crypt-burn: Add sanity check for buffer length
[strongswan.git] / scripts / crypt_burn.c
index 3bd36d2..bf338f0 100644 (file)
@@ -196,6 +196,11 @@ int main(int argc, char *argv[])
        if (argc > 2)
        {
                len = atoi(argv[2]);
+               if (len > (2^30))
+               {
+                       fprintf(stderr, "buffer too large (1 GiB limit)\n");
+                       return 1;
+               }
        }
        if (argc > 3)
        {