From 5dfd4a3e1de3842f3937e5123c1086929cb35a96 Mon Sep 17 00:00:00 2001
From: Konstantin Demin <rockdrilla@gmail.com>
Date: Tue, 16 Oct 2018 16:31:44 +0300
Subject: [PATCH] dropbear: make buf_getstring fail fast

cherry-pick upstream commit 9f1c8b2f8fe1722815af1cfb152c3f48aa9848ce

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
---
 .../013-make-buf_getstring-fail-fast.patch    | 21 +++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 package/network/services/dropbear/patches/013-make-buf_getstring-fail-fast.patch

diff --git a/package/network/services/dropbear/patches/013-make-buf_getstring-fail-fast.patch b/package/network/services/dropbear/patches/013-make-buf_getstring-fail-fast.patch
new file mode 100644
index 0000000000..7e51fd0159
--- /dev/null
+++ b/package/network/services/dropbear/patches/013-make-buf_getstring-fail-fast.patch
@@ -0,0 +1,21 @@
+--- a/buffer.c
++++ b/buffer.c
+@@ -209,6 +209,7 @@ char* buf_getstring(buffer* buf, unsigne
+ 
+ 	unsigned int len;
+ 	char* ret;
++	void* src = NULL;
+ 	len = buf_getint(buf);
+ 	if (len > MAX_STRING_LEN) {
+ 		dropbear_exit("String too long");
+@@ -217,8 +218,9 @@ char* buf_getstring(buffer* buf, unsigne
+ 	if (retlen != NULL) {
+ 		*retlen = len;
+ 	}
++	src = buf_getptr(buf, len);
+ 	ret = m_malloc(len+1);
+-	memcpy(ret, buf_getptr(buf, len), len);
++	memcpy(ret, src, len);
+ 	buf_incrpos(buf, len);
+ 	ret[len] = '\0';
+ 
-- 
2.30.2