Use stack memory when sending UDP data.

When handling ESP packets, use the real encrypted packet size instead of just contents+signature.
zlogic · Dec 11, 2024 · b03eb9a · b03eb9a
1 parent 753a2d6
commit b03eb9a
Show file tree

Hide file tree

Showing 3 changed files with 162 additions and 174 deletions.
diff --git a/src/ikev2/esp.rs b/src/ikev2/esp.rs
@@ -132,8 +132,8 @@ impl SecurityAssociation {
         data: &'a mut [u8],
         msg_len: usize,
     ) -> Result<&'a [u8], EspError> {
-        if data.len() < msg_len + 8 + self.signature_length {
-            return Err("Not enough data in ESP packet".into());
+        if data.len() < self.encoded_length(msg_len) {
+            return Err("Not enough capacity in ESP packet buffer".into());
         }
         if self.local_seq == u32::MAX {
             return Err("Sequence number overflow".into());