From d93de7cfd0673ce0c12469455e9d840730e0b386 Mon Sep 17 00:00:00 2001
From: Lucas Clemente <lucas@clemente.io>
Date: Wed, 17 Aug 2016 11:39:57 +0200
Subject: [PATCH] do some consistency checks before accessing slices in stream

This is a workaround for the security part of #293.
---
 stream.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/stream.go b/stream.go
index ca963d2ae..523236017 100644
--- a/stream.go
+++ b/stream.go
@@ -1,6 +1,7 @@
 package quic
 
 import (
+	"fmt"
 	"io"
 	"sync"
 	"sync/atomic"
@@ -97,6 +98,13 @@ func (s *stream) Read(p []byte) (int, error) {
 		}
 
 		m := utils.Min(len(p)-bytesRead, int(frame.DataLen())-s.readPosInFrame)
+
+		if bytesRead > len(p) {
+			return bytesRead, fmt.Errorf("BUG: bytesRead (%d) > len(p) (%d) in stream.Read", bytesRead, len(p))
+		}
+		if s.readPosInFrame > int(frame.DataLen()) {
+			return bytesRead, fmt.Errorf("BUG: readPosInFrame (%d) > frame.DataLen (%d) in stream.Read", s.readPosInFrame, frame.DataLen())
+		}
 		copy(p[bytesRead:], frame.Data[s.readPosInFrame:])
 
 		s.readPosInFrame += m