From 94471193c2082194e5be5a5096eef1784fc16b28 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Tue, 27 Oct 2020 08:48:12 +0100
Subject: Added boundary check

---
 src/lib/protocols/skype.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/lib/protocols/skype.c')

diff --git a/src/lib/protocols/skype.c b/src/lib/protocols/skype.c
index 22d94c021..a8f1529a0 100644
--- a/src/lib/protocols/skype.c
+++ b/src/lib/protocols/skype.c
@@ -108,7 +108,11 @@ static void ndpi_check_skype(struct ndpi_detection_module_struct *ndpi_struct, s
           const uint8_t id_flags_iv_crc_len = 11;
           const uint8_t crc_len = sizeof(flow->l4.udp.skype_crc);
           const uint8_t crc_offset = id_flags_iv_crc_len - crc_len;
-          if ((payload_len >= id_flags_iv_crc_len) && (packet->payload[2] == 0x02 /* Payload flag */ ) && !flow->extra_packets_func) {
+
+          if ((payload_len >= id_flags_iv_crc_len)
+	      && (packet->payload[2] == 0x02 /* Payload flag */ )
+	      && (payload_len >= (crc_offset+crc_len))
+	      && (!flow->extra_packets_func)) {
             flow->check_extra_packets = 1;
             flow->max_extra_packets_to_check = 5;
             flow->extra_packets_func = ndpi_check_skype_udp_again;
-- 
cgit v1.2.3