From 9d1340a8e7fc38aa39d0d81b4dfb596095804ae1 Mon Sep 17 00:00:00 2001
From: Philippe Antoine <contact@catenacyber.fr>
Date: Thu, 12 Mar 2020 14:26:08 +0100
Subject: Fix buffer overread in yahoo

---
 src/lib/protocols/yahoo.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src/lib/protocols/yahoo.c')

diff --git a/src/lib/protocols/yahoo.c b/src/lib/protocols/yahoo.c
index ceb9d48b6..bd7f3ef66 100644
--- a/src/lib/protocols/yahoo.c
+++ b/src/lib/protocols/yahoo.c
@@ -62,6 +62,9 @@ __forceinline static
 #endif
 u_int8_t check_ymsg(const u_int8_t * payload, u_int16_t payload_packet_len)
 {
+  if (payload_packet_len < sizeof(struct ndpi_yahoo_header)) {
+    return 0;
+  }
   const struct ndpi_yahoo_header *yahoo = (struct ndpi_yahoo_header *) payload;
   
   u_int16_t yahoo_len_parsed = 0;
-- 
cgit v1.2.3