From 021a364502c189c2cdcebbf9af06339aba7b7ffe Mon Sep 17 00:00:00 2001
From: Lassi Marttala <lassi.lm.marttala@partner.bmw.de>
Date: Mon, 4 Jun 2012 10:50:33 +0200
Subject: [GENDLT-24]: Crash on invalid injection message. Check that the size
 of the injection message is sane.

Signed-off-by: Christian Muck <christian.muck@bmw.de>
---
 src/daemon/dlt_daemon_common.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/daemon/dlt_daemon_common.c b/src/daemon/dlt_daemon_common.c
index 021dddf..be472a3 100644
--- a/src/daemon/dlt_daemon_common.c
+++ b/src/daemon/dlt_daemon_common.c
@@ -1304,6 +1304,12 @@ void dlt_daemon_control_callsw_cinjection(int sock, DltDaemon *daemon, DltMessag
 
 		usercontext.log_level_pos = context->log_level_pos;
 
+		if(data_length_inject > msg->databuffersize)
+		{
+			dlt_daemon_control_service_response(sock, daemon, id, DLT_SERVICE_RESPONSE_ERROR,  verbose);
+			return;
+		}
+
 		userbuffer = malloc(data_length_inject);
 
 		if (userbuffer==0)
-- 
cgit v1.2.1