TLS: fix another interger overflow in certificate processing (#1915)

author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2023-03-30 05:12:40 +0200
committer: GitHub <noreply@github.com> 2023-03-30 05:12:40 +0200
commit: 6e0cd162254e54ee2ca349455f39786fe039b811 (patch)
tree: 374c2747ffa149c2e2afe117b53c3e5715f5d6b9 /src/lib/protocols/tls.c
parent: 9ea8a5783950d6697da9a771c62ccc7bec5e682b (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index d3873ab98..8e3fbedb8 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -673,7 +673,7 @@ void processCertificateElements(struct ndpi_detection_module_struct *ndpi_struct
 		    if(flow->protos.tls_quic.server_names == NULL)
 		      flow->protos.tls_quic.server_names = ndpi_strdup(dNSName),
 			flow->protos.tls_quic.server_names_len = strlen(dNSName);
-		    else {
+		    else if((u_int16_t)(flow->protos.tls_quic.server_names_len + dNSName_len + 1) > flow->protos.tls_quic.server_names_len) {
 		      u_int16_t newstr_len = flow->protos.tls_quic.server_names_len + dNSName_len + 1;
 		      char *newstr = (char*)ndpi_realloc(flow->protos.tls_quic.server_names,
 							 flow->protos.tls_quic.server_names_len+1, newstr_len+1);
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2023-03-30 05:12:40 +0200
committer	GitHub <noreply@github.com>	2023-03-30 05:12:40 +0200
commit	6e0cd162254e54ee2ca349455f39786fe039b811 (patch)
tree	374c2747ffa149c2e2afe117b53c3e5715f5d6b9 /src/lib/protocols/tls.c
parent	9ea8a5783950d6697da9a771c62ccc7bec5e682b (diff)