Ignore unreasonably-sized replies from servers.

author Carl Hetherington <cth@carlh.net>

Wed, 25 Nov 2020 14:34:49 +0000 (15:34 +0100)

committer Carl Hetherington <cth@carlh.net>

Wed, 25 Nov 2020 14:35:05 +0000 (15:35 +0100)
author Carl Hetherington <cth@carlh.net>
Wed, 25 Nov 2020 14:34:49 +0000 (15:34 +0100)
committer Carl Hetherington <cth@carlh.net>
Wed, 25 Nov 2020 14:35:05 +0000 (15:35 +0100)
diff --git a/src/lib/encode_server_finder.cc b/src/lib/encode_server_finder.cc

index 08559c971d99e1bbe33204ed3698addfa7b234ba..b4dece8f1ca9945e6ccfc7ee27e9c148791b029b 100644 (file)
--- a/src/lib/encode_server_finder.cc
+++ b/src/lib/encode_server_finder.cc
@@ -226,6 +226,11 @@ EncodeServerFinder::handle_accept (boost::system::error_code ec, shared_ptr<Sock
         socket->read (reinterpret_cast<uint8_t*> (&length), sizeof (uint32_t));
         length = ntohl (length);
  
+       if (length > 32768) {
+               start_accept ();
+               return;
+       }
+
         scoped_array<char> buffer (new char[length]);
         socket->read (reinterpret_cast<uint8_t*> (buffer.get()), length);
author	Carl Hetherington <cth@carlh.net>
	Wed, 25 Nov 2020 14:34:49 +0000 (15:34 +0100)
committer	Carl Hetherington <cth@carlh.net>
	Wed, 25 Nov 2020 14:35:05 +0000 (15:35 +0100)