From 5987ec6014d4006a314f5680ca7b667800db28d2 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Thu, 9 Jan 2020 17:14:37 +0100
Subject: Added check for preventing TLS misbehavior

---
 src/lib/protocols/tls.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'src/lib/protocols')

diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index b0e192baa..08ce81edd 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -569,10 +569,13 @@ static int ndpi_search_tls_tcp(struct ndpi_detection_module_struct *ndpi_struct,
     packet->payload = p, packet->payload_packet_len = p_len; /* Restore */
     flow->l4.tcp.tls.message.buffer_used -= len;
 
-    memmove(flow->l4.tcp.tls.message.buffer,
-	    &flow->l4.tcp.tls.message.buffer[len],
-	    flow->l4.tcp.tls.message.buffer_used);
-
+    if(flow->l4.tcp.tls.message.buffer_used > 0)
+      memmove(flow->l4.tcp.tls.message.buffer,
+	      &flow->l4.tcp.tls.message.buffer[len],
+	      flow->l4.tcp.tls.message.buffer_used);
+    else
+      break;
+	
 #ifdef DEBUG_TLS_MEMORY
     printf("[TLS Mem] Left memory buffer %u bytes\n", flow->l4.tcp.tls.message.buffer_used);
 #endif
-- 
cgit v1.2.3