Lib: check encoded table length isn't too long

Check encoded table length isn't longer than the encoded buffer. Fixes CID 1383630 caught by Coverity.
author: Alan Antonuk <alan.antonuk@gmail.com> 2018-01-09 22:45:19 -0800
committer: Alan Antonuk <alan.antonuk@gmail.com> 2018-01-09 22:47:04 -0800
commit: 8ab25ab6772857336f1e11ae64dacd091ce371c2 (patch)
tree: 58d70af5a22cbc94a54dfe0e16dbb63a881ea568
parent: 9f986a89ed02dcb24190528829803943fc5e36fb (diff)
download: rabbitmq-c-8ab25ab6772857336f1e11ae64dacd091ce371c2.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/librabbitmq/amqp_table.c b/librabbitmq/amqp_table.c
index 1cb0d6b..24b087c 100644
--- a/librabbitmq/amqp_table.c
+++ b/librabbitmq/amqp_table.c
@@ -135,6 +135,10 @@ int amqp_decode_table(amqp_bytes_t encoded, amqp_pool_t *pool,
     return AMQP_STATUS_BAD_AMQP_DATA;
   }
 
+  if (tablesize + *offset > encoded.len) {
+    return AMQP_STATUS_BAD_AMQP_DATA;
+  }
+
   entries = malloc(allocated_entries * sizeof(amqp_table_entry_t));
   if (entries == NULL) {
     return AMQP_STATUS_NO_MEMORY;
author	Alan Antonuk <alan.antonuk@gmail.com>	2018-01-09 22:45:19 -0800
committer	Alan Antonuk <alan.antonuk@gmail.com>	2018-01-09 22:47:04 -0800
commit	8ab25ab6772857336f1e11ae64dacd091ce371c2 (patch)
tree	58d70af5a22cbc94a54dfe0e16dbb63a881ea568
parent	9f986a89ed02dcb24190528829803943fc5e36fb (diff)
download	rabbitmq-c-8ab25ab6772857336f1e11ae64dacd091ce371c2.tar.gz