From aef834cd1220e04c2c08e644e181216bbf28026d Mon Sep 17 00:00:00 2001
From: david <david@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Sun, 14 Jun 2009 17:52:47 +0000
Subject: [PATCH] Do a print_debug in ssh2.lua when an incomplete packet is
 processed.

---
 nselib/ssh2.lua | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/nselib/ssh2.lua b/nselib/ssh2.lua
index 42f2af2b7..ca91c85a9 100644
--- a/nselib/ssh2.lua
+++ b/nselib/ssh2.lua
@@ -45,7 +45,13 @@ end
 transport.payload = function( packet )
   local packet_length, padding_length, payload_length, payload, offset
   offset, packet_length, padding_length = bin.unpack( ">Ic", packet )
+  assert(packet_length and padding_length)
   payload_length = packet_length - padding_length - 1
+  -- Add 4 for the packet_length field.
+  if packet_length + 4 > packet:len() then
+    stdnse.print_debug("SSH-2 packet too short: payload_length is %d but total length is only %d.", packet_length, packet:len())
+    return nil
+  end
   offset, payload = bin.unpack( ">A" .. payload_length, packet, offset )
   return payload
 end