aboutsummaryrefslogtreecommitdiff
path: root/src/lib/protocols/tls.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/protocols/tls.c')
-rw-r--r--src/lib/protocols/tls.c21
1 files changed, 11 insertions, 10 deletions
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 9d22a66db..ed92814d9 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -308,7 +308,11 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
#endif
offset += 2 + 1;
- extension_len = ntohs(*((u_int16_t*)&packet->payload[offset]));
+
+ if((offset + 1) < packet->payload_packet_len) /* +1 because we are goint to read 2 bytes */
+ extension_len = ntohs(*((u_int16_t*)&packet->payload[offset]));
+ else
+ extension_len = 0;
#ifdef DEBUG_TLS
printf("TLS [server][extension_len: %u]\n", extension_len);
@@ -870,7 +874,7 @@ int getSSCertificateFingerprint(struct ndpi_detection_module_struct *ndpi_struct
return(0); /* That's all */
} else if(flow->l4.tcp.tls_seen_certificate)
return(0); /* That's all */
- else if(packet->payload_packet_len > flow->l4.tcp.tls_record_offset+7) {
+ else if(packet->payload_packet_len > flow->l4.tcp.tls_record_offset+7+1/* +1 because we are going to read 2 bytes */) {
/* This is a handshake but not a certificate record */
u_int16_t len = ntohs(*(u_int16_t*)&packet->payload[flow->l4.tcp.tls_record_offset+7]);
@@ -1400,19 +1404,16 @@ void ndpi_search_tls_tcp_udp(struct ndpi_detection_module_struct *ndpi_struct,
u_int8_t ret, skip_cert_processing = 0;
#ifdef DEBUG_TLS
- printf("%s()\n", __FUNCTION__);
+ printf("==>> %u [len: %u][version: %u]\n",
+ flow->guessed_host_protocol_id,
+ packet->payload_packet_len,
+ flow->protos.stun_ssl.ssl.ssl_version);
#endif
if(packet->udp != NULL) {
/* DTLS dissector */
int rc = sslTryAndRetrieveServerCertificate(ndpi_struct, flow);
-
-#ifdef DEBUG_TLS
- printf("==>> %u [rc: %d][len: %u][%s][version: %u]\n",
- flow->guessed_host_protocol_id, rc, packet->payload_packet_len, flow->protos.stun_ssl.ssl.ja3_server,
- flow->protos.stun_ssl.ssl.ssl_version);
-#endif
-
+
if((rc == 0) && (flow->protos.stun_ssl.ssl.ssl_version != 0)) {
flow->guessed_protocol_id = NDPI_PROTOCOL_TLS;
Powered by cgit, Themed by Ted Yin.