From 1cb4027d02463550eaa89ba449bc2ce3d2cde759 Mon Sep 17 00:00:00 2001
From: Sangyoon Jang <jeremy.jang@samsung.com>
Date: Fri, 13 Jul 2018 16:21:27 +0900
Subject: [PATCH] Prevent buffer overflow of signal agent

Change-Id: Ic55d8f5471e2963c7cf6fcc1d09dd166a5accae6
Signed-off-by: Sangyoon Jang <jeremy.jang@samsung.com>
---
 installer/pkgmgr_installer_signal_agent.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/installer/pkgmgr_installer_signal_agent.c b/installer/pkgmgr_installer_signal_agent.c
index 9d5ebd9..2e1b46c 100644
--- a/installer/pkgmgr_installer_signal_agent.c
+++ b/installer/pkgmgr_installer_signal_agent.c
@@ -225,6 +225,12 @@ static gboolean __handle_signal(gint fd, GIOCondition cond, gpointer user_data)
 	memcpy(&type_len, buf, sizeof(size_t));
 	memcpy(&data_len, buf + sizeof(size_t), sizeof(gsize));
 
+	if ((type_len + data_len) > BUFMAX) {
+		LOGE("received size is too large: %zu %zd", type_len, data_len);
+		close(clifd);
+		return FALSE;
+	}
+
 	r = recv(clifd, buf, type_len + data_len, 0);
 	if (r < 0) {
 		LOGE("recv failed: %d", errno);
-- 
2.7.4