Merge pull request #173 from theirix/buffer-overflows

Fixed multiple buffer overflows
author: Michele Campus <fci1908@gmail.com> 2016-04-12 23:41:02 +0200
committer: Michele Campus <fci1908@gmail.com> 2016-04-12 23:41:02 +0200
commit: da811fbdd0023a0a3dc3f810029ef92e83e1f781 (patch)
tree: 5e75a520f4c2f12ab85b22914f15c8f0857f132e /src/lib/protocols/gnutella.c
parent: 885cc3864eccaa0eaadff7233f5a6a94c4239e24 (diff)
parent: d7a2515093ce64d29020c0768956c6ead1ae23da (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/protocols/gnutella.c b/src/lib/protocols/gnutella.c
index 09d4d0852..e45096391 100644
--- a/src/lib/protocols/gnutella.c
+++ b/src/lib/protocols/gnutella.c
@@ -294,7 +294,7 @@ void ndpi_search_gnutella(struct ndpi_detection_module_struct *ndpi_struct, stru
       return;
     }
 
-    if (memcmp(packet->payload, "GND", 3) == 0) {
+    if (packet->payload_packet_len >= 3 && memcmp(packet->payload, "GND", 3) == 0) {
       if ((packet->payload_packet_len == 8 && (memcmp(&packet->payload[6], "\x01\x00", 2) == 0))
 	  || (packet->payload_packet_len == 11 && (memcmp(&packet->payload[6], "\x01\x01\x08\x50\x49", 5)
 						   == 0)) || (packet->payload_packet_len == 17
author	Michele Campus <fci1908@gmail.com>	2016-04-12 23:41:02 +0200
committer	Michele Campus <fci1908@gmail.com>	2016-04-12 23:41:02 +0200
commit	da811fbdd0023a0a3dc3f810029ef92e83e1f781 (patch)
tree	5e75a520f4c2f12ab85b22914f15c8f0857f132e /src/lib/protocols/gnutella.c
parent	885cc3864eccaa0eaadff7233f5a6a94c4239e24 (diff)
parent	d7a2515093ce64d29020c0768956c6ead1ae23da (diff)