From: Kevin P. Fleming <kpfleming@digium.com>
Date: Tue, 17 Oct 2006 17:57:36 +0000 (+0000)
Subject: properly handle signed integer input
X-Git-Tag: 1.0.12~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=63046de1cb1a99559c4283772fe418bf8fa86622;p=thirdparty%2Fasterisk.git

properly handle signed integer input


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.0@45336 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---

diff --git a/channels/chan_skinny.c b/channels/chan_skinny.c
index 98d9d86d8f..9de3faea68 100644
--- a/channels/chan_skinny.c
+++ b/channels/chan_skinny.c
@@ -2305,6 +2305,10 @@ static int get_input(struct skinnysession *s)
 			return -1;
 		}
 		dlen = *(int *)s->inbuf;
+		if (dlen < 0) {
+			ast_log(LOG_WARNING, "Skinny Client sent invalid data.\n");
+			return -1;
+		}
 		if (dlen+8 > sizeof(s->inbuf))
 			dlen = sizeof(s->inbuf) - 8;
 		res = read(s->fd, s->inbuf+4, dlen+4);