commit c26e4201b489d6b496df07b5bc1629ba85dbd068
from: Omar Polo <op@omarpolo.com>
date: Sun Aug 01 22:21:59 2021 UTC

error out on message too small

commit - 29bc9fe51be33ac3b0685898e27a06dce945cc26
commit + c26e4201b489d6b496df07b5bc1629ba85dbd068
blob - 84f59f664e308333a7916575ab67dbefd179f995
blob + e4999cbd80e9a5a6c49c638477047221178934ab
--- kamirepl.c
+++ kamirepl.c
@@ -286,6 +286,10 @@ client_read(struct bufferevent *bev, void *data)
 
 		memcpy(&len, EVBUFFER_DATA(src), sizeof(len));
 		len = le32toh(len);
+
+		if (len < HEADERSIZE)
+			fatal("incoming message is too small! (%d bytes)",
+			    len);
 
 		if (len > EVBUFFER_LENGTH(src))
 			return;