From 6548b5ce54e3d5ee80fa893c9f212e40add86249 Mon Sep 17 00:00:00 2001
From: "Nicholas J. Kain" <nicholas@kain.us>
Date: Tue, 6 Jan 2015 04:32:58 -0500
Subject: [PATCH] get_raw_packet(): Perform the UDP checksum after the packet
 length checks.

This change makes it easier to verify that there can be no reads
beyond a buffer end by udp_checksum().
---
 src/dhcp.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/dhcp.c b/src/dhcp.c
index 728dac1..37dc9e8 100644
--- a/src/dhcp.c
+++ b/src/dhcp.c
@@ -198,11 +198,6 @@ static ssize_t get_raw_packet(struct client_state_t *cs,
                   client_config.interface);
         return -2;
     }
-    if (packet.udp.check && !udp_checksum(&packet)) {
-        log_error("%s: Packet with bad UDP checksum received.  Ignoring.",
-                  client_config.interface);
-        return -2;
-    }
     if (iphdrlen <= sizeof packet.ip + sizeof packet.udp) {
         log_error("%s: Packet received that is too small (%zu bytes).",
                   iphdrlen);
@@ -214,6 +209,11 @@ static ssize_t get_raw_packet(struct client_state_t *cs,
                   l);
         return -2;
     }
+    if (packet.udp.check && !udp_checksum(&packet)) {
+        log_error("%s: Packet with bad UDP checksum received.  Ignoring.",
+                  client_config.interface);
+        return -2;
+    }
     memcpy(payload, &packet.data, l);
     return l;
 }