From 4f399356a67771086632bcdcef94b2db6a0ed9c8 Mon Sep 17 00:00:00 2001
From: Nardi Ivan <nardi.ivan@gmail.com>
Date: Thu, 26 Mar 2020 17:30:20 +0100
Subject: quic: fix heap-overflow error

---
 src/lib/protocols/quic.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/lib/protocols/quic.c b/src/lib/protocols/quic.c
index 93f5d2cce..be746550b 100644
--- a/src/lib/protocols/quic.c
+++ b/src/lib/protocols/quic.c
@@ -110,7 +110,7 @@ void ndpi_search_quic(struct ndpi_detection_module_struct *ndpi_struct,
       NDPI_LOG_INFO(ndpi_struct, "found QUIC\n");
       ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_QUIC, NDPI_PROTOCOL_UNKNOWN);
       
-      if(packet->payload[quic_hlen+12] != 0xA0)
+      if((udp_len > quic_hlen + 12) && (packet->payload[quic_hlen+12] != 0xA0))
 	quic_hlen++;
     }
     
-- 
cgit v1.2.3