diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/buffer.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/src/buffer.c b/src/buffer.c index 61b07e9a..0c776698 100644 --- a/src/buffer.c +++ b/src/buffer.c @@ -526,8 +526,8 @@ uint32_t ssh_buffer_get_data(struct ssh_buffer_struct *buffer, void *data, uint3 * Check for a integer overflow first, then check if not enough data is in * the buffer. */ - if (buffer->pos + len < len || buffer->pos + len > buffer->used) { - return 0; + if (!ssh_buffer_validate_length(buffer, len)) { + return 0; } memcpy(data,buffer->data+buffer->pos,len); buffer->pos+=len; @@ -581,6 +581,24 @@ int ssh_buffer_get_u64(struct ssh_buffer_struct *buffer, uint64_t *data){ } /** + * @brief Valdiates that the given length can be obtained from the buffer. + * + * @param[in] buffer The buffer to read from. + * + * @param[in] len The length to be checked. + * + * @return SSH_OK if the length is valid, SSH_ERROR otherwise. + */ +int ssh_buffer_validate_length(struct ssh_buffer_struct *buffer, size_t len) +{ + if (buffer->pos + len < len || buffer->pos + len > buffer->used) { + return SSH_ERROR; + } + + return SSH_OK; +} + +/** * @internal * * @brief Get a SSH String out of the buffer and adjusts the read pointer. @@ -599,7 +617,7 @@ struct ssh_string_struct *ssh_buffer_get_ssh_string(struct ssh_buffer_struct *bu } hostlen = ntohl(stringlen); /* verify if there is enough space in buffer to get it */ - if (buffer->pos + hostlen < hostlen || buffer->pos + hostlen > buffer->used) { + if (!ssh_buffer_validate_length(buffer, hostlen) { return NULL; /* it is indeed */ } str = ssh_string_new(hostlen); |