Diff between ab14539c27b6e369e868c9b2227fd92d35511540 and c3d4ca78385dccd5daf49444605a5a8363a6e84b
Changed Files
| File | Additions | Deletions | Status |
| monitor/packet.c | +6 | -0 | modified |
Full Patch
diff --git a/monitor/packet.c b/monitor/packet.c
index 2b58a47..219070e 100644
--- a/monitor/packet.c
+++ b/monitor/packet.c
@@ -10273,6 +10273,12 @@ void packet_ctrl_open(struct timeval *tv, struct ucred *cred, uint16_t index,
flags = get_le32(data + 3);
ident_len = get_u8(data + 7);
+ if (ident_len > size) {
+ print_packet(tv, cred, '*', index, NULL, COLOR_ERROR,
+ "Malformed Control Open packet", NULL, NULL);
+ return;
+ }
+
data += 8;
size -= 8;