diff options
| author | Luca Deri <lucaderi@users.noreply.github.com> | 2020-06-28 07:28:55 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-28 07:28:55 +0200 |
| commit | 1010520cc46dc18972c8cb79a679d8edddda47e2 (patch) | |
| tree | 42bad76cfd6a108a23c8a9c5cd4262a2adcc69c3 | |
| parent | ff67e091010443bcdff65cc73b45bf5e579c8dbb (diff) | |
| parent | fbfa54eee65b453ec33876354b9e6279120af900 (diff) | |
Merge pull request #936 from lnslbrty/fix/h323-off-by-one
Fixed off-by-one error in h323.
| -rw-r--r-- | src/lib/protocols/h323.c | 2 | ||||
| -rw-r--r-- | tests/pcap/h323-overflow.pcap | bin | 0 -> 98 bytes | |||
| -rw-r--r-- | tests/result/h323-overflow.pcap.out | 3 |
3 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/protocols/h323.c b/src/lib/protocols/h323.c index 13ec9d364..1d70a8cec 100644 --- a/src/lib/protocols/h323.c +++ b/src/lib/protocols/h323.c @@ -33,7 +33,7 @@ void ndpi_search_h323(struct ndpi_detection_module_struct *ndpi_struct, struct n NDPI_LOG_DBG2(ndpi_struct, "calculated dport over tcp\n"); /* H323 */ - if(packet->payload_packet_len >= 4 + if(packet->payload_packet_len > 4 && (packet->payload[0] == 0x03) && (packet->payload[1] == 0x00)) { struct tpkt *t = (struct tpkt*)packet->payload; diff --git a/tests/pcap/h323-overflow.pcap b/tests/pcap/h323-overflow.pcap Binary files differnew file mode 100644 index 000000000..f6af70ecc --- /dev/null +++ b/tests/pcap/h323-overflow.pcap diff --git a/tests/result/h323-overflow.pcap.out b/tests/result/h323-overflow.pcap.out new file mode 100644 index 000000000..2a1d8e7e0 --- /dev/null +++ b/tests/result/h323-overflow.pcap.out @@ -0,0 +1,3 @@ +HTTP 1 58 1 + + 1 TCP 192.168.1.1:31337 -> 192.168.1.2:80 [proto: 7/HTTP][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 7/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |