From 3521f151800e1cba78c209da326e2201a99ad4c5 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Wed, 9 Sep 2020 21:34:55 +0000
Subject: [PATCH] Use signed value for tcp header offset and option lengths to
 detect underflow

---
 tcpip.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tcpip.cc b/tcpip.cc
index 2c7715ef2..8183a7c6c 100644
--- a/tcpip.cc
+++ b/tcpip.cc
@@ -1352,7 +1352,7 @@ int readudppacket(const u8 *packet, int readdata) {
    The options checked are MSS, WScale, SackOK, Sack, and Timestamp. */
 static bool validateTCPhdr(const u8 *tcpc, unsigned len) {
   struct tcp_hdr *tcp = (struct tcp_hdr *) tcpc;
-  unsigned hdrlen, optlen;
+  int hdrlen, optlen;
 
   hdrlen = tcp->th_off * 4;