# HG changeset patch
# User Mads Kiilerich <mads@kiilerich.com>
# Date 2011-02-22 02:10:37
# Node ID 9f2c407caf348c613ff7b769af315f3ee9d5ebab
# Parent  e74fe15dc7fd2c242246b88367c052c358060eaa

changegroup: don't accept odd chunk headers

diff --git a/mercurial/changegroup.py b/mercurial/changegroup.py
--- a/mercurial/changegroup.py
+++ b/mercurial/changegroup.py
@@ -23,6 +23,8 @@ def getchunk(stream):
     d = readexactly(stream, 4)
     l = struct.unpack(">l", d)[0]
     if l <= 4:
+        if l:
+            raise util.Abort(_("invalid chunk length %d") % l)
         return ""
     return readexactly(stream, l - 4)
 
@@ -149,11 +151,15 @@ class unbundle10(object):
         return self._stream.close()
 
     def chunklength(self):
-        d = readexactly(self._stream, 4)
-        l = max(0, struct.unpack(">l", d)[0] - 4)
-        if l and self.callback:
+        d = readexactly(stream, 4)
+        l = struct.unpack(">l", d)[0]
+        if l <= 4:
+            if l:
+                raise util.Abort(_("invalid chunk length %d") % l)
+            return 0
+        if self.callback:
             self.callback()
-        return l
+        return l - 4
 
     def chunk(self):
         """return the next chunk from changegroup 'source' as a string"""