aboutsummaryrefslogtreecommitdiff
path: root/src/lib/protocols
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/protocols')
-rw-r--r--src/lib/protocols/git.c7
-rw-r--r--src/lib/protocols/tls.c2
2 files changed, 6 insertions, 3 deletions
diff --git a/src/lib/protocols/git.c b/src/lib/protocols/git.c
index 22fc6f76e..2d194be81 100644
--- a/src/lib/protocols/git.c
+++ b/src/lib/protocols/git.c
@@ -47,8 +47,11 @@ void ndpi_search_git(struct ndpi_detection_module_struct *ndpi_struct,
u_int32_t git_pkt_len;
memcpy(&len, &pp[offset], 4), len[4] = 0;
- sscanf(len, "%x", &git_pkt_len);
-
+ if(sscanf(len, "%x", &git_pkt_len) != 1) {
+ found_git = 0;
+ break;
+ }
+
if((payload_len < git_pkt_len) || (git_pkt_len == 0 /* Bad */)) {
found_git = 0;
break;
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index aafa89048..6be5740e0 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -1951,7 +1951,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
printf("Client TLS [SIGNATURE_ALGORITHMS: %s]\n", ja3.client.signature_algorithms);
#endif
} else if(extension_id == 16 /* application_layer_protocol_negotiation */ &&
- offset+extension_offset < total_len) {
+ offset+extension_offset+1 < total_len) {
u_int16_t s_offset = offset+extension_offset;
u_int16_t tot_alpn_len = ntohs(*((u_int16_t*)&packet->payload[s_offset]));
char alpn_str[256];
Powered by cgit, Themed by Ted Yin.