From 57a3338110978b37baab6f7c45935a1dff5db603 Mon Sep 17 00:00:00 2001
From: /dev/humancontroller <devhc@example.com>
Date: Mon, 14 Aug 2017 14:04:02 +0200
Subject: apply the security patch for incoming-packet VoIP-data parsing and
 Huffman decompression

TODO: improve this description
---
 src/server/sv_client.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/server/sv_client.c')

diff --git a/src/server/sv_client.c b/src/server/sv_client.c
index 126a9d05..f3a0494f 100644
--- a/src/server/sv_client.c
+++ b/src/server/sv_client.c
@@ -1565,7 +1565,7 @@ void SV_UserVoip(client_t *cl, msg_t *msg, qboolean ignoreData)
 	}
 	packetsize = MSG_ReadShort(msg);
 
-	if (msg->readcount > msg->cursize)
+	if (msg->readcount + packetsize > msg->cursize)
 		return;   // short/invalid packet, bail.
 
 	if (packetsize > sizeof (encoded)) {  // overlarge packet?
-- 
cgit