From 9b54a72bb8da61c1ed3b2d9118099b62a1ced23a Mon Sep 17 00:00:00 2001
From: Joel Smith <joelsmith@redhat.com>
Date: Tue, 20 Apr 2021 23:31:12 -0600
Subject: [PATCH] Additional CVE-2021-3121 fix

---
 .../src/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go b/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go
index f89ca163cd3..3e0cdb10d40 100644
--- a/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go
+++ b/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go
@@ -166,7 +166,7 @@ func (m *Quantity) Unmarshal(data []byte) error {
 			if err != nil {
 				return err
 			}
-			if skippy < 0 {
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if (iNdEx + skippy) > l {