From 5731c1539b179524d511406c36260c81cba72b55 Mon Sep 17 00:00:00 2001
From: Carl Hetherington <cth@carlh.net>
Date: Wed, 25 Nov 2020 15:34:49 +0100
Subject: [PATCH] Ignore unreasonably-sized replies from servers.

---
 src/lib/encode_server_finder.cc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/lib/encode_server_finder.cc b/src/lib/encode_server_finder.cc
index 08559c971..b4dece8f1 100644
--- a/src/lib/encode_server_finder.cc
+++ b/src/lib/encode_server_finder.cc
@@ -226,6 +226,11 @@ EncodeServerFinder::handle_accept (boost::system::error_code ec, shared_ptr<Sock
 	socket->read (reinterpret_cast<uint8_t*> (&length), sizeof (uint32_t));
 	length = ntohl (length);
 
+	if (length > 32768) {
+		start_accept ();
+		return;
+	}
+
 	scoped_array<char> buffer (new char[length]);
 	socket->read (reinterpret_cast<uint8_t*> (buffer.get()), length);
 
-- 
2.30.2