TLS: fix another interger overflow in certificate processing #1915
Commits on Mar 26, 2023
-
TLS: fix another interger overflow in certificate processing
``` ==5374==ERROR: AddressSanitizer: SEGV on unknown address 0x60400001a10d (pc 0x00000056e180 bp 0x7ffcca15ae20 sp 0x7ffcca15abe0 T0) ==5374==The signal is caused by a WRITE memory access. SCARINESS: 30 (wild-addr-write) #0 0x56e180 in processCertificateElements ndpi/src/lib/protocols/tls.c:683:79 ntop#1 0x56c60f in LLVMFuzzerTestOneInput ndpi/fuzz/fuzz_tls_certificate.c:43:3 ``` Found by oss-fuzz See: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57448
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.