diff --git a/core/java/src/net/i2p/data/TunnelId.java b/core/java/src/net/i2p/data/TunnelId.java
index 6c060934864a4fef662993d34c71a415c05dd98b..0d5de2e7320e661e1b6bf3684de1fbaad10ff3f2 100644
--- a/core/java/src/net/i2p/data/TunnelId.java
+++ b/core/java/src/net/i2p/data/TunnelId.java
@@ -27,7 +27,7 @@ import java.io.OutputStream;
public class TunnelId extends DataStructureImpl {
private long _tunnelId;
- public static final long MAX_ID_VALUE = (1L << 32) - 2L;
+ public static final long MAX_ID_VALUE = 0xffffffffL;
public TunnelId() {
_tunnelId = -1;
diff --git a/router/java/src/net/i2p/router/tunnel/TunnelDispatcher.java b/router/java/src/net/i2p/router/tunnel/TunnelDispatcher.java
index 4e80c3657231e7be7e1aa13dd14e06f4355650cf..fbd2bcd0629bbe67fd784a4220863d45185ae10c 100644
--- a/router/java/src/net/i2p/router/tunnel/TunnelDispatcher.java
+++ b/router/java/src/net/i2p/router/tunnel/TunnelDispatcher.java
@@ -396,7 +396,7 @@ public class TunnelDispatcher implements Service {
long rv;
TunnelId tid;
do {
- rv = 1 + _context.random().nextLong(TunnelId.MAX_ID_VALUE - 1);
+ rv = 1 + _context.random().nextLong(TunnelId.MAX_ID_VALUE);
tid = new TunnelId(rv);
} while (_outboundGateways.containsKey(tid));
return rv;
@@ -413,7 +413,7 @@ public class TunnelDispatcher implements Service {
long rv;
TunnelId tid;
do {
- rv = 1 + _context.random().nextLong(TunnelId.MAX_ID_VALUE - 1);
+ rv = 1 + _context.random().nextLong(TunnelId.MAX_ID_VALUE);
tid = new TunnelId(rv);
} while (_participants.containsKey(tid));
return rv;
@@ -430,7 +430,7 @@ public class TunnelDispatcher implements Service {
long rv;
TunnelId tid;
do {
- rv = 1 + _context.random().nextLong(TunnelId.MAX_ID_VALUE - 1);
+ rv = 1 + _context.random().nextLong(TunnelId.MAX_ID_VALUE);
tid = new TunnelId(rv);
} while (_inboundGateways.containsKey(tid));
return rv;
diff --git a/router/java/src/net/i2p/router/tunnel/pool/BuildHandler.java b/router/java/src/net/i2p/router/tunnel/pool/BuildHandler.java
index b70600586fcb631d16e65a87399591f9076dde6a..cd38b64af1aea754f9002d79510bfe14644ada2c 100644
--- a/router/java/src/net/i2p/router/tunnel/pool/BuildHandler.java
+++ b/router/java/src/net/i2p/router/tunnel/pool/BuildHandler.java
@@ -668,6 +668,16 @@ class BuildHandler implements Runnable {
return;
}
+ if (ourId <= 0 || ourId > TunnelId.MAX_ID_VALUE ||
+ nextId <= 0 || nextId > TunnelId.MAX_ID_VALUE) {
+ _context.statManager().addRateData("tunnel.rejectHostile", 1);
+ if (_log.shouldWarn())
+ _log.warn("Dropping build request, bad tunnel ID: " + req);
+ if (from != null)
+ _context.commSystem().mayDisconnect(from);
+ return;
+ }
+
// Loop checks
if ((!isOutEnd) && _context.routerHash().equals(nextPeer)) {
_context.statManager().addRateData("tunnel.rejectHostile", 1);
diff --git a/router/java/src/net/i2p/router/tunnel/pool/BuildRequestor.java b/router/java/src/net/i2p/router/tunnel/pool/BuildRequestor.java
index f9eaad30735f909a125e16e117713482cd037171..0856c5dc215489a7172ff3c39c0604e963edad19 100644
--- a/router/java/src/net/i2p/router/tunnel/pool/BuildRequestor.java
+++ b/router/java/src/net/i2p/router/tunnel/pool/BuildRequestor.java
@@ -95,7 +95,7 @@ abstract class BuildRequestor {
else if (isIB && i == len - 1)
id = ctx.tunnelDispatcher().getNewIBEPID();
else
- id = 1 + ctx.random().nextLong(TunnelId.MAX_ID_VALUE - 1);
+ id = 1 + ctx.random().nextLong(TunnelId.MAX_ID_VALUE);
cfg.getConfig(i).setReceiveTunnelId(DataHelper.toLong(4, id));
}
diff --git a/router/java/test/junit/net/i2p/router/tunnel/FragmentTest.java b/router/java/test/junit/net/i2p/router/tunnel/FragmentTest.java
index ac6b961072cae3fde4f4cd725213f7906fa24d91..4722bcecb23d3cd5c4a1dc60e071dc33d732193a 100644
--- a/router/java/test/junit/net/i2p/router/tunnel/FragmentTest.java
+++ b/router/java/test/junit/net/i2p/router/tunnel/FragmentTest.java
@@ -161,7 +161,7 @@ public class FragmentTest {
_context.random().nextBytes(toRouter.getData());
}
if (includeTunnel)
- toTunnel = new TunnelId(_context.random().nextLong(TunnelId.MAX_ID_VALUE));
+ toTunnel = new TunnelId(1 + _context.random().nextLong(TunnelId.MAX_ID_VALUE));
return new PendingGatewayMessage(m, toRouter, toTunnel);
}