From e1b58039026a661ff6c39eeca4f2a04c9a2b3bbf Mon Sep 17 00:00:00 2001
From: Jeff Becker <jeff@i2p.rocks>
Date: Thu, 23 Nov 2017 12:26:42 -0500
Subject: [PATCH] fix overflow

---
 libi2pd/Streaming.cpp | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/libi2pd/Streaming.cpp b/libi2pd/Streaming.cpp
index a1cf536e..f7c3cdf8 100644
--- a/libi2pd/Streaming.cpp
+++ b/libi2pd/Streaming.cpp
@@ -242,18 +242,25 @@ namespace stream
 
 		if (flags & PACKET_FLAG_SIGNATURE_INCLUDED)
 		{
-			uint8_t signature[256];
+			uint8_t signature[512];
 			auto signatureLen = m_RemoteIdentity->GetSignatureLen ();
-			memcpy (signature, optionData, signatureLen);
-			memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
-			if (!m_RemoteIdentity->Verify (packet->GetBuffer (), packet->GetLength (), signature))
+			if(signatureLen <= sizeof(signature))
 			{
-				LogPrint (eLogError, "Streaming: Signature verification failed, sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID);
-				Close ();
-				flags |= PACKET_FLAG_CLOSE;
+				memcpy (signature, optionData, signatureLen);
+				memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
+				if (!m_RemoteIdentity->Verify (packet->GetBuffer (), packet->GetLength (), signature))
+				{
+					LogPrint (eLogError, "Streaming: Signature verification failed, sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID);
+					Close ();
+					flags |= PACKET_FLAG_CLOSE;
+				}
+				memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
+				optionData += signatureLen;
+			}
+			else
+			{
+				LogPrint(eLogError, "Streaming: Signature too big, ", signatureLen, " bytes");
 			}
-			memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
-			optionData += signatureLen;
 		}
 
 		packet->offset = packet->GetPayload () - packet->buf;