Fixed thunder protocol detection heap overflow caused by missing lengthcheck.

* triggered by fuzz traces from wireshark Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2020-07-08 00:21:00 +0200
committer: Toni Uhlig <matzeton@googlemail.com> 2020-07-08 00:21:00 +0200
commit: ccb30a04ad6f7b0e954549c3e961312b143bc511 (patch)
tree: 1009f114f6258f9dc8f5bf5d91c24897630ee42d /src/lib/protocols/thunder.c
parent: fb04dbbc47510a9dc87d302b9bbead33bfd0c508 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/lib/protocols/thunder.c b/src/lib/protocols/thunder.c
index 30194d153..4d477499d 100644
--- a/src/lib/protocols/thunder.c
+++ b/src/lib/protocols/thunder.c
@@ -118,6 +118,7 @@ void ndpi_int_search_thunder_tcp(struct ndpi_detection_module_struct
 	packet->content_line.len == 24 &&
 	memcmp(packet->content_line.ptr, "application/octet-stream",
 	       24) == 0 && packet->empty_line_position_set < (packet->payload_packet_len - 8)
+	&& packet->payload_packet_len > (packet->empty_line_position + 5)
 	&& packet->payload[packet->empty_line_position + 2] >= 0x30
 	&& packet->payload[packet->empty_line_position + 2] < 0x40
 	&& packet->payload[packet->empty_line_position + 3] == 0x00
author	Toni Uhlig <matzeton@googlemail.com>	2020-07-08 00:21:00 +0200
committer	Toni Uhlig <matzeton@googlemail.com>	2020-07-08 00:21:00 +0200
commit	ccb30a04ad6f7b0e954549c3e961312b143bc511 (patch)
tree	1009f114f6258f9dc8f5bf5d91c24897630ee42d /src/lib/protocols/thunder.c
parent	fb04dbbc47510a9dc87d302b9bbead33bfd0c508 (diff)