blob: 0db5916dbc371ee39e1cea88477dc90b445dc3f5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
|
$NetBSD: patch-CVE-2013-4852-3,v 1.2.2.2 2013/08/21 21:59:57 tron Exp $
--- src/putty/import.c.orig 2008-02-22 03:00:11.000000000 +0000
+++ src/putty/import.c
@@ -290,7 +290,7 @@ static int ssh2_read_mpint(void *data, i
if (len < 4)
goto error;
bytes = GET_32BIT(d);
- if (len < 4+bytes)
+ if (bytes < 0 || len-4 < bytes)
goto error;
ret->start = d + 4;
|