Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch
diff options
context:
space:
mode:
Diffstat (limited to 'net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch')
-rw-r--r--net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch23
1 files changed, 23 insertions, 0 deletions
diff --git a/net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch b/net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch
new file mode 100644
index 000000000000..cd34875890cd
--- /dev/null
+++ b/net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch
@@ -0,0 +1,23 @@
+From 6735bb35c65c60a777557c3277546d5801729995 Mon Sep 17 00:00:00 2001
+From: Alfredo Cardigliano <alfredo.cardigliano@gmail.com>
+Date: Tue, 21 Jul 2020 00:46:37 +0200
+Subject: [PATCH] Fix oob in kerberos dissector
+
+---
+ src/lib/protocols/kerberos.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/protocols/kerberos.c b/src/lib/protocols/kerberos.c
+index 2bacbf51..2ed824fa 100644
+--- a/src/lib/protocols/kerberos.c
++++ b/src/lib/protocols/kerberos.c
+@@ -185,7 +185,8 @@ void ndpi_search_kerberos(struct ndpi_detection_module_struct *ndpi_struct,
+
+ body_offset = koffsetp + 1 + pad_len;
+
+- for(i=0; i<10; i++) if(packet->payload[body_offset] != 0x05) body_offset++; /* ASN.1 */
++ for(i=0; i<10 && body_offset < packet->payload_packet_len; i++)
++ if(packet->payload[body_offset] != 0x05) body_offset++; /* ASN.1 */
+ #ifdef KERBEROS_DEBUG
+ printf("body_offset=%u [%02X %02X] [byte 0 must be 0x05]\n", body_offset, packet->payload[body_offset], packet->payload[body_offset+1]);
+ #endif