Account for the size of packet length and ID in validation functions.

src/CNProtocol.hpp

@@ -75,14 +75,14 @@ inline void* xmalloc(size_t sz) {
 // for outbound packets
 inline bool validOutVarPacket(size_t base, int32_t npayloads, size_t plsize) {
     // check for multiplication overflow
-    if (npayloads > 0 && CN_PACKET_BUFFER_SIZE / (size_t)npayloads < plsize)
+    if (npayloads > 0 && (CN_PACKET_BUFFER_SIZE - 8) / (size_t)npayloads < plsize)
         return false;
 
     // it's safe to multiply
     size_t trailing = npayloads * plsize;
 
     // does it fit in a packet?
-    if (base + trailing > CN_PACKET_BUFFER_SIZE)
+    if (base + trailing > CN_PACKET_BUFFER_SIZE - 8)
         return false;
 
     // everything is a-ok!
@@ -92,7 +92,7 @@ inline bool validOutVarPacket(size_t base, int32_t npayloads, size_t plsize) {
 // for inbound packets
 inline bool validInVarPacket(size_t base, int32_t npayloads, size_t plsize, size_t datasize) {
     // check for multiplication overflow
-    if (npayloads > 0 && CN_PACKET_BUFFER_SIZE / (size_t)npayloads < plsize)
+    if (npayloads > 0 && (CN_PACKET_BUFFER_SIZE - 8) / (size_t)npayloads < plsize)
         return false;
 
     // it's safe to multiply