diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2022-02-22 19:58:17 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-02-22 19:58:17 +0100 |
| commit | 96f8942f75f6f489312779a0c5ec22b7520319ca (patch) | |
| tree | 376bcc7a60db91c18a442befd0eb694dbfc4c7dd | |
| parent | 279779062c5df0ef5780ed3dfadf87b606adaa71 (diff) | |
reader_util: fix parsing of IPv6 extension headers (#1453)
Found by oss-fuzz
See: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44942
| -rw-r--r-- | example/reader_util.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/example/reader_util.c b/example/reader_util.c index 6b22ef9cc..aa95fb02c 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -984,6 +984,8 @@ static struct ndpi_flow_info *get_ndpi_flow_info6(struct ndpi_workflow * workflo u_int8_t l4proto = iph6->ip6_hdr.ip6_un1_nxt; u_int16_t ip_len = ntohs(iph6->ip6_hdr.ip6_un1_plen); const u_int8_t *l4ptr = (((const u_int8_t *) iph6) + sizeof(struct ndpi_ipv6hdr)); + if(ipsize < sizeof(struct ndpi_ipv6hdr) + ip_len) + return(NULL); if(ndpi_handle_ipv6_extension_headers(ipsize - sizeof(struct ndpi_ipv6hdr), &l4ptr, &ip_len, &l4proto) != 0) { return(NULL); } |