diff options
| author | Luca Deri <deri@ntop.org> | 2021-10-20 22:07:47 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2021-10-20 22:07:47 +0200 |
| commit | c3d1c69722f31791ad718bfe3a265c0df22b9997 (patch) | |
| tree | edff9420ec948445ce85a4a592ccb32e009ab36c /src/lib/protocols/tls.c | |
| parent | 8db8c8ae34da09dd09453c312fe9ebdac897f73d (diff) | |
Fixed heap-buffer-overflow in TLS dissector
Diffstat (limited to 'src/lib/protocols/tls.c')
| -rw-r--r-- | src/lib/protocols/tls.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index 1a849b2cb..bfff42033 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -1536,7 +1536,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, if((cipher_offset+cipher_len) <= total_len) { u_int8_t safari_ciphers = 0, chrome_ciphers = 0, this_is_not_safari = 0, looks_like_safari_on_big_sur = 0; - for(i=0; i<cipher_len;) { + for(i=0; i<cipher_len-1;) { u_int16_t *id = (u_int16_t*)&packet->payload[cipher_offset+i]; u_int16_t cipher_id = ntohs(*id); |