From c91ef4c512171ba849ada2353c227d273b723806 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Ekl=C3=B6f?= <daniel@ekloef.se>
Date: Sat, 21 Dec 2019 20:05:14 +0100
Subject: [PATCH] server: verify CWD string length matches the indicated length

---
 server.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/server.c b/server.c
index f7d527e9..6542be68 100644
--- a/server.c
+++ b/server.c
@@ -181,6 +181,12 @@ fdm_client(struct fdm *fdm, int fd, int events, void *data)
     const char *cwd = (const char *)p; p += cwd_len;
     LOG_DBG("CWD = %.*s", cwd_len, cwd);
 
+    if (cwd_len != strlen(cwd) + 1) {
+        LOG_ERR("CWD length mismatch: indicated = %hu, actual = %zu",
+                cwd_len - 1, strlen(cwd));
+        goto shutdown;
+    }
+
     CHECK_BUF(sizeof(uint16_t));
     uint16_t term_env_len = *(uint16_t *)p; p += sizeof(term_env_len);