From 1c47189bb16bffe75dec2c3c666e39790841aa84 Mon Sep 17 00:00:00 2001
From: "Schanzenbach, Martin" <martin.schanzenbach@aisec.fraunhofer.de>
Date: Sun, 24 Jun 2018 23:27:39 +0200
Subject: assert block length is valid

---
 src/namecache/namecache_api.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/namecache/namecache_api.c b/src/namecache/namecache_api.c
index 2bb233da1..2a60a2813 100644
--- a/src/namecache/namecache_api.c
+++ b/src/namecache/namecache_api.c
@@ -483,9 +483,11 @@ GNUNET_NAMECACHE_block_cache (struct GNUNET_NAMECACHE_Handle *h,
 
   if (NULL == h->mq)
     return NULL;
-  blen = ntohl (block->purpose.size)
-    - sizeof (struct GNUNET_TIME_AbsoluteNBO)
-    - sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose);
+  blen = ntohl (block->purpose.size);
+  GNUNET_assert (blen > (sizeof (struct GNUNET_TIME_AbsoluteNBO) + 
+                         sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)));
+  blen -= (sizeof (struct GNUNET_TIME_AbsoluteNBO) +
+           sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose));
   rid = get_op_id (h);
   qe = GNUNET_new (struct GNUNET_NAMECACHE_QueueEntry);
   qe->nsh = h;
-- 
cgit v1.2.3