PurpleI2P · chadf · Jul 4, 2023 · Jul 5, 2023 · Jul 5, 2023 · Jul 5, 2023
diff --git a/libi2pd/Identity.h b/libi2pd/Identity.h
@@ -22,7 +22,9 @@ namespace i2p
 {
 namespace data
 {
- typedef Tag<32> IdentHash;
+ const uint8_t IDENTITY_HASH_SIZE = 32;
+
+ typedef Tag<IDENTITY_HASH_SIZE> IdentHash;
  inline std::string GetIdentHashAbbreviation (const IdentHash& ident)
  {
  return ident.ToBase64 ().substr (0, 4);

diff --git a/libi2pd/LeaseSet.cpp b/libi2pd/LeaseSet.cpp
@@ -394,6 +394,10 @@ namespace data
  size_t LeaseSet2::ReadStandardLS2TypeSpecificPart (const uint8_t * buf, size_t len)
  {
  size_t offset = 0;
+
+ if(offset + 2 > len) // AKA (len < 2)
+ return 0;
+
  // properties
  uint16_t propertiesLen = bufbe16toh (buf + offset); offset += 2;
  offset += propertiesLen; // skip for now. TODO: implement properties
@@ -448,6 +452,10 @@ namespace data
  size_t LeaseSet2::ReadMetaLS2TypeSpecificPart (const uint8_t * buf, size_t len)
  {
  size_t offset = 0;
+
+ if(offset + 2 > len) // AKA (len < 2)
+ return 0;
+
  // properties
  uint16_t propertiesLen = bufbe16toh (buf + offset); offset += 2;
  offset += propertiesLen; // skip for now. TODO: implement properties

diff --git a/libi2pd/NetDb.cpp b/libi2pd/NetDb.cpp
@@ -950,12 +950,16 @@ namespace data
  else if(!m_FloodfillBootstrap)
  LogPrint (eLogWarning, "NetDb: Requested destination for ", key, " not found");
 
+ // All peers hashs in buffer?
+ if(msg->GetPayloadLength() < (size_t) (33 + num * IDENTITY_HASH_SIZE))
+ return;
+
  // try responses
  for (int i = 0; i < num; i++)
  {
- const uint8_t * router = buf + 33 + i*32;
+ const uint8_t * router = buf + 33 + i*IDENTITY_HASH_SIZE;
  char peerHash[48];
- int l1 = i2p::data::ByteStreamToBase64 (router, 32, peerHash, 48);
+ int l1 = i2p::data::ByteStreamToBase64 (router, IDENTITY_HASH_SIZE, peerHash, 48);
  peerHash[l1] = 0;
  LogPrint (eLogDebug, "NetDb: ", i, ": ", peerHash);