Fix infinite loop in tls

author: Philippe Antoine <contact@catenacyber.fr> 2020-03-12 14:31:47 +0100
committer: Philippe Antoine <contact@catenacyber.fr> 2020-03-12 14:31:47 +0100
commit: 7806eb5f5b02fd78de1db20caeebc56088ebec3e (patch)
tree: 98d9edf7d15895b694f4752615c5aee617df9945 /src
parent: 9d1340a8e7fc38aa39d0d81b4dfb596095804ae1 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 3ec67f57f..8c351053a 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -1113,7 +1113,8 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
 
 		  s_offset++;
 		  
-		  for(j=0; j<version_len; j += 2) {
+		  // careful not to overflow and loop forever with u_int8_t
+		  for(j=0; j+1<version_len; j += 2) {
 		    u_int16_t tls_version = ntohs(*((u_int16_t*)&packet->payload[s_offset+j]));
 		    u_int8_t unknown_tls_version;
author	Philippe Antoine <contact@catenacyber.fr>	2020-03-12 14:31:47 +0100
committer	Philippe Antoine <contact@catenacyber.fr>	2020-03-12 14:31:47 +0100
commit	7806eb5f5b02fd78de1db20caeebc56088ebec3e (patch)
tree	98d9edf7d15895b694f4752615c5aee617df9945 /src
parent	9d1340a8e7fc38aa39d0d81b4dfb596095804ae1 (diff)