Imported Upstream version 0.52
[pkg/netris.git] / inet.c
diff --git a/inet.c b/inet.c
index dbfe7484f0d8b9bb2a65f956ce9afc7e9d979bb5..a8d9a9d9149c9b67e3c05516d1b040f970cad8f1 100644 (file)
--- a/inet.c
+++ b/inet.c
@@ -151,6 +151,9 @@ static MyEventType NetGenFunc(EventGenRec *gen, MyEvent *event)
        memcpy(data, netBuf, sizeof(data));
        type = ntoh2(data[0]);
        size = ntoh2(data[1]);
+       if (size >= sizeof(netBuf))
+               fatal("Received an invalid packet (too large), possibly an attempt\n"
+                         "  to exploit a vulnerability in versions before 0.52 !");
        netBufGoal = size;
        if (netBufSize < netBufGoal)
                return E_none;