diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/ndpi_main.c | 5 | ||||
| -rw-r--r-- | src/lib/protocols/tls.c | 10 |
2 files changed, 11 insertions, 4 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 8aaee5b8f..b6e346d14 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -5038,8 +5038,6 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st if(flow->host_server_name[0] != '\0') { ndpi_protocol_match_result ret_match; - memset(&ret_match, 0, sizeof(ret_match)); - ndpi_match_host_subprotocol(ndpi_str, flow, (char *) flow->host_server_name, strlen((const char *) flow->host_server_name), &ret_match, NDPI_PROTOCOL_DNS); @@ -7110,6 +7108,8 @@ u_int16_t ndpi_match_host_subprotocol(struct ndpi_detection_module_struct *ndpi_ u_int16_t rc; ndpi_protocol_category_t id; + memset(ret_match, 0, sizeof(*ret_match)); + rc = ndpi_automa_match_string_subprotocol(ndpi_str, flow, string_to_match, string_to_match_len, master_protocol_id, ret_match); id = ret_match->protocol_category; @@ -7147,7 +7147,6 @@ int ndpi_match_hostname_protocol(struct ndpi_detection_module_struct *ndpi_struc else what = name, what_len = name_len; - memset(&ret_match, 0, sizeof(ret_match)); subproto = ndpi_match_host_subprotocol(ndpi_struct, flow, what, what_len, &ret_match, master_protocol); diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index 622fa678f..4815275d4 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -1718,6 +1718,14 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, checkExtensions(ndpi_struct, flow, is_dtls, extension_id, extension_len, offset + extension_offset); + if(offset + 4 + extension_len > total_len) { +#ifdef DEBUG_TLS + printf("[TLS] extension length %u too long (%u, offset %u)\n", + extension_len, total_len, offset); +#endif + break; + } + if((extension_id == 0) || (packet->payload[extn_off] != packet->payload[extn_off+1])) { /* Skip GREASE */ @@ -1957,7 +1965,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, printf("[SIGNATURE] [is_firefox_tls: %u][is_chrome_tls: %u][is_safari_tls: %u][duplicate_found: %u]\n", flow->protos.tls_quic.browser_heuristics.is_firefox_tls, flow->protos.tls_quic.browser_heuristics.is_chrome_tls, - flow->protos..tls_quic.browser_heuristics.is_safari_tls, + flow->protos.tls_quic.browser_heuristics.is_safari_tls, duplicate_found); #endif |