diff options
Diffstat (limited to 'net-libs/nDPI/files/nDPI-3.4-fix-oob-in-kerberos-dissector.patch')
-rw-r--r-- | net-libs/nDPI/files/nDPI-3.4-fix-oob-in-kerberos-dissector.patch | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/net-libs/nDPI/files/nDPI-3.4-fix-oob-in-kerberos-dissector.patch b/net-libs/nDPI/files/nDPI-3.4-fix-oob-in-kerberos-dissector.patch new file mode 100644 index 000000000000..7e8f381cdeab --- /dev/null +++ b/net-libs/nDPI/files/nDPI-3.4-fix-oob-in-kerberos-dissector.patch @@ -0,0 +1,16 @@ +Sourced from https://github.com/gentoo/gentoo/commit/c02681fcb7839ac1829ec09394334ddbca1b0aea + +diff --git a/src/lib/protocols/kerberos.c b/src/lib/protocols/kerberos.c +index fa0ab6cb..32319668 100644 +--- a/src/lib/protocols/kerberos.c ++++ b/src/lib/protocols/kerberos.c +@@ -189,7 +189,8 @@ void ndpi_search_kerberos(struct ndpi_detection_module_struct *ndpi_struct, + + body_offset = koffsetp + 1 + pad_len; + +- for(i=0; i<10; i++) if(body_offset<packet->payload_packet_len && packet->payload[body_offset] != 0x05) body_offset++; /* ASN.1 */ ++ for(i=0; i<10 && body_offset < packet->payload_packet_len; i++) ++ if(packet->payload[body_offset] != 0x05) body_offset++; /* ASN.1 */ + #ifdef KERBEROS_DEBUG + printf("body_offset=%u [%02X %02X] [byte 0 must be 0x05]\n", body_offset, packet->payload[body_offset], packet->payload[body_offset+1]); + #endif |