X-Git-Url: https://git.carlh.net/gitweb/?a=blobdiff_plain;f=src%2Flib%2Fencode_server.cc;h=036ea58a5df92b94cb5cde24e6a7666be195f3a4;hb=c5b966261b7b268f495d7a72b7af4d4e6a75e618;hp=6501dcde15bed5b6a5af3d7b5275415370284769;hpb=da38c8a0156808595be0aae1b1490069a663fb78;p=dcpomatic.git

diff --git a/src/lib/encode_server.cc b/src/lib/encode_server.cc
index 6501dcde1..036ea58a5 100644
--- a/src/lib/encode_server.cc
+++ b/src/lib/encode_server.cc
@@ -126,6 +126,10 @@ EncodeServer::process (shared_ptr<Socket> socket, struct timeval& after_read, st
 	Socket::ReadDigestScope ds (socket);
 
 	auto length = socket->read_uint32 ();
+	if (length > 65536) {
+		throw NetworkError("Malformed encode request (too large)");
+	}
+
 	scoped_array<char> buffer (new char[length]);
 	socket->read (reinterpret_cast<uint8_t*>(buffer.get()), length);