From b350cb69072fa8647d1e9114188e52b84fba7257 Mon Sep 17 00:00:00 2001
From: Rusty Russell <rusty@rustcorp.com.au>
Date: Sat, 28 Aug 2010 20:35:39 +0930
Subject: [PATCH] tdb2: check that records are of sufficient length in
 tdb_check.

---
 ccan/tdb2/check.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ccan/tdb2/check.c b/ccan/tdb2/check.c
index f8abfc1f..42f7538e 100644
--- a/ccan/tdb2/check.c
+++ b/ccan/tdb2/check.c
@@ -372,6 +372,14 @@ int tdb_check(struct tdb_context *tdb,
 			if (tdb->methods->oob(tdb, off + len, false))
 				goto fail;
 
+			if (len < sizeof(p->f)) {
+				tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
+					 "tdb_check: too short record %llu at"
+					 " %llu\n",
+					 (long long)len, (long long)off);
+				goto fail;
+			}
+
 			if (off + sizeof(p->u) == tdb->header.v.hash_off) {
 				hash_found = true;
 			} else if (off + sizeof(p->u)
-- 
2.39.2