From 12c6ab768d716aa54a343a82ac333c9c5fb02af4 Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Sun, 9 May 2021 15:10:14 +0200
Subject: TLS: fix another use-of-uninitialized-value error in ClientHello
 parsing (#1179)

Error detected with valgrind.

==13127== Conditional jump or move depends on uninitialised value(s)
==13127==    at 0x483EF58: strlen (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==13127==    by 0x1A93B6: ndpi_strdup (ndpi_main.c:159)
==13127==    by 0x1C07CC: processClientServerHello (tls.c:1678)
==13127==    by 0x1C0C4C: processTLSBlock (tls.c:712)
==13127==    by 0x1C0C4C: ndpi_search_tls_tcp.part.0 (tls.c:849)

See also 8c3674e9
---
 src/lib/protocols/tls.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/lib')

diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index e4737829f..7ef8bdf1a 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -1687,7 +1687,8 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
 		while(s_offset < tot_alpn_len && s_offset < total_len) {
 		  u_int8_t alpn_i, alpn_len = packet->payload[s_offset++];
 
-		  if((s_offset + alpn_len) <= tot_alpn_len) {
+		  if((s_offset + alpn_len) <= tot_alpn_len &&
+		     (s_offset + alpn_len) <= total_len) {
 #ifdef DEBUG_TLS
 		    printf("Client TLS [ALPN: %u]\n", alpn_len);
 #endif
-- 
cgit v1.2.3