From 11c04e483cd56fa3cca0daed63f8f66c228525c7 Mon Sep 17 00:00:00 2001
From: ckolivas <kernel@kolivas.org>
Date: Mon, 27 Oct 2014 22:55:42 +1100
Subject: [PATCH] Add sanity check to read size for unix message in libckpool

---
 src/libckpool.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/libckpool.c b/src/libckpool.c
index 8d1a66d8..ce7d30e5 100644
--- a/src/libckpool.c
+++ b/src/libckpool.c
@@ -756,8 +756,8 @@ char *_recv_unix_msg(int sockd, const char *file, const char *func, const int li
 		goto out;
 	}
 	msglen = le32toh(msglen);
-	if (unlikely(msglen < 1)) {
-		LOGWARNING("Invalid message length zero sent to recv_unix_msg");
+	if (unlikely(msglen < 1 || msglen > 0x80000000)) {
+		LOGWARNING("Invalid message length %u sent to recv_unix_msg", msglen);
 		goto out;
 	}
 	ret = wait_read_select(sockd, 5);
@@ -768,7 +768,7 @@ char *_recv_unix_msg(int sockd, const char *file, const char *func, const int li
 	buf = ckzalloc(msglen + 1);
 	ret = read_length(sockd, buf, msglen);
 	if (unlikely(ret < (int)msglen)) {
-		LOGERR("Failed to read %d bytes in recv_unix_msg", msglen);
+		LOGERR("Failed to read %u bytes in recv_unix_msg", msglen);
 		dealloc(buf);
 	}
 out: