From 789f23386ea61b986bdf30751a696bea33286f0a Mon Sep 17 00:00:00 2001
From: Toni Uhlig <matzeton@googlemail.com>
Date: Thu, 27 Jan 2022 14:43:12 +0100
Subject: Fixed heap overflow in nDPI realloc wrapper if new size < old size.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
---
 src/lib/ndpi_main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index e4106d58d..4c118bc03 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -205,7 +205,7 @@ void *ndpi_realloc(void *ptr, size_t old_size, size_t new_size) {
     return(ret);
   else {
     if(ptr != NULL) {
-      memcpy(ret, ptr, old_size);
+      memcpy(ret, ptr, (old_size < new_size ? old_size : new_size));
       ndpi_free(ptr);
     }
     return(ret);
-- 
cgit v1.2.3