From c2d6c7c28c7c6b038d7a5c47708bb9348a57bb6b Mon Sep 17 00:00:00 2001
From: Rob Swindell <rob@synchro.net>
Date: Wed, 2 Mar 2022 12:38:49 -0800
Subject: [PATCH] Detect/reject negative offset argument values to
 smb_freemsgdat()

---
 src/smblib/smballoc.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/smblib/smballoc.c b/src/smblib/smballoc.c
index b26be60c7f..fc271a31c7 100644
--- a/src/smblib/smballoc.c
+++ b/src/smblib/smballoc.c
@@ -129,6 +129,9 @@ int smb_freemsgdat(smb_t* smb, off_t offset, ulong length, uint16_t refs)
 	off_t	sda_offset;
 	off_t	flen;
 
+	if(offset < 0)
+		return SMB_ERR_DAT_OFFSET;
+
 	if(smb->status.attr&SMB_HYPERALLOC)	/* do nothing */
 		return(SMB_SUCCESS);
 
-- 
GitLab