nfqws: safety check

2025-04-08 22:37:28 +05:00 · 2025-04-06 11:43:01 +03:00 · 2025-04-06 11:43:01 +03:00 · d04419a60c
commit d04419a60c
parent fc1bf47e82
1 changed files with 3 additions and 1 deletions
--- a/nfq/desync.c
+++ b/nfq/desync.c
@ -657,7 +657,9 @@ static bool runtime_tls_mod(int fake_n,const struct fake_tls_mod_cache *modcache
 		}
 		if (tls_mod->mod & FAKE_TLS_MOD_DUP_SID)
 		{
-			if (fake_data[43]!=payload[43])
+			if (payload_len<44)
+				DLOG("fake[%d] cannot apply dupsid tls mod. data payload is too short.\n",fake_n);
+			else if (fake_data[43]!=payload[43])
 				DLOG("fake[%d] cannot apply dupsid tls mod. fake and orig session id length mismatch.\n",fake_n);
 			else if (payload_len<(44+payload[43]))
 				DLOG("fake[%d] cannot apply dupsid tls mod. data payload is not valid.\n",fake_n);