From bc5ff37e375c0e8554d492c1d23d7a715b881ac6 Mon Sep 17 00:00:00 2001
From: orignal <i2porignal@yandex.ru>
Date: Thu, 24 Mar 2016 11:18:11 -0400
Subject: [PATCH] check for chunk size

---
 util.cpp | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/util.cpp b/util.cpp
index bd77e682..5230f55f 100644
--- a/util.cpp
+++ b/util.cpp
@@ -106,11 +106,15 @@ namespace http
 		while (!response.eof ())
 		{	
 			std::string hexLen;
-			int len;
+			size_t len;
 			std::getline (response, hexLen);
 			std::istringstream iss (hexLen);
 			iss >> std::hex >> len;
-			if (!len) break;
+			if (!len || len > 10000000L) // 10M
+			{
+				LogPrint (eLogError, "Unexpected chunk length ", len);
+				break;
+			}
 			char * buf = new char[len];
 			response.read (buf, len);
 			merged.write (buf, len);