From bd036f96f9bf3feb7ef4699b4f9882705b853ed1 Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Tue, 18 Jan 2022 19:11:01 +0100
Subject: Netbios, CSGO: fix two memory errors (#1413)

Detected by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43754
https://oss-fuzz.com/testcase-detail/5329842395021312
---
 src/lib/protocols/csgo.c    | 3 ++-
 src/lib/protocols/netbios.c | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/protocols/csgo.c b/src/lib/protocols/csgo.c
index f48636ef4..4bd541bcd 100644
--- a/src/lib/protocols/csgo.c
+++ b/src/lib/protocols/csgo.c
@@ -77,7 +77,8 @@ void ndpi_search_csgo(struct ndpi_detection_module_struct* ndpi_struct, struct n
       }
     }
 
-    if(flow->l4.udp.csgo_s2 < 3 && (w & 0xffff0000ul) == 0x0d1d0000) {
+    if(packet->payload_packet_len > 6 &&
+       flow->l4.udp.csgo_s2 < 3 && (w & 0xffff0000ul) == 0x0d1d0000) {
       uint32_t w2 = get_u_int32_t(packet->payload, 2);
       if(packet->payload_packet_len == 13) {
         if(!flow->l4.udp.csgo_s2) {
diff --git a/src/lib/protocols/netbios.c b/src/lib/protocols/netbios.c
index 4614e6c1c..710f18a71 100644
--- a/src/lib/protocols/netbios.c
+++ b/src/lib/protocols/netbios.c
@@ -367,7 +367,8 @@ void ndpi_search_netbios(struct ndpi_detection_module_struct *ndpi_struct,
       if(netbios_len == packet->payload_packet_len - 14) {
 	NDPI_LOG_DBG2(ndpi_struct, "found netbios port 138 and payload length >= 112 \n");
 
-	if(packet->payload[0] >= 0x10 && packet->payload[0] <= 0x16) {
+	/* TODO: ipv6 */
+	if(packet->iph && packet->payload[0] >= 0x10 && packet->payload[0] <= 0x16) {
 	  u_int32_t source_ip = ntohl(get_u_int32_t(packet->payload, 4));
 
 	  NDPI_LOG_DBG2(ndpi_struct, "found netbios with MSG-type 0x10,0x11,0x12,0x13,0x14,0x15 or 0x16\n");
-- 
cgit v1.2.3