nDPI icon indicating copy to clipboard operation
nDPI copied to clipboard

Published 20 hours ago verified publisher icon ntop

Fix possible null deref in ndpi_utils:2347

Open koltiradw opened this issue 2 years ago • 3 comments

Hi! Pointer 'flow' that can have only NULL value (ndpi_get_http_method function), is passed as 2nd parameter in call to function ndpi_set_risk where it is dereferenced at ndpi_utils.c:2347.

koltiradw avatar Jul 29 '22 17:07 koltiradw

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

sonarqubecloud[bot] avatar Jul 29 '22 17:07 sonarqubecloud[bot]

Can you provide more information under what circumstances that NUL deref may happen? Maybe a PCAP?

utoni avatar Jul 30 '22 07:07 utoni

Can you provide more information under what circumstances that NUL deref may happen? Maybe a PCAP?

+1

IvanNardi avatar Jul 30 '22 07:07 IvanNardi