From 11165d4fa58defe3c75f471576a1f3060ea5415c Mon Sep 17 00:00:00 2001
From: Matt Joiner <anacrolix@gmail.com>
Date: Wed, 13 Sep 2017 16:18:15 +1000
Subject: [PATCH] mse: Error if initial payload exceeds maximum size

---
 mse/mse.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/mse/mse.go b/mse/mse.go
index 421ade3f..eb2480aa 100644
--- a/mse/mse.go
+++ b/mse/mse.go
@@ -366,6 +366,10 @@ func (h *handshake) initerSteps() (ret io.ReadWriter, err error) {
 	buf := &bytes.Buffer{}
 	padLen := uint16(newPadLen())
 	err = marshal(buf, vc[:], uint32(cryptoMethodRC4), padLen, zeroPad[:padLen], uint16(len(h.ia)), h.ia)
+	if len(h.ia) > math.MaxUint16 {
+		err = errors.New("initial payload too large")
+		return
+	}
 	if err != nil {
 		return
 	}
-- 
2.48.1