From f3aed813af9c04a15e0142bb1d10df7cbf82e268 Mon Sep 17 00:00:00 2001
From: Cyril Soler <csoler@users.sourceforge.net>
Date: Tue, 17 May 2016 10:39:56 -0400
Subject: [PATCH] added test over signature size to avoid possible memory
 corruption (Anonymous source)

---
 libretroshare/src/pqi/authssl.cc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc
index 2bf0bdf55..595ca946d 100644
--- a/libretroshare/src/pqi/authssl.cc
+++ b/libretroshare/src/pqi/authssl.cc
@@ -991,6 +991,11 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,uint32_t& diagnostic)
 #endif
 
 	/* copy data into signature */
+        if(sigoutl < signature->length)
+        {
+        diagnostic = RS_SSL_HANDSHAKE_DIAGNOSTIC_MALLOC_ERROR ;
+        goto err;
+        }
 	sigoutl = signature->length;
 	memmove(buf_sigout, signature->data, sigoutl);