From 036be8d3bc9afb49fc9186aa5e5142df98b76586 Mon Sep 17 00:00:00 2001
From: yeggor <vasilenko.yegor@gmail.com>
Date: Tue, 18 Jul 2023 17:25:52 +0400
Subject: [PATCH] add additional check for BPDT store size

---
 common/ffsparser.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/common/ffsparser.cpp b/common/ffsparser.cpp
index 6b7fe22..f8884f3 100644
--- a/common/ffsparser.cpp
+++ b/common/ffsparser.cpp
@@ -1403,8 +1403,10 @@ continue_searching: {}
             }
             
             // Check size candidate
-            if (sizeCandidate == 0)
+            if (sizeCandidate == 0 || sizeCandidate > restSize) {
+                msg(usprintf("%s: invalid BpdtStore size (sizeCandidate = 0x%x, restSize = 0x%x)", __FUNCTION__, sizeCandidate, restSize), index);
                 continue;
+            }
             
             // All checks passed, BPDT found
             nextItemType = Types::BpdtStore;