sasl: Add missing length check

This could otherwise lead to an integer underflow on specially crafted input.

Signed-off-by: Uli Schlachter <psychon@znc.in>
This commit is contained in:
Uli Schlachter
2013-04-20 21:31:35 +02:00
parent b42f57e1e0
commit 1dbdc4f37d
+5
View File
@@ -145,6 +145,11 @@ public:
data += size;
/* Server public key */
if (length < 2) {
DEBUG("sasl: No public key");
return false;
}
size = ntohs(*(uint16_t*)data);
data += 2;
length -= 2;