From 4b8fad826327a79af7856f5d06efbb6546652cb4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20S=C5=82omkowski?= <m.slomkowski@gmail.com>
Date: Mon, 14 Dec 2015 01:44:02 +0100
Subject: [PATCH] Add exception when input SSL buffer is overflown. #6

---
 src/Transport.cpp | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/Transport.cpp b/src/Transport.cpp
index ae25046..9838eeb 100644
--- a/src/Transport.cpp
+++ b/src/Transport.cpp
@@ -292,9 +292,16 @@ void mumlib::Transport::doReceiveSsl() {
                 }
 
                 const int payloadSize = ntohl(*reinterpret_cast<uint32_t *>(sslIncomingBuffer + 2));
-                size_t remaining = payloadSize + 6 - bytesTransferred;
+                const int wholeMessageLength = payloadSize + 6;
+                size_t remaining = wholeMessageLength - bytesTransferred;
                 remaining = max(remaining, (size_t) 0);
 
+                if (wholeMessageLength > MAX_TCP_LENGTH) {
+                    throwTransportException(
+                            (boost::format("message bigger (%d B) than max allowed size (%d B)")
+                             % wholeMessageLength % MAX_TCP_LENGTH).str());
+                }
+
                 return remaining;
             },
             [this](const boost::system::error_code &ec, size_t bytesTransferred) {