Permalink
Browse files

sasl: Add missing length check

This could otherwise lead to an integer underflow on specially crafted input.

Signed-off-by: Uli Schlachter <psychon@znc.in>
  • Loading branch information...
psychon committed Apr 20, 2013
1 parent b42f57e commit 1dbdc4f37d01b646cb8452ed80c399b18a6af41e
Showing with 5 additions and 0 deletions.
  1. +5 −0 modules/sasl.cpp
View
@@ -145,6 +145,11 @@ class DHCommon {
data += size;
/* Server public key */
+ if (length < 2) {
+ DEBUG("sasl: No public key");
+ return false;
+ }
+
size = ntohs(*(uint16_t*)data);
data += 2;
length -= 2;

0 comments on commit 1dbdc4f

Please sign in to comment.