From c07bc647f2b181199561bbccc1a0695caba8822c Mon Sep 17 00:00:00 2001
From: Will Cosgrove <will@panic.com>
Date: Mon, 1 Apr 2019 13:30:50 -0700
Subject: [PATCH] _libssh2_check_length() : additional bounds check (#348)

Misc.c : _libssh2_check_length()

Ensure the requested length is less than the total length before doing the additional bounds check
---
 src/misc.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/misc.c b/src/misc.c
index 1fb8780b..8d80456c 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -811,6 +811,9 @@ int _libssh2_get_bignum_bytes(struct string_buf *buf, unsigned char **outbuf)
 
 int _libssh2_check_length(struct string_buf *buf, size_t len)
 {
+    if(len > buf->len)
+        return 0;
+
     return ((int)(buf->dataptr - buf->data) <= (int)(buf->len - len)) ? 1 : 0;
 }