Skip to content
Permalink
Browse files Browse the repository at this point in the history
Tweak pointer math to avoid possible integer overflow
  • Loading branch information
zpostfacto committed Sep 3, 2020
1 parent e0c86dc commit d944a10
Showing 1 changed file with 2 additions and 2 deletions.
Expand Up @@ -840,9 +840,9 @@ void CConnectionTransportUDPBase::Received_Data( const uint8 *pPkt, int cbPkt, S
ReportBadUDPPacketFromConnectionPeer( "DataPacket", "Failed to varint decode size of stats blob" );
return;
}
if ( pIn + cbStatsMsgIn > pPktEnd )
if ( cbStatsMsgIn > pPktEnd - pIn )
{
ReportBadUDPPacketFromConnectionPeer( "DataPacket", "stats message size doesn't make sense. Stats message size %d, packet size %d", cbStatsMsgIn, cbPkt );
ReportBadUDPPacketFromConnectionPeer( "DataPacket", "stats message size doesn't make sense. Stats message size %u, packet size %d", cbStatsMsgIn, cbPkt );
return;
}

Expand Down

0 comments on commit d944a10

Please sign in to comment.