search

ntop / nDPI

Open Source Deep Packet Inspection Software Toolkit
http://www.ntop.org
GNU Lesser General Public License v3.0
3.86k stars 899 forks source link

Zoom: fix heap-buffer-overflow #2621

Closed IvanNardi closed 1 week ago

IvanNardi commented 1 week ago 
=================================================================
==30923==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x50400023cc34 at pc 0x591f8b5dd546 bp 0x7ffe5ffc3530 sp 0x7ffe5ffc3528
READ of size 1 at 0x50400023cc34 thread T0
    #0 0x591f8b5dd545 in is_sfu_5 /home/ivan/svnrepos/nDPI/src/lib/protocols/zoom.c:146:6
    #1 0x591f8b5dda11 in zoom_search_again /home/ivan/svnrepos/nDPI/src/lib/protocols/zoom.c:166:6
    #2 0x591f8b22182f in ndpi_process_extra_packet /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:8156:9
    #3 0x591f8b236f88 in ndpi_internal_detection_process_packet /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:8793:5

Found by oss-fuzz See: https://issues.oss-fuzz.com/issues/379072455

sonarcloud[bot] commented 1 week ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud