X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=blobdiff_plain;f=lib%2Fsilccore%2Fsilcmessage.c;h=2876ab560e7517066df950002c736092f11e755d;hp=08ec1feff16ff05c58a09a35a88bfcf2209bae3a;hb=413da0f8686910f5e627393157566ae729ca99c4;hpb=050bd9d9e5d843220f3f393a18ab5011622237b9

diff --git a/lib/silccore/silcmessage.c b/lib/silccore/silcmessage.c
index 08ec1fef..2876ab56 100644
--- a/lib/silccore/silcmessage.c
+++ b/lib/silccore/silcmessage.c
@@ -78,7 +78,7 @@ bool silc_message_payload_decrypt(unsigned char *data,
   if (!private_message || (private_message && static_key))
     iv_len = silc_cipher_get_block_len(cipher);
 
-  if (data_len < mac_len)
+  if (data_len <= (mac_len + iv_len))
     return FALSE;
 
   if (check_mac) {
@@ -514,7 +514,7 @@ silc_message_signed_payload_parse(const unsigned char *data,
 			     SILC_STR_UI16_NSTRING_ALLOC(&sig->sign_data,
 							 &sig->sign_len),
 			     SILC_STR_END);
-  if (ret == -1) {
+  if (ret == -1 || sig->sign_len > buffer.len - sig->pk_len - 2) {
     silc_message_signed_payload_free(sig);
     SILC_LOG_DEBUG(("Malformed SILC_MESSAGE_FLAG_SIGNED Payload"));
     return NULL;