commit - 22dfb5a09b68f25185ba0568b9c3117bffb36513
commit + 4bc7840212200437ec9f95014409970970f82ee5
blob - 46ad95e3716e051f2e3e9c2e1e60b2872bad4f76
blob + 5142e84ed3e9477f08e24f99bd0149b644cc37af
--- listener.c
+++ listener.c
@@ -709,6 +709,12 @@ client_read(struct bufferevent *bev, void *d)
 		log_debug("expecting a message %"PRIu32" bytes long "
 		    "(of wich %zu already read)",
 		    len, EVBUFFER_LENGTH(src));
+
+		if (len < HEADERSIZE) {
+			log_warnx("invalid message size %d (too low)", len);
+			client_error(bev, EVBUFFER_READ, client);
+			return;
+		}
 
 		if (len > client->msize) {
 			log_warnx("incoming message bigger than msize "