From a76669c6e9fd0f16ce9ebd8587efe8c5d207bd8e Mon Sep 17 00:00:00 2001 From: Daniel Lenski Date: Tue, 19 May 2020 19:53:42 -0700 Subject: [PATCH] fix PPP header realignment with concatenated packet Signed-off-by: Daniel Lenski --- ppp.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ppp.c b/ppp.c index 9cce4c10..1ec8a16b 100644 --- a/ppp.c +++ b/ppp.c @@ -1134,10 +1134,10 @@ int ppp_mainloop(struct openconnect_info *vpninfo, int *timeout, int readable) ppp->exp_ppp_hdr_size, pp - ph); /* Save it for next time */ ppp->exp_ppp_hdr_size = pp - ph; - /* XX: If PPP header was SMALLER than expected, we could be overwriting data for the - * following concatenated packet, or conceivably moving a huge packet past - * the allocated buffer. */ - memmove(this->data, pp, payload_len); + /* XX: If PPP header was SMALLER than expected, we could + * be moving a huge packet past the allocated buffer. */ + memmove(this->data, pp, payload_len + next_len); + next -= (pp - this->data); } this->len = payload_len; -- 2.50.1