From c6acf97bfbe5ad26db3c2f5dd4d379ac674d6fb3 Mon Sep 17 00:00:00 2001
From: Philippe Antoine <contact@catenacyber.fr>
Date: Thu, 19 Mar 2020 16:54:31 +0100
Subject: Adds different checks against overflows

---
 src/lib/protocols/yahoo.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src/lib/protocols/yahoo.c')

diff --git a/src/lib/protocols/yahoo.c b/src/lib/protocols/yahoo.c
index bd7f3ef66..d80e9caee 100644
--- a/src/lib/protocols/yahoo.c
+++ b/src/lib/protocols/yahoo.c
@@ -76,6 +76,9 @@ u_int8_t check_ymsg(const u_int8_t * payload, u_int16_t payload_packet_len)
     if(ylen >= payload_packet_len || yahoo_len_parsed >= payload_packet_len)
       break;
 
+    if (payload_packet_len < yahoo_len_parsed + sizeof(struct ndpi_yahoo_header)) {
+      return 0;
+    }
     yahoo = (struct ndpi_yahoo_header *) (payload + yahoo_len_parsed);
   }
   while(memcmp(yahoo->YMSG_str, "YMSG", 4) == 0);
-- 
cgit v1.2.3