From 17cb9ccc4a1098798d1e749ad6fb678f9b9658c2 Mon Sep 17 00:00:00 2001
From: Vincent Bernardoff <vb@luminar.eu.org>
Date: Fri, 7 Oct 2016 13:46:58 +0200
Subject: [PATCH] do not accept negative buffer length

---
 src/node/net/netbits.ml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/node/net/netbits.ml b/src/node/net/netbits.ml
index 839f7e65a..494fa8644 100644
--- a/src/node/net/netbits.ml
+++ b/src/node/net/netbits.ml
@@ -194,7 +194,7 @@ let read descr limit =
          return None
        else
          let len = Int32.to_int (BE.get_int32 szbuf 0) + 4 in
-         if len > limit then
+         if len < 0 || len > limit then
            return None
          else
            let buf = MBytes.create len in