From a341a2f479745adb486b153af61958f35f5612b0 Mon Sep 17 00:00:00 2001
From: Bertrand Jacquin <jacquinb@amazon.com>
Date: Wed, 13 Dec 2017 01:29:56 +0000
Subject: [PATCH] MEDIUM: netscaler: do not analyze original IP packet size

Original informations about the client are stored in the CIP encapsulated
IP header, hence there is no need to consider original IP packet length
to determine if data are missing. Instead this change detect missing
data if the remaining buffer is large enough to contain a minimal IP and
TCP header and if the buffer has as much data as CIP is telling.
---
 src/connection.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/connection.c b/src/connection.c
index 8d2fb77be..58bf4a5f8 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -763,7 +763,7 @@ int conn_recv_netscaler_cip(struct connection *conn, int flag)
 
 		hdr_ip4 = (struct ip *)line;
 
-		if (trash.len < (ntohs(hdr_ip4->ip_len) + 20)) {
+		if (trash.len < 40 || trash.len < hdr_len) {
 			/* Fail if buffer length is not large enough to contain
 			 * IPv4 header, TCP header */
 			goto missing;
@@ -793,7 +793,7 @@ int conn_recv_netscaler_cip(struct connection *conn, int flag)
 
 		hdr_ip6 = (struct ip6_hdr *)line;
 
-		if (trash.len < 60) {
+		if (trash.len < 60 || trash.len < hdr_len) {
 			/* Fail if buffer length is not large enough to contain
 			 * IPv6 header, TCP header */
 			goto missing;