X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/94a3708f00f658994293a440fbbb7e71e2047a0f..f5877da285f3e030d59a28236295573f27e344bc:/print-nfs.c

diff --git a/print-nfs.c b/print-nfs.c
index 523a0716..b67ec370 100644
--- a/print-nfs.c
+++ b/print-nfs.c
@@ -432,6 +432,11 @@ parsereq(netdissect_options *ndo,
 	if (length < 2 * sizeof(*dp))
 		goto trunc;
 	len = GET_BE_U_4(dp + 1);
+	if (len > length) {
+		ND_PRINT(" [credentials length %u > %u]", len, length);
+		nd_print_invalid(ndo);
+		return NULL;
+	}
 	rounded_len = roundup2(len, 4);
 	ND_TCHECK_LEN(dp + 2, rounded_len);
 	if (2 * sizeof(*dp) + rounded_len <= length) {
@@ -451,6 +456,11 @@ parsereq(netdissect_options *ndo,
 		if (length < 2 * sizeof(*dp))
 			goto trunc;
 		len = GET_BE_U_4(dp + 1);
+		if (len > length) {
+			ND_PRINT(" [verifier length %u > %u]", len, length);
+			nd_print_invalid(ndo);
+			return NULL;
+		}
 		rounded_len = roundup2(len, 4);
 		ND_TCHECK_LEN(dp + 2, rounded_len);
 		if (2 * sizeof(*dp) + rounded_len < length) {