drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-05-24 22:32:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

nfqws: prevent out-of-band access in IsQUICCryptoHello

Browse Source
This commit is contained in:
bol-van
2022-03-25 20:08:05 +03:00
parent 4dc6639b5a
commit 64406960aa
10 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
nfq/protocol.c
View File

@@ -86,10 +86,12 @@ bool IsQUICCryptoHello(const uint8_t *data, size_t len, size_t *hello_offset, si
size_t offset = 1;
uint64_t coff, clen;
if (len < 3 || *data != 6) return false;
if ((offset+tvb_get_size(data[offset])) >= len) return false;
offset += tvb_get_varint(data + offset, &coff);
if (offset >= len) return false;
// offset must be 0 if it's a full segment, not just a chunk
if (coff || (offset+tvb_get_size(data[offset])) >= len) return false;
offset += tvb_get_varint(data + offset, &clen);
if (offset >= len || data[offset] != 0x01 || (offset + coff + clen) > len) return false;
if (data[offset] != 0x01 || (offset + coff + clen) > len) return false;
if (hello_offset) *hello_offset = offset + coff;
if (hello_len) *hello_len = (size_t)clen;
return true;