File 0012-totemudp-u-Drop-truncated-packets-on-receive.patch of Package corosync

diff --git a/exec/totemudp.c b/exec/totemudp.c
index 2f36b5d9..40e99f93 100644
--- a/exec/totemudp.c
+++ b/exec/totemudp.c
@@ -452,6 +452,7 @@ static int net_deliver_fn (
 	struct sockaddr_storage system_from;
 	int bytes_received;
 	int res = 0;
+	int truncated_packet;
 
 	if (instance->flushing == 1) {
 		iovec = &instance->totemudp_iov_recv_flush;
@@ -489,6 +490,31 @@ static int net_deliver_fn (
 		instance->stats_recv += bytes_received;
 	}
 
+	truncated_packet = 0;
+
+#ifdef HAVE_MSGHDR_FLAGS
+	if (msg_recv.msg_flags & MSG_TRUNC) {
+		truncated_packet = 1;
+	}
+#else
+	/*
+	 * We don't have MSGHDR_FLAGS, but we can (hopefully) safely make assumption that
+	 * if bytes_received == FRAME_SIZE_MAX then packet is truncated
+	 */
+	if (bytes_received == FRAME_SIZE_MAX) {
+		truncated_packet = 1;
+	}
+#endif
+
+	if (truncated_packet) {
+		log_printf(instance->totemudp_log_level_error,
+				"Received too big message. This may be because something bad is happening"
+				"on the network (attack?), or you tried join more nodes than corosync is"
+				"compiled with (%u) or bug in the code (bad estimation of "
+				"the FRAME_SIZE_MAX). Dropping packet.", PROCESSOR_COUNT_MAX);
+		return (0);
+	}
+
 	/*
 	 * Authenticate and if authenticated, decrypt datagram
 	 */
diff --git a/exec/totemudpu.c b/exec/totemudpu.c
index 9e076423..569e67a0 100644
--- a/exec/totemudpu.c
+++ b/exec/totemudpu.c
@@ -446,6 +446,7 @@ static int net_deliver_fn (
 	struct sockaddr_storage system_from;
 	int bytes_received;
 	int res = 0;
+	int truncated_packet;
 
 	iovec = &instance->totemudpu_iov_recv;
 
@@ -479,6 +480,31 @@ static int net_deliver_fn (
 		instance->stats_recv += bytes_received;
 	}
 
+	truncated_packet = 0;
+
+#ifdef HAVE_MSGHDR_FLAGS
+	if (msg_recv.msg_flags & MSG_TRUNC) {
+		truncated_packet = 1;
+	}
+#else
+	/*
+	 * We don't have MSGHDR_FLAGS, but we can (hopefully) safely make assumption that
+	 * if bytes_received == FRAME_SIZE_MAX then packet is truncated
+	 */
+	if (bytes_received == FRAME_SIZE_MAX) {
+		truncated_packet = 1;
+	}
+#endif
+
+	if (truncated_packet) {
+		log_printf(instance->totemudpu_log_level_error,
+				"Received too big message. This may be because something bad is happening"
+				"on the network (attack?), or you tried join more nodes than corosync is"
+				"compiled with (%u) or bug in the code (bad estimation of "
+				"the FRAME_SIZE_MAX). Dropping packet.", PROCESSOR_COUNT_MAX);
+		return (0);
+	}
+
 	/*
 	 * Authenticate and if authenticated, decrypt datagram
 	 */
-- 
2.13.6