Message ID | 20180428094233.15480-1-fw@strlen.de |
---|---|
State | Accepted |
Delegated to: | Pablo Neira |
Headers | show |
Series | [libnftnl] udata: refuse to put more than UINT8_MAX bytes | expand |
diff --git a/src/udata.c b/src/udata.c index 6bd965161c43..b5a47295b40d 100644 --- a/src/udata.c +++ b/src/udata.c @@ -74,7 +74,7 @@ bool nftnl_udata_put(struct nftnl_udata_buf *buf, uint8_t type, uint32_t len, { struct nftnl_udata *attr; - if (buf->size < len + sizeof(struct nftnl_udata)) + if (len > UINT8_MAX || buf->size < len + sizeof(struct nftnl_udata)) return false; attr = (struct nftnl_udata *)buf->end;