Merge pull request #846 from catenacyber/fuzzofix

Fix various buffer over reads
author: Luca Deri <lucaderi@users.noreply.github.com> 2020-02-19 22:55:18 +0100
committer: GitHub <noreply@github.com> 2020-02-19 22:55:18 +0100
commit: 080e23e30ebc1940be5f503b84cb397fea1323cb (patch)
tree: caa75d20f0f3bdd1a6b8f2402e0670f1b18d31af /src/lib/protocols/oscar.c
parent: edce5a8c1fbdf7fd7362e4ca3b44da52356487fc (diff)
parent: ee979ac14ab8ff477ac9b331f60fd686d21bb548 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/protocols/oscar.c b/src/lib/protocols/oscar.c
index a24b9441e..cba0c3bcc 100644
--- a/src/lib/protocols/oscar.c
+++ b/src/lib/protocols/oscar.c
@@ -137,7 +137,7 @@ static void ndpi_search_oscar_tcp_connect(struct ndpi_detection_module_struct
 	 + TLVs         | [Class: FLAP__SIGNON_TAGS] TLVs   +
 	 +--------------------------------------------------+
       */
-      if(channel == SIGNON &&
+      if(channel == SIGNON && packet->payload_packet_len >= 10 &&
 	  get_u_int16_t(packet->payload, 4) == htons(packet->payload_packet_len - 6) &&
 	  get_u_int32_t(packet->payload, 6) == htonl(FLAPVERSION))
 	{
author	Luca Deri <lucaderi@users.noreply.github.com>	2020-02-19 22:55:18 +0100
committer	GitHub <noreply@github.com>	2020-02-19 22:55:18 +0100
commit	080e23e30ebc1940be5f503b84cb397fea1323cb (patch)
tree	caa75d20f0f3bdd1a6b8f2402e0670f1b18d31af /src/lib/protocols/oscar.c
parent	edce5a8c1fbdf7fd7362e4ca3b44da52356487fc (diff)
parent	ee979ac14ab8ff477ac9b331f60fd686d21bb548 (diff)