From 3dec8d18807463f50420fb1a6f7a5a722c8f54fb Mon Sep 17 00:00:00 2001 From: theirix Date: Mon, 25 Jul 2016 11:15:39 +0300 Subject: Fixed BGP payload overflow --- src/lib/protocols/bgp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/lib/protocols/bgp.c b/src/lib/protocols/bgp.c index 3b0d8d5cb..e72fdee57 100644 --- a/src/lib/protocols/bgp.c +++ b/src/lib/protocols/bgp.c @@ -39,9 +39,9 @@ void ndpi_search_bgp(struct ndpi_detection_module_struct *ndpi_struct, struct nd u_int16_t bgp_port = htons(179); if(packet->tcp + && (packet->payload_packet_len > 18) && (packet->payload[18] < 5) && ((packet->tcp->dest == bgp_port) || (packet->tcp->source == bgp_port)) - && (packet->payload_packet_len > 18) && (get_u_int64_t(packet->payload, 0) == 0xffffffffffffffffULL) && (get_u_int64_t(packet->payload, 8) == 0xffffffffffffffffULL) && (ntohs(get_u_int16_t(packet->payload, 16)) <= packet->payload_packet_len) -- cgit v1.2.3