From c3d1c69722f31791ad718bfe3a265c0df22b9997 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Wed, 20 Oct 2021 22:07:47 +0200
Subject: Fixed heap-buffer-overflow in TLS dissector

---
 src/lib/protocols/tls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 1a849b2cb..bfff42033 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -1536,7 +1536,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
       if((cipher_offset+cipher_len) <= total_len) {
 	u_int8_t safari_ciphers = 0, chrome_ciphers = 0, this_is_not_safari = 0, looks_like_safari_on_big_sur = 0;
 
-	for(i=0; i<cipher_len;) {
+	for(i=0; i<cipher_len-1;) {
 	  u_int16_t *id = (u_int16_t*)&packet->payload[cipher_offset+i];
 	  u_int16_t cipher_id = ntohs(*id);
 
-- 
cgit v1.2.3