diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2020-06-27 22:58:05 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2020-06-27 22:58:05 +0200 |
| commit | fbfa54eee65b453ec33876354b9e6279120af900 (patch) | |
| tree | 4fdf8e0e2bde22f4cbd33511fdfa44e0f6af927c | |
| parent | 243104a8c254cd79e84bfb6829a840af9cded54d (diff) | |
Fixed off-by-one error in h323.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
| -rw-r--r-- | src/lib/protocols/h323.c | 2 | ||||
| -rw-r--r-- | tests/pcap/h323-overflow.pcap | bin | 0 -> 98 bytes | |||
| -rw-r--r-- | tests/result/h323-overflow.pcap.out | 3 |
3 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/protocols/h323.c b/src/lib/protocols/h323.c index 13ec9d364..1d70a8cec 100644 --- a/src/lib/protocols/h323.c +++ b/src/lib/protocols/h323.c @@ -33,7 +33,7 @@ void ndpi_search_h323(struct ndpi_detection_module_struct *ndpi_struct, struct n NDPI_LOG_DBG2(ndpi_struct, "calculated dport over tcp\n"); /* H323 */ - if(packet->payload_packet_len >= 4 + if(packet->payload_packet_len > 4 && (packet->payload[0] == 0x03) && (packet->payload[1] == 0x00)) { struct tpkt *t = (struct tpkt*)packet->payload; diff --git a/tests/pcap/h323-overflow.pcap b/tests/pcap/h323-overflow.pcap Binary files differnew file mode 100644 index 000000000..f6af70ecc --- /dev/null +++ b/tests/pcap/h323-overflow.pcap diff --git a/tests/result/h323-overflow.pcap.out b/tests/result/h323-overflow.pcap.out new file mode 100644 index 000000000..2a1d8e7e0 --- /dev/null +++ b/tests/result/h323-overflow.pcap.out @@ -0,0 +1,3 @@ +HTTP 1 58 1 + + 1 TCP 192.168.1.1:31337 -> 192.168.1.2:80 [proto: 7/HTTP][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 7/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |