tcos: Avoid reading behind the end of allocated buffer
Thanks oss-fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27480
This commit is contained in:
parent
d3451faa21
commit
b5b1afe401
|
@ -141,7 +141,7 @@ static int insert_key(
|
|||
int found = 0;
|
||||
if (buf[0] != 0xA0)
|
||||
continue;
|
||||
for (i = 2; i < buf[1] + 2; i += 2 + buf[i + 1]) {
|
||||
for (i = 2; i < buf[1] + 2 && i < r - 2; i += 2 + buf[i + 1]) {
|
||||
if (buf[i] == 0x83 && buf[i + 1] == 1 && buf[i + 2] == key_reference)
|
||||
++found;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue