net: don't record/verify UDP sequence numbers if buffer is too small
This causes a bunch of out-of-bounds accesses if you have really small buffer
sizes (i.e. 16 bytes will crash).
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
Signed-off-by: Jens Axboe <axboe@fb.com>
diff --git a/engines/net.c b/engines/net.c
index 7a0fe69..cd19535 100644
--- a/engines/net.c
+++ b/engines/net.c
@@ -484,6 +484,9 @@
{
struct udp_seq *us;
+ if (io_u->xfer_buflen < sizeof(*us))
+ return;
+
us = io_u->xfer_buf + io_u->xfer_buflen - sizeof(*us);
us->magic = cpu_to_le64((uint64_t) FIO_UDP_SEQ_MAGIC);
us->bs = cpu_to_le64((uint64_t) io_u->xfer_buflen);
@@ -496,6 +499,9 @@
struct udp_seq *us;
uint64_t seq;
+ if (io_u->xfer_buflen < sizeof(*us))
+ return;
+
if (nd->seq_off)
return;