Code cleanup

author: Luca Deri <deri@ntop.org> 2019-12-09 18:02:48 +0100
committer: Luca Deri <deri@ntop.org> 2019-12-09 18:02:48 +0100
commit: 6d7f3976f33b0d4fbbece60d6b7d549b13107674 (patch)
tree: 8a6c4f84d013d3b0eeeb76037c5fd8b4da0f2516 /src/lib/protocols/tls.c
parent: 65d526d8f6ae75f8d1a3f5c8dd19bf40ec03f320 (diff)
1 files changed, 10 insertions, 7 deletions
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index fb9ad4c45..f46686bb9 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -593,14 +593,17 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
 
 		      len = (packet->payload[offset+extension_offset+3] << 8) + packet->payload[offset+extension_offset+4];
 		      len = (u_int)ndpi_min(len, buffer_len-1);
-		      strncpy(buffer, (char*)&packet->payload[offset+extension_offset+5], len);
-		      buffer[len] = '\0';
 
-		      stripCertificateTrailer(buffer, buffer_len);
-
-		      if(!ndpi_struct->disable_metadata_export) {
-			snprintf(flow->protos.stun_ssl.ssl.client_certificate,
-				 sizeof(flow->protos.stun_ssl.ssl.client_certificate), "%s", buffer);
+		      if((offset+extension_offset+5+len) < packet->payload_packet_len) {
+			strncpy(buffer, (char*)&packet->payload[offset+extension_offset+5], len);
+			buffer[len] = '\0';
+			
+			stripCertificateTrailer(buffer, buffer_len);
+			
+			if(!ndpi_struct->disable_metadata_export) {
+			  snprintf(flow->protos.stun_ssl.ssl.client_certificate,
+				   sizeof(flow->protos.stun_ssl.ssl.client_certificate), "%s", buffer);
+			}
 		      }
 		    } else if(extension_id == 10 /* supported groups */) {
 		      u_int16_t s_offset = offset+extension_offset + 2;
author	Luca Deri <deri@ntop.org>	2019-12-09 18:02:48 +0100
committer	Luca Deri <deri@ntop.org>	2019-12-09 18:02:48 +0100
commit	6d7f3976f33b0d4fbbece60d6b7d549b13107674 (patch)
tree	8a6c4f84d013d3b0eeeb76037c5fd8b4da0f2516 /src/lib/protocols/tls.c
parent	65d526d8f6ae75f8d1a3f5c8dd19bf40ec03f320 (diff)