From 53b08d243375f2830bf4eb479b61192ba89cf9e4 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Date: Tue, 15 Feb 2022 10:18:46 +0100
Subject: [PATCH] forward_udp_to_owner: sanity check of session_id_size

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
---
 src/main.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/main.c b/src/main.c
index b608aed4..d99095b3 100644
--- a/src/main.c
+++ b/src/main.c
@@ -712,6 +712,12 @@ int sfd = -1;
 			      human_addr((struct sockaddr*)&cli_addr, cli_addr_size, tbuf, sizeof(tbuf)));
 			goto fail;
 		}
+
+		if (session_id_size <= 0 || session_id_size > GNUTLS_MAX_SESSION_ID) {
+			mslog(s, NULL, LOG_INFO, "%s: invalid session ID size",
+			      human_addr((struct sockaddr*)&cli_addr, cli_addr_size, tbuf, sizeof(tbuf)));
+			goto fail;
+		}
 	}
 
 	/* search for the IP and the session ID in all procs */