diff options
| author | Luca Deri <deri@ntop.org> | 2016-06-14 20:25:23 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2016-06-14 20:25:23 +0200 |
| commit | 6c83cd627f13649a62dc9d5821fb5a0397951b81 (patch) | |
| tree | e57f4b365b052107d2b202fa5af485a9fd5f61e2 /src | |
| parent | ed09d78ed9a9b52dc655559c9019e929c7967f39 (diff) | |
Enhanced string boundary check to avoid crashes with malformed packets
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/protocols/dns.c | 8 | ||||
| -rw-r--r-- | src/lib/protocols/netbios.c | 2 |
2 files changed, 6 insertions, 4 deletions
diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c index 4c7f315c3..f95ebbc36 100644 --- a/src/lib/protocols/dns.c +++ b/src/lib/protocols/dns.c @@ -185,15 +185,17 @@ void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, struct nd } /* extract host name server */ - int j = 0, off = sizeof(struct ndpi_dns_packet_header) + 1; + int j = 0, max_len = sizeof(flow->host_server_name)-1, off = sizeof(struct ndpi_dns_packet_header) + 1; while(flow->packet.payload[off] != '\0' && off < flow->packet.payload_packet_len) { flow->host_server_name[j] = flow->packet.payload[off]; - if(j < strlen((char*)flow->host_server_name)) { + if(j < max_len) { if(flow->host_server_name[j] < ' ') flow->host_server_name[j] = '.'; j++; - } + } else + break; + off++; } flow->host_server_name[j] = '\0'; diff --git a/src/lib/protocols/netbios.c b/src/lib/protocols/netbios.c index 9c2283a81..ca649782b 100644 --- a/src/lib/protocols/netbios.c +++ b/src/lib/protocols/netbios.c @@ -324,7 +324,7 @@ void ndpi_search_netbios(struct ndpi_detection_module_struct *ndpi_struct, struc NDPI_LOG_DEBUG, "found netbios with checked ip-address.\n"); if(netbios_name_interpret((char*)&packet->payload[12], name, sizeof(name)) > 0) - snprintf((char*)flow->host_server_name, sizeof(flow->host_server_name), "%s", name); + snprintf((char*)flow->host_server_name, sizeof(flow->host_server_name)-1, "%s", name); ndpi_int_netbios_add_connection(ndpi_struct, flow); return; |