diff options
| author | Andreas Schneider <asn@cryptomilk.org> | 2015-05-04 16:46:21 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2015-05-04 17:54:01 +0200 |
| commit | 4b9916136dd8a5189856556fbdf21dc3b0f08a27 (patch) | |
| tree | 968f4cf832c9de2268ec932ba62b0c0c9c01c80d /src/sftp.c | |
| parent | 33ecff11dd1572f77fbb197a46f605760ec1ed1b (diff) | |
| download | libssh-4b9916136dd8a5189856556fbdf21dc3b0f08a27.tar.gz libssh-4b9916136dd8a5189856556fbdf21dc3b0f08a27.tar.xz libssh-4b9916136dd8a5189856556fbdf21dc3b0f08a27.zip | |
sftp: Add bound check for size
CID: #1238630
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/sftp.c')
| -rw-r--r-- | src/sftp.c | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -33,6 +33,7 @@ #include <stdio.h> #include <sys/types.h> #include <sys/stat.h> +#include <limits.h> #ifndef _WIN32 #include <netinet/in.h> @@ -353,7 +354,7 @@ sftp_packet sftp_packet_read(sftp_session sftp) { buffer_get_u8(packet->payload, &packet->type); size = ntohl(size); - if (size == 0) { + if (size == 0 || size > UINT_MAX) { return packet; } size--; |