Fix vuln OSV-2024-343 (#1680)

seladb · Jan 11, 2025 · bc5c08d · bc5c08d
1 parent 680cfd7
commit bc5c08d
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/Packet++/src/BgpLayer.cpp b/Packet++/src/BgpLayer.cpp
@@ -542,6 +542,11 @@ namespace pcpp
 		if (headerLen >= minLen)
 		{
 			size_t withdrawnRouteLen = getWithdrawnRoutesLength();
+			// Ensure the memory access is within bounds
+			if (sizeof(bgp_common_header) + sizeof(uint16_t) + withdrawnRouteLen + sizeof(uint16_t) > headerLen)
+			{
+				return 0;  // Invalid access, return 0
+			}
 			uint16_t res =
 			    be16toh(*(uint16_t*)(m_Data + sizeof(bgp_common_header) + sizeof(uint16_t) + withdrawnRouteLen));
 			if ((size_t)res > headerLen - minLen - withdrawnRouteLen)