Fix uninitialized memory read vulnerability in packet validation

pull/101/head
joseph calderon 2026-05-31 09:24:29 -07:00
parent d6b4695c4c
commit f2f363b6aa
2 changed files with 2 additions and 2 deletions

View File

@ -79,7 +79,7 @@ bool NormMsg::InitFromBuffer(UINT16 msgLength)
PLOG(PL_FATAL, "NormMsg::InitFromBuffer() invalid message type!\n"); PLOG(PL_FATAL, "NormMsg::InitFromBuffer() invalid message type!\n");
return false; return false;
} }
if (msgLength < header_length) if ((msgLength < header_length) || (header_length < header_length_base))
{ {
PLOG(PL_FATAL, "NormMsg::InitFromBuffer() invalid message or header length\n"); PLOG(PL_FATAL, "NormMsg::InitFromBuffer() invalid message or header length\n");
return false; return false;

View File

@ -47,7 +47,7 @@ system = platform.system().lower()
def options(ctx): def options(ctx):
ctx.recurse('protolib') ctx.recurse('protolib')
build_opts = ctx.parser.add_argument_group('Compile/install Options', 'Use during build/install step.') build_opts = ctx.add_option_group('Compile/install Options', 'Use during build/install step.')
# Add Rust binding options # Add Rust binding options
ctx.add_option('--build-rust', action='store_true', default=False, ctx.add_option('--build-rust', action='store_true', default=False,