crypt-burn: Add sanity check for buffer length

[thirdparty/strongswan.git] / scripts / crypt_burn.c

diff --git a/scripts/crypt_burn.c b/scripts/crypt_burn.c
index 3bd36d2dce61b68e88b89cb0e8909a0bd01e118b..bf338f0b4e000c38def0a6f2497caf35d395b47f 100644 (file)
--- a/scripts/crypt_burn.c
+++ b/scripts/crypt_burn.c
@@ -196,6 +196,11 @@ int main(int argc, char *argv[])
        if (argc > 2)
        {
                len = atoi(argv[2]);
+               if (len > (2^30))
+               {
+                       fprintf(stderr, "buffer too large (1 GiB limit)\n");
+                       return 1;
+               }
        }
        if (argc > 3)
        {