TLS: fix some use-of-uninitialized-value errors in ClientHello parsing (#1169)

Error detected with valgrind. ==125883== Conditional jump or move depends on uninitialised value(s) ==125883== at 0x438F57: processClientServerHello (tls.c:1421) ==125883== by 0x43B35A: processTLSBlock (tls.c:712) ==125883== by 0x43B1C4: ndpi_search_tls_tcp (tls.c:849) ==125883== by 0x42C60B: check_ndpi_detection_func (ndpi_main.c:4426) ==125883== by 0x42E920: ndpi_detection_process_packet (ndpi_main.c:5301) ==125916== Conditional jump or move depends on uninitialised value(s) ==125916== at 0x438D7D: processClientServerHello (tls.c:1379) ==125916== by 0x43B35A: processTLSBlock (tls.c:712) ==125916== by 0x43B1C4: ndpi_search_tls_tcp (tls.c:849) ==125916== by 0x42C60B: check_ndpi_detection_func (ndpi_main.c:4426) ==125932== Conditional jump or move depends on uninitialised value(s) ==125932== at 0x438C1D: processClientServerHello (tls.c:1298) ==125932== by 0x43B35A: processTLSBlock (tls.c:712) ==125932== by 0x43B1C4: ndpi_search_tls_tcp (tls.c:849) ==125932== by 0x42C60B: check_ndpi_detection_func (ndpi_main.c:4426) ==125950== Conditional jump or move depends on uninitialised value(s) ==125950== at 0x438D4F: processClientServerHello (tls.c:1371) ==125950== by 0x43B35A: processTLSBlock (tls.c:712) ==125950== by 0x43B1C4: ndpi_search_tls_tcp (tls.c:849) ==125950== by 0x42C079: check_ndpi_detection_func (ndpi_main.c:4443)
author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2021-04-18 21:38:01 +0200
committer: GitHub <noreply@github.com> 2021-04-18 21:38:01 +0200
commit: 8c3674e9a30a0870effdb4c7eb5ad792f7ba6b6a (patch)
tree: 6c5b0f8863fc7a4a8a05381755fee2c431261f71 /tests
parent: 9ca62ed7acc3e10fe00d2d0e2c4e921948cda52c (diff)
2 files changed, 8 insertions, 0 deletions
diff --git a/tests/pcap/tls_invalid_reads.pcap b/tests/pcap/tls_invalid_reads.pcap
new file mode 100644
index 000000000..4979428be
--- /dev/null
+++ b/tests/pcap/tls_invalid_reads.pcap
diff --git a/tests/result/tls_invalid_reads.pcap.out b/tests/result/tls_invalid_reads.pcap.out
new file mode 100644
index 000000000..ecfed29e5
--- /dev/null
+++ b/tests/result/tls_invalid_reads.pcap.out
@@ -0,0 +1,8 @@
+TLS	8	1891	2
+
+JA3 Host Stats: 
+		 IP Address                  	 # JA3C     
+
+
+	1	TCP 192.168.10.101:3967 <-> 206.33.61.113:443 [proto: 91/TLS][cat: Web/5][4 pkts/330 bytes <-> 3 pkts/1497 bytes][Goodput ratio: 31/89][0.08 sec][bytes ratio: -0.639 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/38 25/19 58/38 24/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 82/499 156/905 43/346][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][JA3S: 53611273a714cb4789c8222932efd5a7 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5][Plen Bins: 0,0,0,33,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	2	TCP 74.80.160.99:3258 -> 67.217.77.28:443 [proto: 91/TLS][cat: Web/5][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 15/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2021-04-18 21:38:01 +0200
committer	GitHub <noreply@github.com>	2021-04-18 21:38:01 +0200
commit	8c3674e9a30a0870effdb4c7eb5ad792f7ba6b6a (patch)
tree	6c5b0f8863fc7a4a8a05381755fee2c431261f71 /tests
parent	9ca62ed7acc3e10fe00d2d0e2c4e921948cda52c (diff)