From b1fb7b0c7bf17ece54d6921329b2e041647b31e3 Mon Sep 17 00:00:00 2001
From: mar <mar>
Date: Tue, 11 Jul 1989 16:48:29 +0000
Subject: [PATCH] Don't coredump on bad input streams (sanity check lengths of
 received data), and fix some lint for the RT

---
 gdb/gdb_ops.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/gdb/gdb_ops.c b/gdb/gdb_ops.c
index 42056da9..1b6b7af1 100644
--- a/gdb/gdb_ops.c
+++ b/gdb/gdb_ops.c
@@ -431,8 +431,12 @@ struct robj_data *arg;
         * to local byte order, and allocate the space for the receive.
         */
 	arg->len = (int) ntohl((u_long)arg->len);
+	if (arg->len > 65536)
+	  return OP_CANCELLED;
 
 	arg->flattened = db_alloc(arg->len);
+	if (arg->flattened == NULL)
+	  return OP_CANCELLED;
        /*
         * Now start receiving the encoded object itself.  If it all comes in
         * synchronously, then just go on to the c2 routine to decode it and
@@ -571,7 +575,7 @@ struct lis_data {
 int g_ilis();
 int g_clis();
 
-int
+void
 gdb_start_listening(op, con, otherside, lenp, fdp)
 OPERATION op;
 CONNECTION con;
@@ -708,7 +712,7 @@ struct acc_data {
 int g_iacc();
 int g_i2acc();
 
-int
+void
 start_accepting_client(listencon, op, conp, otherside, lenp, tuplep)
 CONNECTION listencon;
 OPERATION op;
-- 
2.45.1