1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Author: Luciano Bello <luciano@debian.org>
Description: Fix for DOS y TDS decoder. Patch provided by Hilko Bengen.
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609988
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/decode_tds.c
+++ b/decode_tds.c
@@ -144,6 +144,11 @@
len > sizeof(*th) && len >= ntohs(th->size);
buf += ntohs(th->size), len -= ntohs(th->size)) {
+ if (th->size != 8) {
+ /* wrong header length */
+ break;
+ }
+
if (th->type == 2) {
/* Version 4.x, 5.0 */
if (len < sizeof(*th) + sizeof(*tl))
|
