--- a/libpurple/protocols/msn/p2p.c Thu Mar 10 05:00:17 2011 +0000
+++ b/libpurple/protocols/msn/p2p.c Thu Mar 10 05:07:48 2011 +0000
@@ -90,12 +90,18 @@
msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire, size_t max_len)
case MSN_P2P_VERSION_ONE: {
MsnP2PHeader *header = &info->header.v1;
+ if (max_len < P2P_PACKET_HEADER_SIZE) { + /* Invalid packet length */ header->session_id = msn_pop32le(wire);
header->id = msn_pop32le(wire);
header->offset = msn_pop64le(wire);
