From 083b1a3ca6021772bcbef1804196eb5c39af96d4 Mon Sep 17 00:00:00 2001
From: David <37376655+aliqued@users.noreply.github.com>
Date: Wed, 14 Mar 2018 16:55:46 +0000
Subject: [PATCH] Avoid infinite loop when decoding a wrong padded AVP (issue
 #134)

---
 .../org/jdiameter/client/impl/parser/ElementParser.java     | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/core/jdiameter/impl/src/main/java/org/jdiameter/client/impl/parser/ElementParser.java b/core/jdiameter/impl/src/main/java/org/jdiameter/client/impl/parser/ElementParser.java
index 80a4c35a6..a0ca72d23 100644
--- a/core/jdiameter/impl/src/main/java/org/jdiameter/client/impl/parser/ElementParser.java
+++ b/core/jdiameter/impl/src/main/java/org/jdiameter/client/impl/parser/ElementParser.java
@@ -297,9 +297,11 @@ public AvpSetImpl decodeAvpSet(byte[] buffer, int shift) throws IOException, Avp
       // skip remaining.
       // TODO: Do we need to padd everything? Or on send stack should properly fill byte[] ... ?
       if (length % 4 != 0) {
-        for (int i; length % 4 != 0; length += i) {
-          i = (int) in.skip((4 - length % 4));
+        int paddingBytes = 4 - length % 4;
+        if ((int) in.skip(paddingBytes) < paddingBytes) {
+          throw new AvpDataException("Not enough data in buffer (padding bytes)!");
         }
+        length += paddingBytes;
       }
       AvpImpl avp = new AvpImpl(code, (short) flags, (int) vendor, rawData);
       avps.addAvp(avp);