From 76a029cc8d1dbf3d470079e98be1f3b7c4783ef0 Mon Sep 17 00:00:00 2001
From: Gabor X Toth <*@tg-x.net>
Date: Thu, 22 Sep 2016 11:35:38 +0000
Subject: psyc,psycstore,social fixes

---
 src/psycstore/psycstore_api.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src/psycstore')

diff --git a/src/psycstore/psycstore_api.c b/src/psycstore/psycstore_api.c
index 7bbf2e3d8..480d594fc 100644
--- a/src/psycstore/psycstore_api.c
+++ b/src/psycstore/psycstore_api.c
@@ -122,7 +122,7 @@ check_result_code (void *cls, const struct OperationResult *opres)
 {
   uint16_t size = ntohs (opres->header.size);
   const char *str = (const char *) &opres[1];
-  if ( (sizeof (struct OperationResult) < size) &&
+  if ( (sizeof (*opres) < size) &&
        ('\0' != str[size - sizeof (*opres) - 1]) )
   {
     GNUNET_break (0);
@@ -244,9 +244,12 @@ static int
 check_result_state (void *cls, const struct StateResult *sres)
 {
   const char *name = (const char *) &sres[1];
+  uint16_t size = ntohs (sres->header.size);
   uint16_t name_size = ntohs (sres->name_size);
 
-  if (name_size <= 2 || '\0' != name[name_size - 1])
+  if (name_size <= 2
+      || size - sizeof (*sres) < name_size
+      || '\0' != name[name_size - 1])
   {
     LOG (GNUNET_ERROR_TYPE_ERROR,
          "check_result_state: Received state result message with invalid name.\n");
-- 
cgit v1.2.3