From 3d51e103a825f39dd8459fdc815345dd285b344a Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 23 Feb 2017 11:10:04 +0100
Subject: opencdk: read_attribute: account buffer size

That ensures that there is no read past the end of buffer.

Resolves the oss-fuzz found bug:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391

Relates: #159

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 lib/opencdk/read-packet.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c
index f5b180b072..d2c420c138 100644
--- a/lib/opencdk/read-packet.c
+++ b/lib/opencdk/read-packet.c
@@ -514,7 +514,7 @@ read_attribute(cdk_stream_t inp, size_t pktlen, cdk_pkt_userid_t attr,
 		pktlen--;
 	}
 
-	if (!len || *p != 1) {		/* Currently only 1, meaning an image, is defined. */
+	if (!len || pktlen == 0 || *p != 1) {	/* Currently only 1, meaning an image, is defined. */
 		rc = CDK_Inv_Packet;
 		goto error;
 	}
-- 
cgit v1.2.1