From 12c6ab768d716aa54a343a82ac333c9c5fb02af4 Mon Sep 17 00:00:00 2001 From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> Date: Sun, 9 May 2021 15:10:14 +0200 Subject: TLS: fix another use-of-uninitialized-value error in ClientHello parsing (#1179) Error detected with valgrind. ==13127== Conditional jump or move depends on uninitialised value(s) ==13127== at 0x483EF58: strlen (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==13127== by 0x1A93B6: ndpi_strdup (ndpi_main.c:159) ==13127== by 0x1C07CC: processClientServerHello (tls.c:1678) ==13127== by 0x1C0C4C: processTLSBlock (tls.c:712) ==13127== by 0x1C0C4C: ndpi_search_tls_tcp.part.0 (tls.c:849) See also 8c3674e9 --- src/lib/protocols/tls.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/lib') diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index e4737829f..7ef8bdf1a 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -1687,7 +1687,8 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, while(s_offset < tot_alpn_len && s_offset < total_len) { u_int8_t alpn_i, alpn_len = packet->payload[s_offset++]; - if((s_offset + alpn_len) <= tot_alpn_len) { + if((s_offset + alpn_len) <= tot_alpn_len && + (s_offset + alpn_len) <= total_len) { #ifdef DEBUG_TLS printf("Client TLS [ALPN: %u]\n", alpn_len); #endif -- cgit v1.2.3