From c6acf97bfbe5ad26db3c2f5dd4d379ac674d6fb3 Mon Sep 17 00:00:00 2001 From: Philippe Antoine Date: Thu, 19 Mar 2020 16:54:31 +0100 Subject: Adds different checks against overflows --- src/lib/protocols/ssh.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src/lib/protocols/ssh.c') diff --git a/src/lib/protocols/ssh.c b/src/lib/protocols/ssh.c index f3b50b609..959b9c090 100644 --- a/src/lib/protocols/ssh.c +++ b/src/lib/protocols/ssh.c @@ -96,6 +96,8 @@ static void ndpi_int_ssh_add_connection(struct ndpi_detection_module_struct static u_int16_t concat_hash_string(struct ndpi_packet_struct *packet, char *buf, u_int8_t client_hash) { u_int16_t offset = 22, buf_out_len = 0; + if(offset+sizeof(u_int32_t) >= packet->payload_packet_len) + goto invalid_payload; u_int32_t len = ntohl(*(u_int32_t*)&packet->payload[offset]); offset += 4; -- cgit v1.2.3