Added validation on handshake packet size

dynos01 · Jun 21, 2023 · 59d8719 · 59d8719
1 parent 20ac3c3
commit 59d8719
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/src/protocol.rs b/src/protocol.rs
@@ -75,6 +75,12 @@ pub(crate) fn validate_handshake(packet: &[u8]) -> Result<()> {
         Some(key) => key,
         None => unreachable!(),
     };
+
+    if packet.len() < 16 + 12 { // Reserved + nonce
+        debug!("Handshake packet too small");
+        return Err(Box::new(ProtocolError::AuthenticationError));
+    }
+
     let cipher = ChaCha20Poly1305::new_from_slice(hashed_key)?;
     let packet = &packet[16..]; //Drop reserved 16 bytes for now
     let nonce = GenericArray::clone_from_slice(&packet[..12]);