From e4a7990a4e4842b4e6f5b10fb51ab288fa340240 Mon Sep 17 00:00:00 2001 From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> Date: Mon, 17 Jan 2022 19:47:27 +0100 Subject: H323: fix a use-after-poison error (#1412) Detected by oss-fuzz See: https://oss-fuzz.com/testcase-detail/6730505580576768 Fix a function prototype Update a unit test results --- src/include/ndpi_api.h.in | 2 +- src/lib/ndpi_main.c | 2 +- src/lib/protocols/h323.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/include/ndpi_api.h.in b/src/include/ndpi_api.h.in index f94fd4093..271b73194 100644 --- a/src/include/ndpi_api.h.in +++ b/src/include/ndpi_api.h.in @@ -118,7 +118,7 @@ extern "C" { void ndpi_free(void *ptr); void * ndpi_flow_malloc(size_t size); void ndpi_flow_free(void *ptr); - u_int32_t ndpi_get_tot_allocated_memory(); + u_int32_t ndpi_get_tot_allocated_memory(void); /** * Search the first occurrence of substring -find- in -s- diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 16f7b9ea0..afac64b1c 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -2509,7 +2509,7 @@ static void ndpi_add_domain_risk_exceptions(struct ndpi_detection_module_struct ndpi_risk mask = ((ndpi_risk)-1); for(i=0; risks_to_mask[i] != NDPI_NO_RISK; i++) - mask &= ~(1UL << risks_to_mask[i]); + mask &= ~(1ULL << risks_to_mask[i]); for(i=0; domains[i] != NULL; i++) ndpi_add_host_risk_mask(ndpi_str, (char*)domains[i], mask); diff --git a/src/lib/protocols/h323.c b/src/lib/protocols/h323.c index d7fba5f81..7774b9d0a 100644 --- a/src/lib/protocols/h323.c +++ b/src/lib/protocols/h323.c @@ -94,7 +94,7 @@ void ndpi_search_h323(struct ndpi_detection_module_struct *ndpi_struct, struct n } /* H323 */ if(sport == 1719 || dport == 1719) { - if((packet->payload_packet_len >= 5) + if((packet->payload_packet_len > 5) && (packet->payload[0] == 0x16) && (packet->payload[1] == 0x80) && (packet->payload[4] == 0x06) -- cgit v1.2.3