From 72bcc8a926f518a1dfba4255ec2bee196d53fde0 Mon Sep 17 00:00:00 2001
From: Peter Conrad <conrad@quisquis.de>
Date: Sat, 18 Aug 2018 21:24:58 +0200
Subject: [PATCH] Fix #993 - limit unpacking length of signed_int and
 unsigned_int

---
 include/fc/io/raw.hpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/fc/io/raw.hpp b/include/fc/io/raw.hpp
index 8bd0163..e254cd3 100644
--- a/include/fc/io/raw.hpp
+++ b/include/fc/io/raw.hpp
@@ -184,7 +184,7 @@ namespace fc {
         s.get(b);
         v |= uint32_t(uint8_t(b) & 0x7f) << by;
         by += 7;
-      } while( uint8_t(b) & 0x80 );
+      } while( (uint8_t(b) & 0x80) && by < 32 );
       vi.value = ((v>>1) ^ (v>>31)) + (v&0x01);
       vi.value = v&0x01 ? vi.value : -vi.value;
       vi.value = -vi.value;
@@ -195,7 +195,7 @@ namespace fc {
           s.get(b);
           v |= uint64_t(uint8_t(b) & 0x7f) << by;
           by += 7;
-      } while( uint8_t(b) & 0x80 );
+      } while( (uint8_t(b) & 0x80) && by < 64 );
       vi.value = static_cast<uint64_t>(v);
     }