[Pkg-telepathy-commits] [libnice] 203/265: pseudotcp: Validate option lengths
Simon McVittie
smcv at debian.org
Wed May 14 12:05:08 UTC 2014
This is an automated email from the git hooks/post-receive script.
smcv pushed a commit to branch debian
in repository libnice.
commit 947a9d866a2922544f582b547205f2ecadbdcfdc
Author: Olivier Crête <olivier.crete at collabora.com>
Date: Tue Apr 1 21:41:04 2014 -0400
pseudotcp: Validate option lengths
---
agent/pseudotcp.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/agent/pseudotcp.c b/agent/pseudotcp.c
index 25cc957..3444086 100644
--- a/agent/pseudotcp.c
+++ b/agent/pseudotcp.c
@@ -1782,6 +1782,9 @@ parse_options (PseudoTcpSocket *self, const guint8 *data, guint32 len)
guint8 kind = TCP_OPT_EOL;
guint8 opt_len;
+ if (len < pos + 1)
+ return;
+
kind = data[pos];
pos++;
@@ -1793,11 +1796,16 @@ parse_options (PseudoTcpSocket *self, const guint8 *data, guint32 len)
continue;
}
+ if (len < pos + 1)
+ return;
+
// Length of this option.
- g_assert(len);
opt_len = data[pos];
pos++;
+ if (len < pos + opt_len)
+ return;
+
// Content of this option.
if (opt_len <= len - pos) {
apply_option (self, kind, data + pos, opt_len);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-telepathy/libnice.git
More information about the Pkg-telepathy-commits
mailing list