Change the sanity check in PACKET_buf_init to check for excessive length
buffers, which should catch the interesting cases where len has been cast
from a negative value whilst avoiding any undefined behaviour.
RT#4094
Reviewed-by: Richard Levitte <levitte@openssl.org>
size_t len)
{
/* Sanity check for negative values. */
size_t len)
{
/* Sanity check for negative values. */
+ if (len > (size_t)(SIZE_MAX / 2))
return 0;
pkt->curr = buf;
return 0;
pkt->curr = buf;