From 9c2c04d8ce966833b83caff902fa2d88afbcdefc Mon Sep 17 00:00:00 2001
From: Nardi Ivan <nardi.ivan@gmail.com>
Date: Thu, 26 Mar 2020 17:32:17 +0100
Subject: ssh: fix heap-overflow error

---
 src/lib/protocols/ssh.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/lib/protocols/ssh.c')

diff --git a/src/lib/protocols/ssh.c b/src/lib/protocols/ssh.c
index 390d28042..853fbb24b 100644
--- a/src/lib/protocols/ssh.c
+++ b/src/lib/protocols/ssh.c
@@ -179,6 +179,8 @@ static u_int16_t concat_hash_string(struct ndpi_packet_struct *packet,
     offset += 4 + len;
 
   /* ssh.compression_algorithms_client_to_server [C] */
+  if(offset+sizeof(u_int32_t) >= packet->payload_packet_len)
+    goto invalid_payload;
   len = ntohl(*(u_int32_t*)&packet->payload[offset]);
 
   if(client_hash) {
-- 
cgit v1.2.3