strongswan/0008-strongswan-5.1.2-5.6.2_stroke_msg_len.patch

From 0acd1ab4d08d53d80393b1a37b8781f6e7b2b996 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 13 Mar 2018 18:54:08 +0100
Subject: [PATCH] stroke: Ensure a minimum message length

---
 src/libcharon/plugins/stroke/stroke_socket.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c
index c568440b7ae2..1e7f210e940a 100644
--- a/src/libcharon/plugins/stroke/stroke_socket.c
+++ b/src/libcharon/plugins/stroke/stroke_socket.c
@@ -627,6 +627,11 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream)
 		}
 		return FALSE;
 	}
+	if (len < offsetof(stroke_msg_t, buffer))
+	{
+		DBG1(DBG_CFG, "invalid stroke message length %d", len);
+		return FALSE;
+	}
 
 	/* read message (we need an additional byte to terminate the buffer) */
 	msg = malloc(len + 1);
-- 
2.7.4