- Old format tags encode the number of body length bytes in the packet
header, new format encodes it in the first body length byte. In
both cases there must be at least two bytes worth of data for it
to be a valid header. Sanity check before accessing.
DIGEST_CTX ctx;
int rc = -1; /* assume failure. */
- if (!(val & 0x80))
+ if (!(val & 0x80) || pktlen < 2)
return rc;
if (val & 0x40) {
int rc = 0;
/* XXX can't deal with these. */
- if (!(val & 0x80))
+ if (!(val & 0x80) || pleft < 2)
return -1;
if (val & 0x40) {