From a3461e94de72e04fd6040c0fad5fb6d3615a2de4 Mon Sep 17 00:00:00 2001
From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Thu, 15 Dec 2016 12:13:19 +0100
Subject: [PATCH 1/1] Fix: add element length check in lttng_index_file_open
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Handle cases where the index file header would contain a corrupted
value.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
---
 src/common/index/index.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/common/index/index.c b/src/common/index/index.c
index b5591d137..b481badb1 100644
--- a/src/common/index/index.c
+++ b/src/common/index/index.c
@@ -245,6 +245,10 @@ struct lttng_index_file *lttng_index_file_open(const char *path_name,
 		ERR("Invalid header version");
 		goto error_close;
 	}
+	if (element_len > sizeof(struct ctf_packet_index)) {
+		ERR("Index element length too long");
+		goto error_close;
+	}
 
 	index_file->fd = read_fd;
 	index_file->major = major;
-- 
2.34.1