From c8843d3391a1b2139255d46a23104ada9a12d207 Mon Sep 17 00:00:00 2001 From: Mattias Andrée Date: Sat, 21 Oct 2017 18:39:42 +0200 Subject: libsbus_receive: check message length to avoid reading outside it MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mattias Andrée --- libsbus.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsbus.c b/libsbus.c index 9b8b9ad..4a913ec 100644 --- a/libsbus.c +++ b/libsbus.c @@ -69,7 +69,7 @@ libsbus_receive(int fd, int flags, char *buf, union libsbus_packet *packet) if (r < 0) return -1; - if (!strncmp(buf, "MSG ", 4)) { + if (r >= 4 && !strncmp(buf, "MSG ", 4)) { p = memchr(buf, '\0', r); if (!*p++) goto unknown; -- cgit v1.2.3-70-g09d2