From 6c84575ef790992101606921339d14c37dce5973 Mon Sep 17 00:00:00 2001
From: yellows8 <yellows8@users.noreply.github.com>
Date: Mon, 5 Aug 2019 12:00:45 -0400
Subject: [PATCH] Fixed buffer overflow when the netloader chunksize is too
 large, during NRO transfer (this will not occur with an unmodified nxlink).

---
 common/netloader.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/common/netloader.c b/common/netloader.c
index dd3ad6a..9624870 100644
--- a/common/netloader.c
+++ b/common/netloader.c
@@ -304,6 +304,12 @@ static int decompress(int sock, FILE *fh, size_t filesize) {
             return Z_DATA_ERROR;
         }
 
+        if (chunksize > sizeof(in)) {
+            (void)inflateEnd(&strm);
+            netloader_error("Invalid chunk size.",0);
+            return Z_DATA_ERROR;
+        }
+
     strm.avail_in = recvall(sock,in,chunksize,0);
 
     if (strm.avail_in == 0) {