Added TLS bounadry check

author: Luca Deri <deri@ntop.org> 2020-06-07 09:25:19 +0200
committer: Luca Deri <deri@ntop.org> 2020-06-07 09:25:19 +0200
commit: 1479c0a2789f94e5adcebfd8cea99a8a1461f820 (patch)
tree: 3edf0e7a8daa528d921fc4cc43b247a2a9c596d3 /src
parent: 43ddbfdfba9ea16502dd7401aef3a55f36ccb0d5 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 4f395a34d..1abf494d5 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -315,7 +315,7 @@ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi
 
       if((offset+len) < packet->payload_packet_len) {
 	char utcDate[32];
-
+	
 #ifdef DEBUG_TLS
 	u_int j;
 	
@@ -678,7 +678,7 @@ static int ndpi_search_tls_tcp(struct ndpi_detection_module_struct *ndpi_struct,
 	break;
       }
 
-      packet->payload = block, packet->payload_packet_len = block_len+4;
+      packet->payload = block, packet->payload_packet_len = ndpi_min(block_len+4, flow->l4.tcp.tls.message.buffer_used);
 
       if((processed+packet->payload_packet_len) > len) {
 	something_went_wrong = 1;
author	Luca Deri <deri@ntop.org>	2020-06-07 09:25:19 +0200
committer	Luca Deri <deri@ntop.org>	2020-06-07 09:25:19 +0200
commit	1479c0a2789f94e5adcebfd8cea99a8a1461f820 (patch)
tree	3edf0e7a8daa528d921fc4cc43b247a2a9c596d3 /src
parent	43ddbfdfba9ea16502dd7401aef3a55f36ccb0d5 (diff)