From 8fecf17714211f2fbd6bb9a62a9c95574a9ddca9 Mon Sep 17 00:00:00 2001
From: Miek Gieben <miek@miek.nl>
Date: Sat, 23 Aug 2014 07:43:00 +0100
Subject: [PATCH] Check that off <= lenmsg

Defense in depth, this should happen, but it happens... So check
for it and return an error.

Maybe (there is no testcase) fixes #106
---
 msg.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/msg.go b/msg.go
index cab1842d..d959b30a 100644
--- a/msg.go
+++ b/msg.go
@@ -860,7 +860,7 @@ func packStructCompress(any interface{}, msg []byte, off int, compression map[st
 	return off, err
 }
 
-// TODO(mg): Fix use of rdlength here
+// TODO(miek): Fix use of rdlength here
 
 // Unpack a reflect.StructValue from msg.
 // Same restrictions as packStructValue.
@@ -868,6 +868,9 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er
 	var rdend int
 	lenmsg := len(msg)
 	for i := 0; i < val.NumField(); i++ {
+		if off > lenmsg {
+			return lenmsg, &Error{"bad offset unpacking"}
+		}
 		switch fv := val.Field(i); fv.Kind() {
 		default:
 			return lenmsg, &Error{err: "bad kind unpacking"}