From a80ea644292d7cea1c50e81ac3d2b8175aa77470 Mon Sep 17 00:00:00 2001
From: zzz <zzz@i2pmail.org>
Date: Tue, 25 Feb 2025 07:16:08 -0500
Subject: [PATCH] Streaming: Prevent AIOOBE when verifying large signed packets

(prep for PQ)
---
 .../java/src/net/i2p/client/streaming/impl/Packet.java          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/streaming/java/src/net/i2p/client/streaming/impl/Packet.java b/apps/streaming/java/src/net/i2p/client/streaming/impl/Packet.java
index 47850b429c..00e2c0ba45 100644
--- a/apps/streaming/java/src/net/i2p/client/streaming/impl/Packet.java
+++ b/apps/streaming/java/src/net/i2p/client/streaming/impl/Packet.java
@@ -792,7 +792,7 @@ class Packet {
         
         int size = writtenSize();
         
-        if (buffer == null)
+        if (buffer == null || size > buffer.length)
             buffer = new byte[size];
         if (isFlagSet(FLAG_SIGNATURE_OFFLINE)) {
             if (_transientExpires < ctx.clock().now()) {
-- 
GitLab