From e98fd68c3b74ecba39df862183a38bc392375cea Mon Sep 17 00:00:00 2001
From: Michael Heimpold <mhei@heimpold.de>
Date: Mon, 26 Jan 2015 22:29:50 +0100
Subject: [PATCH] modbus_send_raw_request: limit request length (fixes #207)

---
 src/modbus.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/modbus.c b/src/modbus.c
index 5477b3d..51c5cac 100644
--- a/src/modbus.c
+++ b/src/modbus.c
@@ -217,8 +217,10 @@ int modbus_send_raw_request(modbus_t *ctx, uint8_t *raw_req, int raw_req_length)
         return -1;
     }
 
-    if (raw_req_length < 2) {
-        /* The raw request must contain function and slave at least */
+    if (raw_req_length < 2 || raw_req_length > (MODBUS_MAX_PDU_LENGTH + 1)) {
+        /* The raw request must contain function and slave at least and
+           must not be longer than the maximum pdu length plus the slave
+           address. */
         errno = EINVAL;
         return -1;
     }
--
libgit2 0.21.4