From 3eaa054c6832604c6b2b7491b7639466cf9f1820 Mon Sep 17 00:00:00 2001
From: a_filonichev <filonichev@gmail.com>
Date: Fri, 20 Jan 2023 01:38:13 +0200
Subject: [PATCH 1/2] Fix vulnerability with "h.from == 0"

// altered packed with "from == 0" can do Remote Node Administration without permission
---
 src/mesh/RadioLibInterface.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/mesh/RadioLibInterface.cpp b/src/mesh/RadioLibInterface.cpp
index eb17dbe37..e24bd75c0 100644
--- a/src/mesh/RadioLibInterface.cpp
+++ b/src/mesh/RadioLibInterface.cpp
@@ -347,7 +347,11 @@ QueueStatus RadioLibInterface::getQueueStatus()
                 airTime->logAirtime(RX_ALL_LOG, xmitMsec);
             } else {
                 const PacketHeader *h = (PacketHeader *)radiobuf;
-
+                // altered packed with "from == 0" can do Remote Node Administration without permission
+                if (h->from == 0) {
+                    LOG_WARN("ignoring received packet without sender\n");
+                    return;
+                }
                 rxGood++;
 
                 // Note: we deliver _all_ packets to our router (i.e. our interface is intentionally promiscuous).

From a584cac8272e3eef8e2c2218e59d30150a504bce Mon Sep 17 00:00:00 2001
From: a_filonichev <filonichev@gmail.com>
Date: Fri, 20 Jan 2023 23:41:05 +0200
Subject: [PATCH 2/2] fix rxGood counter

---
 src/mesh/RadioLibInterface.cpp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/mesh/RadioLibInterface.cpp b/src/mesh/RadioLibInterface.cpp
index e24bd75c0..5861a01fc 100644
--- a/src/mesh/RadioLibInterface.cpp
+++ b/src/mesh/RadioLibInterface.cpp
@@ -347,13 +347,13 @@ QueueStatus RadioLibInterface::getQueueStatus()
                 airTime->logAirtime(RX_ALL_LOG, xmitMsec);
             } else {
                 const PacketHeader *h = (PacketHeader *)radiobuf;
-                // altered packed with "from == 0" can do Remote Node Administration without permission
+                rxGood++;
+                // altered packet with "from == 0" can do Remote Node Administration without permission
                 if (h->from == 0) {
                     LOG_WARN("ignoring received packet without sender\n");
                     return;
                 }
-                rxGood++;
-
+                
                 // Note: we deliver _all_ packets to our router (i.e. our interface is intentionally promiscuous).
                 // This allows the router and other apps on our node to sniff packets (usually routing) between other
                 // nodes.