From 6a744d05443bdd0d079b2abc6c7408a625ebf20d Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Thu, 17 Oct 2024 22:12:52 +0200
Subject: Fixes buffer overflow when parsing invalid TCP options

---
 src/lib/ndpi_main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 3265ef80f..aa1e58a6b 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -6967,7 +6967,7 @@ static int ndpi_init_packet(struct ndpi_detection_module_struct *ndpi_str,
 		int j = i+2;
 		u_int8_t opt_len = len - 2;
 
-		while(opt_len > 0) {
+		while((opt_len > 0) && (j < options_len)) {
 		  rc = snprintf(&options_fp[options_fp_idx], sizeof(options_fp)-options_fp_idx, "%02x", options[j]);
 		  options_fp_idx += rc;
 		  j++, opt_len--;
-- 
cgit v1.2.3