Fix Vulnerability: CVE-2023-22325 TALOS-2023-1736

SoftEther VPN DCRegister DDNS_RPC_MAX_RECV_SIZE denial of service vulnerability https://www.softether.org/9-about/News/904-SEVPN202301 https://jvn.jp/en/jp/JVN64316789/
2025-12-19 16:41:39 +03:00 · 2023-09-28 18:26:17 +09:00
parent b8e542105f
commit c49e462ed1
3 changed files with 8 additions and 2 deletions
--- a/src/Mayaqua/Memory.c
+++ b/src/Mayaqua/Memory.c
@ -3114,6 +3114,10 @@ void AdjustBufSize(BUF *b, UINT new_size)

 	while (b->SizeReserved < new_size)
 	{
+		if (b->SizeReserved > 0x7FFFFFFF)
+		{
+			AbortExitEx("AdjustBufSize(): too large buffer size");
+		}
 		b->SizeReserved = b->SizeReserved * 2;
 	}
 	b->Buf = ReAlloc(b->Buf, b->SizeReserved);