From a28d65a5e8624c92be4fc3c4a9d8a0d46d92dcc5 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Thu, 25 Jul 2013 18:30:54 +0100
Subject: [PATCH] slip: Buffer management (max_start_pad) fixes

Nothing in slip.c calls buffer_init for the first packet.  We don't
normally notice this because userv-ipif _both_ prints a confirmation
END byte right away, _and_ bookends packets with ENDs.

But this should be fixed.  Otherwise we fail an assertion when we try
to prepend things to the first data packet.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
 netlink.c | 4 +++-
 slip.c    | 7 +++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/netlink.c b/netlink.c
index 173d412..bc70757 100644
--- a/netlink.c
+++ b/netlink.c
@@ -603,11 +603,13 @@ static void netlink_incoming(struct netlink *st, struct netlink_client *client,
     uint32_t source,dest;
     struct iphdr *iph;
     char errmsgbuf[50];
+    const char *sourcedesc=client?client->name:"host";
 
     BUF_ASSERT_USED(buf);
+
     if (!netlink_check(st,buf,errmsgbuf,sizeof(errmsgbuf))) {
 	Message(M_WARNING,"%s: bad IP packet from %s: %s\n",
-		st->name,client?client->name:"host",
+		st->name,sourcedesc,
 		errmsgbuf);
 	BUF_FREE(buf);
 	return;
diff --git a/slip.c b/slip.c
index 5eb8dbd..9e63cb3 100644
--- a/slip.c
+++ b/slip.c
@@ -79,6 +79,9 @@ static void slip_unstuff(struct slip *st, uint8_t *buf, uint32_t l)
 	int outputchr;
 	enum { OUTPUT_END = 256, OUTPUT_NOTHING = 257 };
 
+	if (!st->buff->size)
+	    buffer_init(st->buff,calculate_max_start_pad());
+
 	if (st->pending_esc) {
 	    st->pending_esc=False;
 	    switch(buf[i]) {
@@ -115,7 +118,7 @@ static void slip_unstuff(struct slip *st, uint8_t *buf, uint32_t l)
 	if (st->ignoring_packet) {
 	    if (outputchr == OUTPUT_END) {
 		st->ignoring_packet=False;
-		buffer_init(st->buff,calculate_max_start_pad());
+		st->buff->size=0;
 	    }
 	} else {
 	    if (outputchr == OUTPUT_END) {
@@ -123,7 +126,7 @@ static void slip_unstuff(struct slip *st, uint8_t *buf, uint32_t l)
 		    st->netlink_to_tunnel(&st->nl,st->buff);
 		    BUF_ALLOC(st->buff,"userv_afterpoll");
 		}
-		buffer_init(st->buff,calculate_max_start_pad());
+		st->buff->size=0;
 	    } else if (outputchr != OUTPUT_NOTHING) {
 		if (st->buff->size < st->buff->len) {
 		    buf_append_uint8(st->buff,outputchr);
-- 
2.30.2