new demand-dial method with backup_tty;
[ppp.git] / netbsd-1.1 / slcompress.c
index 2029a13b6b9b5c491233253fa81a9ea9f8175cf4..c46c57f7f14a075a99f5cc9fe6326535ca4fbce2 100644 (file)
@@ -1,4 +1,4 @@
-/*     $Id: slcompress.c,v 1.1 1995/12/11 05:17:11 paulus Exp $        */
+/*     $Id: slcompress.c,v 1.3 1996/05/24 07:04:47 paulus Exp $        */
 
 /*
  * Copyright (c) 1989, 1993, 1994
@@ -45,6 +45,7 @@
 
 #include <sys/param.h>
 #include <sys/mbuf.h>
+#include <sys/systm.h>
 
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
@@ -73,9 +74,14 @@ sl_compress_init(comp, max_state)
        register u_int i;
        register struct cstate *tstate = comp->tstate;
 
-       if (max_state == -1)
+       if (max_state == -1) {
                max_state = MAX_STATES - 1;
-       bzero((char *)comp, sizeof(*comp));
+               bzero((char *)comp, sizeof(*comp));
+       } else {
+               /* Don't reset statistics */
+               bzero((char *)comp->tstate, sizeof(comp->tstate));
+               bzero((char *)comp->rstate, sizeof(comp->rstate));
+       }
        for (i = max_state; i > 0; --i) {
                tstate[i].cs_id = i;
                tstate[i].cs_next = &tstate[i - 1];
@@ -275,19 +281,22 @@ sl_compress_tcp(m, ip, comp, compress_cid)
                 * with it. */
                 goto uncompressed;
 
-       if (deltaS = (u_int16_t)(ntohs(th->th_win) - ntohs(oth->th_win))) {
+       deltaS = (u_int16_t)(ntohs(th->th_win) - ntohs(oth->th_win));
+       if (deltaS) {
                ENCODE(deltaS);
                changes |= NEW_W;
        }
 
-       if (deltaA = ntohl(th->th_ack) - ntohl(oth->th_ack)) {
+       deltaA = ntohl(th->th_ack) - ntohl(oth->th_ack);
+       if (deltaA) {
                if (deltaA > 0xffff)
                        goto uncompressed;
                ENCODE(deltaA);
                changes |= NEW_A;
        }
 
-       if (deltaS = ntohl(th->th_seq) - ntohl(oth->th_seq)) {
+       deltaS = ntohl(th->th_seq) - ntohl(oth->th_seq);
+       if (deltaS) {
                if (deltaS > 0xffff)
                        goto uncompressed;
                ENCODE(deltaS);
@@ -422,10 +431,10 @@ sl_uncompress_tcp(bufp, len, type, comp)
         * header (we assume the packet we were handed has enough space to
         * prepend 128 bytes of header).
         */
-       if ((int)cp & 3) {
+       if ((long)cp & 3) {
                if (len > 0)
-                       (void) ovbcopy(cp, (caddr_t)((int)cp &~ 3), len);
-               cp = (u_char *)((int)cp &~ 3);
+                       (void) ovbcopy(cp, (caddr_t)((long)cp &~ 3), len);
+               cp = (u_char *)((long)cp &~ 3);
        }
        cp -= hlen;
        len += hlen;
@@ -468,9 +477,16 @@ sl_uncompress_tcp_core(buf, buflen, total_len, type, comp, hdrp, hlenp)
                cs = &comp->rstate[comp->last_recv = ip->ip_p];
                comp->flags &=~ SLF_TOSS;
                ip->ip_p = IPPROTO_TCP;
-               hlen = ip->ip_hl;
-               hlen += ((struct tcphdr *)&((int32_t *)ip)[hlen])->th_off;
-               hlen <<= 2;
+               /*
+                * Calculate the size of the TCP/IP header and make sure that
+                * we don't overflow the space we have available for it.
+                */
+               hlen = ip->ip_hl << 2;
+               if (hlen + sizeof(struct tcphdr) > buflen)
+                       goto bad;
+               hlen += ((struct tcphdr *)&((char *)ip)[hlen])->th_off << 2;
+               if (hlen > MAX_HDR || hlen > buflen)
+                       goto bad;
                BCOPY(ip, &cs->cs_ip, hlen);
                cs->cs_hlen = hlen;
                INCR(sls_uncompressedin)