From e99cf32bddf33f7c44c14a355ae2c167f2a8a78e Mon Sep 17 00:00:00 2001
From: Robin Mueller <robin.mueller.m@gmail.com>
Date: Tue, 3 Nov 2020 23:29:03 +0100
Subject: [PATCH] amazing size checks

---
 housekeeping/HousekeepingPacketUpdate.h | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/housekeeping/HousekeepingPacketUpdate.h b/housekeeping/HousekeepingPacketUpdate.h
index 48fe1bfd..43ec0619 100644
--- a/housekeeping/HousekeepingPacketUpdate.h
+++ b/housekeeping/HousekeepingPacketUpdate.h
@@ -59,6 +59,10 @@ public:
 
     virtual ReturnValue_t deSerialize(const uint8_t** buffer, size_t* size,
             SerializeIF::Endianness streamEndianness) override {
+        if(*size < timeStampSize) {
+            return SerializeIF::STREAM_TOO_SHORT;
+        }
+
         if(timeStamp != nullptr) {
             /* Endianness will always be MACHINE, so we can simply use memcpy
             here. */
@@ -70,6 +74,10 @@ public:
         if(updateData == nullptr) {
             return HasReturnvaluesIF::RETURN_FAILED;
         }
+        if(*size < updateData->getSerializedSize()) {
+            return SerializeIF::STREAM_TOO_SHORT;
+        }
+
         return updateData->deSerialize(buffer, size, streamEndianness);
     }