From c8cb9faf27cb984c9f36b87de00458ec1bcf0224 Mon Sep 17 00:00:00 2001
From: bol-van <none@none.none>
Date: Mon, 12 Jan 2026 16:51:24 +0300
Subject: [PATCH] AI inspired fix

---
 nfq/protocol.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/nfq/protocol.c b/nfq/protocol.c
index 6137d1a9..7b1ab6ee 100644
--- a/nfq/protocol.c
+++ b/nfq/protocol.c
@@ -803,6 +803,7 @@ bool QUICDecryptInitial(const uint8_t *data, size_t data_len, uint8_t *clean, si
 	if ((pn_offset + tvb_get_size(data[pn_offset])) >= data_len) return false;
 	pn_offset += tvb_get_varint(data + pn_offset, &token_len);
 	pn_offset += token_len;
+	if (pn_offset >= data_len) return false;
 	if ((pn_offset + tvb_get_size(data[pn_offset])) >= data_len) return false;
 	pn_offset += tvb_get_varint(data + pn_offset, &payload_len);
 	if (payload_len<20 || (pn_offset + payload_len)>data_len) return false;