From 69525b18ee7dc8cb6b56b047ed48bbe870f00e5f Mon Sep 17 00:00:00 2001 From: "Matthias P. Braendli" Date: Tue, 24 Mar 2020 10:40:34 +0100 Subject: Pull common code c8defb3 --- lib/edi/common.cpp | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/edi/common.cpp b/lib/edi/common.cpp index 8d99619..c892425 100644 --- a/lib/edi/common.cpp +++ b/lib/edi/common.cpp @@ -310,13 +310,20 @@ bool TagDispatcher::decode_tagpacket(const vector &payload) uint32_t taglength = read_32b(payload.begin() + i + 4); if (taglength % 8 != 0) { - etiLog.log(warn, "Invalid tag length!"); + etiLog.log(warn, "Invalid EDI tag length, not multiple of 8!"); break; } taglength /= 8; length = taglength; + const size_t calculated_length = i + 8 + taglength; + if (calculated_length > payload.size()) { + etiLog.log(warn, "Invalid EDI tag length: tag larger %zu than tagpacket %zu!", + calculated_length, payload.size()); + break; + } + vector tag_value(taglength); copy( payload.begin() + i+8, payload.begin() + i+8+taglength, -- cgit v1.2.3