diff options
Diffstat (limited to 'sunrpc/xdr_rec.c')
-rw-r--r-- | sunrpc/xdr_rec.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sunrpc/xdr_rec.c b/sunrpc/xdr_rec.c index db5684b..f855b3d 100644 --- a/sunrpc/xdr_rec.c +++ b/sunrpc/xdr_rec.c @@ -567,6 +567,12 @@ set_input_fragment (RECSTREAM *rstrm) return FALSE; header = ntohl (header); rstrm->last_frag = ((header & LAST_FRAG) == 0) ? FALSE : TRUE; + /* + * Sanity check. Try not to accept wildly incorrect + * record sizes. + */ + if ((header & (~LAST_FRAG)) > rstrm->recvsize) + return(FALSE); rstrm->fbtbc = header & ~LAST_FRAG; return TRUE; } |