001
From: Alberto Compagno <acompagn+fdio@cisco.com>
Date: Tue, 8 Oct 2019 12:06:11 +0200
Subject: [HICN-303] Fixed reading size of authentication header which might
 have caused a bufferoverflow

Change-Id: I46ae0539a51c9a2a11d8acfe4146470f2d4fa21d
Signed-off-by: Alberto Compagno <acompagn+fdio@cisco.com>
---
 lib/src/compat.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'lib')

diff --git a/lib/src/compat.c b/lib/src/compat.c
index 633037a0f..38c78d99a 100644
--- a/lib/src/compat.c
+++ b/lib/src/compat.c
@@ -182,8 +182,10 @@ hicn_packet_get_header_length (hicn_format_t format, const hicn_header_t * h,
   int is_ipv4 = _is_ipv4 (format);
   int is_ipv6 = _is_ipv6 (format);
   // The signature payload is expressed as number of 32 bits words
-  *header_length += (is_ah * is_ipv4) * (h->v4ah.ah.payloadlen) << 2;
-  *header_length += (is_ah * is_ipv6) * (h->v6ah.ah.payloadlen) << 2;
+  if (is_ah && is_ipv4)
+    *header_length += (h->v4ah.ah.payloadlen) << 2;
+  else if(is_ah && is_ipv6)
+    *header_length += (h->v6ah.ah.payloadlen) << 2;
 
   return HICN_LIB_ERROR_NONE;
 }
-- 
cgit 1.2.3-korg