better guard against corrupt sctp chunks

msantos · Apr 9, 2019 · 15ea41b · 15ea41b
1 parent 92f5a0d
commit 15ea41b
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/src/pkt_sctp.erl b/src/pkt_sctp.erl
@@ -61,8 +61,9 @@ decode_chunks(Chunks, Acc) ->
  end.
 
 %%% if 'chunks' is less than 4 bytes, we can't read a length.
+%%% if 'length' is less than 5, the chunk is corrupt.
 %%% we return 'sizeof chunks' plus one, indicating that a read will fail.
-chunk_len(<<_:16, L:16, _/binary>>) ->
+chunk_len(<<_:16, L:16, _/binary>>) when 4 < L ->
  L-4+chunk_pad_len(L);
 chunk_len(Chunks) ->
  byte_size(Chunks)+1.