diff options
| author | Philippe Antoine <contact@catenacyber.fr> | 2019-12-18 13:48:33 +0100 |
|---|---|---|
| committer | Philippe Antoine <contact@catenacyber.fr> | 2019-12-18 13:48:33 +0100 |
| commit | 843204299c79c55c736231c06db98def2b3a6bba (patch) | |
| tree | 79e0b1f0ff1374098dbfe93841a45dafad4e5822 /src/lib/protocols/stun.c | |
| parent | 09cd95d54ab5141795a0653b1f6a6149725dbbf7 (diff) | |
Fix read buffer overflow in stun
Diffstat (limited to 'src/lib/protocols/stun.c')
| -rw-r--r-- | src/lib/protocols/stun.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c index d5114204f..cc38722e0 100644 --- a/src/lib/protocols/stun.c +++ b/src/lib/protocols/stun.c @@ -314,7 +314,7 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct * https://en.wikipedia.org/wiki/Skype_for_Business */ - while((offset+2) < payload_length) { + while((offset+4) < payload_length) { u_int16_t attribute = ntohs(*((u_int16_t*)&payload[offset])); u_int16_t len = ntohs(*((u_int16_t*)&payload[offset+2])); u_int16_t x = (len + 4) % 4; |