From 72216b33128365037466f357da572a28e0496ca4 Mon Sep 17 00:00:00 2001
From: Etienne Helluy-Lafont <etienne.helluy-lafont@synacktiv.com>
Date: Fri, 20 Jan 2023 11:32:46 +0100
Subject: [PATCH] fix CVE-2022-43634

---
 libatalk/dsi/dsi_write.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libatalk/dsi/dsi_write.c b/libatalk/dsi/dsi_write.c
index fd8fe2c52d..156965fb05 100644
--- a/libatalk/dsi/dsi_write.c
+++ b/libatalk/dsi/dsi_write.c
@@ -23,7 +23,7 @@
 #include <atalk/util.h>
 #include <atalk/logger.h>
 
-size_t dsi_writeinit(DSI *dsi, void *buf, const size_t buflen _U_)
+size_t dsi_writeinit(DSI *dsi, void *buf, const size_t buflen)
 {
     size_t bytes = 0;
     dsi->datasize = ntohl(dsi->header.dsi_len) - dsi->header.dsi_data.dsi_doff;
@@ -31,7 +31,7 @@ size_t dsi_writeinit(DSI *dsi, void *buf, const size_t buflen _U_)
     if (dsi->eof > dsi->start) {
         /* We have data in the buffer */
         bytes = MIN(dsi->eof - dsi->start, dsi->datasize);
-        memmove(buf, dsi->start, bytes);
+        memmove(buf, dsi->start, MIN(buflen, bytes));
         dsi->start += bytes;
         dsi->datasize -= bytes;
         if (dsi->start >= dsi->eof)