subsequent packet-receiver code would fail to notice anything was
wrong and segfault. Since this is clearly a silly packet length
anyway, we now explicitly reject it as a daft encryption error.
git-svn-id: svn://svn.tartarus.org/sgt/putty@1852
cda61777-01e9-0310-a592-
d414129be87e
st->pad = pktin.data[4];
/*
+ * _Completely_ silly lengths should be stomped on before they
+ * do us any more damage.
+ */
+ if (st->len < 0 || st->pad < 0 || st->len + st->pad < 0) {
+ bombout(("Incoming packet was garbled on decryption"));
+ crReturn(0);
+ }
+
+ /*
* This enables us to deduce the payload length.
*/
st->payload = st->len - st->pad - 1;