From eb5d7b07afae0d1dd8f5b079835d8f1ec66dc160 Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Sat, 15 Jan 2022 18:47:59 +0100
Subject: TLS: fix heap-buffer-overflow error (#1408)

Detected by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43664
---
 src/lib/protocols/tls.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/lib/protocols')

diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index b83505cd5..cdaed66b2 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -2099,7 +2099,8 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
 		  if(flow->protos.tls_quic.tls_supported_versions == NULL)
 		    flow->protos.tls_quic.tls_supported_versions = ndpi_strdup(version_str);
 		}
-	      } else if(extension_id == 65486 /* encrypted server name */) {
+	      } else if(extension_id == 65486 /* encrypted server name */ &&
+	                offset+extension_offset+1 < total_len) {
 		/*
 		   - https://tools.ietf.org/html/draft-ietf-tls-esni-06
 		   - https://blog.cloudflare.com/encrypted-sni/
-- 
cgit v1.2.3