diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-05-05 17:27:29 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-05 17:27:29 +0200 |
| commit | a1845da3594c080bc59318ea9b465e15f0c5012c (patch) | |
| tree | e06b7f5c082fa8fd906c5997e1d69504056321f4 /src/lib/protocols | |
| parent | a6fd981fcf40a8cff5a6dd7c1af57e50053186b6 (diff) | |
TLS: fix Ja4 fingerprint computation (#2419)
The new values has been checked against the ones reported by Wireshark.
Found while fixing a Use-of-uninitialized-value error reported by
oss-fuzz
```
==7582==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x5a6549abc368 in ndpi_compute_ja4 ndpi/src/lib/protocols/tls.c:1762:10
#1 0x5a6549ab88a0 in processClientServerHello ndpi/src/lib/protocols/tls.c:2863:10
#2 0x5a6549ac1452 in processTLSBlock ndpi/src/lib/protocols/tls.c:909:5
#3 0x5a6549abf588 in ndpi_search_tls_tcp ndpi/src/lib/protocols/tls.c:1098:2
#4 0x5a65499c53ec in check_ndpi_detection_func ndpi/src/lib/ndpi_main.c:7215:6
```
See: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68449&q=ndpi&can=1&sort=-id
Diffstat (limited to 'src/lib/protocols')
| -rw-r--r-- | src/lib/protocols/tls.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index 0dd7ddd83..975d7a8c6 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -2417,9 +2417,9 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, s_offset += 2; tot_signature_algorithms_len = ndpi_min((sizeof(ja.client.signature_algorithms_str) / 2) - 1, tot_signature_algorithms_len); +#ifdef TLS_HANDLE_SIGNATURE_ALGORITMS size_t sa_size = ndpi_min(tot_signature_algorithms_len / 2, MAX_NUM_TLS_SIGNATURE_ALGORITHMS); -#ifdef TLS_HANDLE_SIGNATURE_ALGORITMS if (s_offset + 2 * sa_size <= packet->payload_packet_len) { flow->protos.tls_quic.num_tls_signature_algorithms = sa_size; memcpy(flow->protos.tls_quic.client_signature_algorithms, @@ -2427,10 +2427,10 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, } #endif - ja.client.num_signature_algorithms = ndpi_min(sa_size, MAX_NUM_JA); for(i=0, id=0; i<tot_signature_algorithms_len && s_offset+i+1<total_len; i += 2) { ja.client.signature_algorithms[id++] = ntohs(*(u_int16_t*)&packet->payload[s_offset+i]); } + ja.client.num_signature_algorithms = id; for(i=0, id=0; i<tot_signature_algorithms_len && s_offset+i+1<total_len; i++) { int rc = ndpi_snprintf(&ja.client.signature_algorithms_str[i*2], |