connlib: fix incorrect assumption for buffer size that was causing panics (#2663)

There was an incorrect assumption with buffer size that was causing a panic (detected on macos client)
2026-01-27 18:18:55 +00:00 · 2023-11-17 01:13:45 -03:00
parent 54f83f43a3
commit 7528a765fb
1 changed files with 2 additions and 3 deletions
--- a/rust/connlib/tunnel/src/peer.rs
+++ b/rust/connlib/tunnel/src/peer.rs
@@ -19,6 +19,7 @@ use parking_lot::{Mutex, RwLock};
 use pnet_packet::Packet;
 use secrecy::ExposeSecret;

+use crate::MAX_UDP_SIZE;
 use crate::{
    device_channel, ip_packet::MutableIpPacket, resource_table::ResourceTable, PeerConfig,
 };
@@ -225,9 +226,7 @@ where
            TunnResult::WriteToNetwork(packet) => {
                let mut packets = VecDeque::from([Bytes::copy_from_slice(packet)]);

-                // Boringtun requires us to call `decapsulate` repeatedly if it returned `WriteToNetwork`.
-                // However, for the repeated calls, we only need a buffer of at most 148 bytes which we can easily allocate on the stack.
-                let mut buf = [0u8; 148];
+                let mut buf = [0u8; MAX_UDP_SIZE];

                while let TunnResult::WriteToNetwork(packet) =
                    tunnel.decapsulate(None, &[], &mut buf)