From 6ace8313728b31f602af8af90dbcb686031be562 Mon Sep 17 00:00:00 2001
From: Jean-Philippe Andre <jp.andre@samsung.com>
Date: Mon, 27 Oct 2014 22:16:53 +0900
Subject: [PATCH] Evas cserve2: Check message size

Fixes CID 1039570
---
 src/bin/evas/evas_cserve2_usage.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/bin/evas/evas_cserve2_usage.c b/src/bin/evas/evas_cserve2_usage.c
index b1946ad374..449c9fdd44 100644
--- a/src/bin/evas/evas_cserve2_usage.c
+++ b/src/bin/evas/evas_cserve2_usage.c
@@ -133,6 +133,10 @@ _server_read(int *size)
    if (n < 0)
      return NULL;
 
+   // We don't expect large messages
+   if (sr_size < 0 || sr_size > 0x10000)
+     return NULL;
+
    sr_buf = malloc(sr_size);
 
 get_data: