timoreo/olm
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix bug in bounds check when parsing

Browse source
This commit is contained in:
Mark Haines 2016-05-23 19:37:49 +01:00
parent 182f33f8ae
commit b1c5732fc8
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/message.cpp
View file

@ -133,7 +133,7 @@ static std::uint8_t const * decode(
std::uint8_t const * len_start = pos; std::uint8_t const * len_start = pos;
pos = varint_skip(pos, end); pos = varint_skip(pos, end);
std::size_t len = varint_decode<std::size_t>(len_start, pos); std::size_t len = varint_decode<std::size_t>(len_start, pos);
if (len + pos > end) return end; if (len > std::size_t(end - pos)) return end;
value = pos; value = pos;
value_length = len; value_length = len;
pos += len; pos += len;
@ -154,7 +154,7 @@ static std::uint8_t const * skip_unknown(
std::uint8_t const * len_start = pos; std::uint8_t const * len_start = pos;
pos = varint_skip(pos, end); pos = varint_skip(pos, end);
std::size_t len = varint_decode<std::size_t>(len_start, pos); std::size_t len = varint_decode<std::size_t>(len_start, pos);
if (len + pos > end) return end; if (len > std::size_t(end - pos)) return end;
pos += len; pos += len;
} else { } else {
return end; return end;