commit - 4dc8ee099c58807be7ed93940d6209c44cc4729a
commit + 54d1a70f7c4cc24dd91d7f73a5fbd5aa6f6f97d9
blob - 8ce243b9a22fbe36868976dc8ed6fd9eabf050ba
blob + d6afe7dc9203acfae069ac340451fcf29b2e7377
--- libexec/got-fetch-pack/got-fetch-pack.c
+++ libexec/got-fetch-pack/got-fetch-pack.c
char lenstr[5];
long len;
char *e;
- int n;
+ int n, i;
ssize_t r;
*outlen = 0;
return got_error(GOT_ERR_IO);
lenstr[4] = '\0';
+ for (i = 0; i < 4; i++) {
+ if (!isxdigit(lenstr[i]))
+ return got_error(GOT_ERR_BAD_PACKET);
+ }
errno = 0;
len = strtol(lenstr, &e, 16);
if (lenstr[0] == '\0' || *e != '\0')