From e99a0abfba3dff52a00935bed6e08051e2fa4b61 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Fri, 3 May 2019 18:08:12 +0200 Subject: Hardening fixes for packer parsing --- src/lib/ndpi_main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/lib/ndpi_main.c') diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index a7971837e..4c60ce969 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -5036,7 +5036,8 @@ void ndpi_parse_packet_line_info(struct ndpi_detection_module_struct *ndpi_struc packet->line[packet->parsed_lines].ptr = packet->payload; packet->line[packet->parsed_lines].len = 0; - for(a = 0; a < packet->payload_packet_len; a++) { + for(a = 0; (a < packet->payload_packet_len) + && (packet->parsed_lines < NDPI_MAX_PARSE_LINES_PER_PACKET); a++) { if((a + 1) == packet->payload_packet_len) return; /* Return if only one byte remains (prevent invalid reads past end-of-buffer) */ -- cgit v1.2.3