Fixed heap overflow caused by missing lengthcheck in reader uutil.

* triggered by fuzz traces from wireshark Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2020-07-06 23:30:40 +0200
committer: Toni Uhlig <matzeton@googlemail.com> 2020-07-06 23:30:40 +0200
commit: de25ba7d0b690c77ac5aa9ffba6ab107c033759f (patch)
tree: 77c316e4fae2220e0fdd52b3dfa737aca152ba2f /example
parent: 055422503c13ef9ed0666e4c95aad30a6b298bae (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/example/reader_util.c b/example/reader_util.c
index 508777ec2..94d5188ad 100644
--- a/example/reader_util.c
+++ b/example/reader_util.c
@@ -1719,7 +1719,7 @@ struct ndpi_proto ndpi_workflow_process_packet(struct ndpi_workflow * workflow,
     workflow->stats.mpls_count++;
     type = ETH_P_IP, ip_offset += 4;
 
-    while(!mpls.mpls.s) {
+    while(!mpls.mpls.s && (((bpf_u_int32)ip_offset) + 4 < header->caplen)) {
       mpls.u32 = *((uint32_t *) &packet[ip_offset]);
       mpls.u32 = ntohl(mpls.u32);
       ip_offset += 4;
author	Toni Uhlig <matzeton@googlemail.com>	2020-07-06 23:30:40 +0200
committer	Toni Uhlig <matzeton@googlemail.com>	2020-07-06 23:30:40 +0200
commit	de25ba7d0b690c77ac5aa9ffba6ab107c033759f (patch)
tree	77c316e4fae2220e0fdd52b3dfa737aca152ba2f /example
parent	055422503c13ef9ed0666e4c95aad30a6b298bae (diff)