From: Daniel Lenski <dlenski@gmail.com>
Date: Wed, 20 May 2020 02:53:42 +0000 (-0700)
Subject: fix PPP header realignment with concatenated packet
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=a76669c6e9fd0f16ce9ebd8587efe8c5d207bd8e;p=users%2Fdwmw2%2Fopenconnect.git

fix PPP header realignment with concatenated packet

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
---

diff --git a/ppp.c b/ppp.c
index 9cce4c10..1ec8a16b 100644
--- a/ppp.c
+++ b/ppp.c
@@ -1134,10 +1134,10 @@ int ppp_mainloop(struct openconnect_info *vpninfo, int *timeout, int readable)
 						     ppp->exp_ppp_hdr_size, pp - ph);
 					/* Save it for next time */
 					ppp->exp_ppp_hdr_size = pp - ph;
-					/* XX: If PPP header was SMALLER than expected, we could be overwriting data for the
-					 * following concatenated packet, or conceivably moving a huge packet past
-					 * the allocated buffer. */
-					memmove(this->data, pp, payload_len);
+					/* XX: If PPP header was SMALLER than expected, we could
+					 * be moving a huge packet past the allocated buffer. */
+					memmove(this->data, pp, payload_len + next_len);
+					next -= (pp - this->data);
 				}
 
 				this->len = payload_len;