From a220b8df0c8a2d3511eec382490c45966cdc4c12 Mon Sep 17 00:00:00 2001 From: Arvid Norberg Date: Sat, 23 Mar 2013 03:01:13 +0000 Subject: [PATCH] merged fix from RC_0_16 --- src/peer_connection.cpp | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/src/peer_connection.cpp b/src/peer_connection.cpp index 9ec84cc6e..6bf3021c7 100644 --- a/src/peer_connection.cpp +++ b/src/peer_connection.cpp @@ -2077,6 +2077,22 @@ namespace libtorrent boost::shared_ptr t = associated_torrent().lock(); TORRENT_ASSERT(t); + + // piece_block can't necessarily hold large piece numbers + // so check that first + if (r.piece < 0 + || r.piece >= t->torrent_file().num_pieces() + || r.start < 0 + || r.start > t->torrent_file().piece_length()) + { +#if defined TORRENT_VERBOSE_LOGGING || defined TORRENT_ERROR_LOGGING + peer_log("*** INVALID_PIECE [ piece: %d s: %d l: %d ]" + , r.piece, r.start, r.length); +#endif + disconnect(errors::invalid_piece, 2); + return; + } + piece_block b(r.piece, r.start / t->block_size()); m_receiving_block = b;