From 418ea234ae31ed9e9d9c60994d0c99022fc38a54 Mon Sep 17 00:00:00 2001
From: Philippe Antoine <contact@catenacyber.fr>
Date: Mon, 3 Feb 2020 22:38:31 +0100
Subject: Adds missing checks

Found by fuzzing
---
 example/reader_util.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'example')

diff --git a/example/reader_util.c b/example/reader_util.c
index 2236f79d3..53013df0d 100644
--- a/example/reader_util.c
+++ b/example/reader_util.c
@@ -671,6 +671,9 @@ static struct ndpi_flow_info *get_ndpi_flow_info(struct ndpi_workflow * workflow
     l3 = (const u_int8_t*)iph;
   } else {
     l4_offset = sizeof(struct ndpi_ipv6hdr);
+    if(sizeof(struct ndpi_ipv6hdr) > ipsize)
+      return NULL;
+
     l3 = (const u_int8_t*)iph6;
   }
 
@@ -1495,6 +1498,10 @@ struct ndpi_proto ndpi_workflow_process_packet(struct ndpi_workflow * workflow,
       return(nproto);
     }
 
+    if(header->caplen < eth_offset + radio_len + sizeof((struct ndpi_wifi_header)) {
+        return(nproto);
+    }
+
     /* Calculate 802.11 header length (variable) */
     wifi = (struct ndpi_wifi_header*)( packet + eth_offset + radio_len);
     fc = wifi->fc;
-- 
cgit v1.2.3