From e9566de0affabf5401392590cab4bf3d021a5e47 Mon Sep 17 00:00:00 2001
From: Jeremy Lakeman <Jeremy.Lakeman@gmail.com>
Date: Thu, 12 Jul 2012 10:20:13 +0930
Subject: [PATCH] Fix payload length fields

---
 overlay_advertise.c     |  7 +++----
 overlay_buffer.c        |  6 +++++-
 overlay_packetformats.c | 11 ++++++-----
 rhizome_packetformats.c | 17 ++---------------
 serval.h                |  3 +++
 5 files changed, 19 insertions(+), 25 deletions(-)

diff --git a/overlay_advertise.c b/overlay_advertise.c
index 9656738c..c5cb703b 100644
--- a/overlay_advertise.c
+++ b/overlay_advertise.c
@@ -94,9 +94,8 @@ int overlay_route_add_advertisements(overlay_buffer *e)
   if (ob_append_byte(e,OF_TYPE_NODEANNOUNCE))
     return WHY("could not add node advertisement header");
   ob_append_byte(e,1); /* TTL */
-  int rfs_offset=e->length; /* remember where the RFS byte gets stored 
-			       so that we can patch it later */
-  ob_append_byte(e,1+8+1+1+8*slots_used/* RFS */);
+  
+  ob_append_rfs(e,1+8+1+1+8*slots_used);
 
   /* Stuff in dummy address fields */
   ob_append_byte(e,OA_CODE_BROADCAST);
@@ -159,7 +158,7 @@ int overlay_route_add_advertisements(overlay_buffer *e)
       if (oad_bin==bin&&oad_slot==slot) break;
     }
   
-  ob_setbyte(e,rfs_offset,1+8+1+1+8*slots_used);
+  ob_patch_rfs(e,COMPUTE_RFS_LENGTH);
 
   return 0;
 }
diff --git a/overlay_buffer.c b/overlay_buffer.c
index 3b74de34..bcb290f4 100644
--- a/overlay_buffer.c
+++ b/overlay_buffer.c
@@ -215,7 +215,7 @@ int ob_append_rfs(overlay_buffer *b,int l)
   if (l<0||l>0xffff) return -1;
 
   /* First work out how long the field needs to be, then write dummy bytes
-     and use ob_patch_length to set the value.  That way we have only one
+     and use ob_patch_rfs to set the value.  That way we have only one
      lot of code that does the encoding. */
 
   b->var_length_offset=b->length;
@@ -287,6 +287,10 @@ int ob_indel_space(overlay_buffer *b,int offset,int shift)
 
 int ob_patch_rfs(overlay_buffer *b,int l)
 {
+  if (l==COMPUTE_RFS_LENGTH){
+    // assume the payload has been written, we can now calculate the actual length
+    l = b->length - (b->var_length_offset + b->var_length_bytes);
+  }
   if (l<0||l>0xffff) return -1;
 
   /* Adjust size of field */
diff --git a/overlay_packetformats.c b/overlay_packetformats.c
index 173d1a8f..f32a661c 100644
--- a/overlay_packetformats.c
+++ b/overlay_packetformats.c
@@ -174,6 +174,9 @@ int packetOkOverlay(struct overlay_interface *interface,unsigned char *packet, s
 	break;
       }
 
+      if (f.rfs > len - ofs)
+	return WHYF("Payload length %d is too long for the remaining packet buffer %d", f.rfs, len - ofs);
+      
       /* Now extract the next hop address */
       int alen=0;
       int offset=ofs;
@@ -196,11 +199,7 @@ int packetOkOverlay(struct overlay_interface *interface,unsigned char *packet, s
       }
 
       /* Finally process the frame */
-      long long now=overlay_gettime_ms();
       overlay_frame_process(interface,&f);
-      long long elapsed=overlay_gettime_ms()-now;
-      if (0) INFOF("overlay_frame_process (type=%d, len=%d) took %lldms",
-		   f.type,f.bytecount,elapsed);
       
       /* Skip the rest of the bytes in this frame so that we can examine the next one in this
 	 ensemble */
@@ -284,7 +283,7 @@ int overlay_add_selfannouncement(int interface,overlay_buffer *b)
   
   /* Add space for Remaining Frame Size field.  This will always be a single byte
      for self-announcments as they are always <256 bytes. */
-  if (ob_append_byte(b,1+8+1+(send_prefix?(1+7):SID_SIZE)+4+4+1))
+  if (ob_append_rfs(b,1+8+1+(send_prefix?(1+7):SID_SIZE)+4+4+1))
     return WHY("Could not add RFS for self-announcement frame");
 
   /* Add next-hop address.  Always link-local broadcast for self-announcements */
@@ -335,6 +334,8 @@ int overlay_add_selfannouncement(int interface,overlay_buffer *b)
   if (ob_append_byte(b,interface))
     return WHY("Could not add interface number to self-announcement");
 
+  ob_patch_rfs(b, COMPUTE_RFS_LENGTH);
+  
   return 0;
 }
 
diff --git a/rhizome_packetformats.c b/rhizome_packetformats.c
index d96afc7f..f008185f 100644
--- a/rhizome_packetformats.c
+++ b/rhizome_packetformats.c
@@ -109,9 +109,7 @@ int overlay_rhizome_add_advertisements(int interface_number,overlay_buffer *e)
     RETURN(WHY("could not add rhizome bundle advertisement header"));
   ob_append_byte(e, 1); /* TTL (1 byte) */
 
-  int rfs_offset=e->length; /* remember where the RFS byte gets stored 
-			       so that we can patch it later */
-  ob_append_byte(e,1+11+1+2+RHIZOME_BAR_BYTES*slots_used/* RFS */);
+  ob_append_rfs(e,1+11+1+2+RHIZOME_BAR_BYTES*slots_used/* RFS */);
 
   /* Stuff in dummy address fields (11 bytes) */
   ob_append_byte(e,OA_CODE_BROADCAST);
@@ -311,18 +309,7 @@ int overlay_rhizome_add_advertisements(int interface_number,overlay_buffer *e)
   if (statement) sqlite3_finalize(statement); statement=NULL;
   
   if (0&&debug&DEBUG_RHIZOME) DEBUGF("Appended %d rhizome advertisements to packet using %d bytes.",bundles_advertised,bytes_used);
-  int rfs_value=1+11+1+2+bytes_used;
-  if (rfs_value<0xfa)
-    ob_setbyte(e,rfs_offset,rfs_value);
-  else
-    {
-      ob_makespace(e,1);
-      ob_bcopy(e,rfs_offset,rfs_offset+1,
-	    e->length-rfs_offset);
-      ob_setbyte(e,rfs_offset,0xfa+(rfs_value-250)/256);
-      ob_setbyte(e,rfs_offset+1,(rfs_value-250)&0xff);
-      e->length++;
-    }
+  ob_patch_rfs(e, COMPUTE_RFS_LENGTH);
   
   RETURN(0);
 }
diff --git a/serval.h b/serval.h
index 3f836c1d..e1da2cdc 100644
--- a/serval.h
+++ b/serval.h
@@ -967,6 +967,9 @@ int overlay_abbreviate_clear_most_recent_address();
 #define RFS_PLUS1018 0xfd
 #define RFS_PLUS1274 0xfe
 #define RFS_3BYTE 0xff
+
+#define COMPUTE_RFS_LENGTH -1
+
 int rfs_length(int l);
 int rfs_encode(int l,unsigned char *b);
 int rfs_decode(unsigned char *b,int *offset);