From bbbc5fdbae79c72dbe157e02dfee4ef9f18014b5 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Fri, 22 May 2020 07:24:02 +0200
Subject: Added memory boundary checks

---
 src/lib/ndpi_main.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/lib/ndpi_main.c')

diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index f1338ea74..f93f0bfd3 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -4858,7 +4858,8 @@ void ndpi_parse_packet_line_info(struct ndpi_detection_module_struct *ndpi_str,
     if(get_u_int16_t(packet->payload, a) == ntohs(0x0d0a)) {
       /* If end of line char sequence CR+NL "\r\n", process line */
 
-      if(get_u_int16_t(packet->payload, a+2) == ntohs(0x0d0a)) {
+      if(((a + 3) <= packet->payload_packet_len)
+	 && (get_u_int16_t(packet->payload, a+2) == ntohs(0x0d0a))) {
 	/* \r\n\r\n */
 	int diff; /* No unsigned ! */
 	u_int32_t a1 = a + 4;
-- 
cgit v1.2.3