From 6ab2ad92104e62a1407592d14b12db64ad484b0c Mon Sep 17 00:00:00 2001
From: Daniel Markstedt <daniel@mindani.net>
Date: Thu, 7 May 2026 20:54:27 +0200
Subject: [PATCH] CVE-2026-44060: libatalk/dsi: fix write underflow in
 dsi_writeinit

Reported-by: @00redbeer
Signed-off-by: Daniel Markstedt <daniel@mindani.net>
---
 libatalk/dsi/dsi_write.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libatalk/dsi/dsi_write.c b/libatalk/dsi/dsi_write.c
index 5f1df2b51..ee76408e1 100644
--- a/libatalk/dsi/dsi_write.c
+++ b/libatalk/dsi/dsi_write.c
@@ -26,6 +26,11 @@
 size_t dsi_writeinit(DSI *dsi, void *buf, const size_t buflen)
 {
     size_t bytes = 0;
+
+    if (ntohl(dsi->header.dsi_len) < dsi->header.dsi_data.dsi_doff) {
+        return 0;
+    }
+
     dsi->datasize = ntohl(dsi->header.dsi_len) - dsi->header.dsi_data.dsi_doff;
 
     if (dsi->eof > dsi->start) {