~mdw / sgt / putty / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add an assortment of extra safety checks.
[sgt/putty] / import.c
diff --git a/import.c b/import.c
index bb863d7..ce957bc 100644 (file)
--- a/import.c
+++ b/import.c
@@ -290,7 +290,7 @@ static int ssh2_read_mpint(void *data, int len, struct mpint_pos *ret)
     if (len < 4)
         goto error;
     bytes = GET_32BIT(d);
-    if (len < 4+bytes)
+    if (bytes < 0 || len-4 < bytes)
         goto error;
 
     ret->start = d + 4;
Simon Tatham's PuTTY GUI SSH client; import of svn://svn.tartarus.org/sgt/putty