From bc5c08d3df37e9d725656c345d3991ab0c982717 Mon Sep 17 00:00:00 2001 From: aled-ua Date: Sat, 11 Jan 2025 02:56:48 -0600 Subject: [PATCH] Fix vuln OSV-2024-343 (#1680) --- Packet++/src/BgpLayer.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/Packet++/src/BgpLayer.cpp b/Packet++/src/BgpLayer.cpp index 4e1269abcf..b32ab8d010 100644 --- a/Packet++/src/BgpLayer.cpp +++ b/Packet++/src/BgpLayer.cpp @@ -542,6 +542,11 @@ namespace pcpp if (headerLen >= minLen) { size_t withdrawnRouteLen = getWithdrawnRoutesLength(); + // Ensure the memory access is within bounds + if (sizeof(bgp_common_header) + sizeof(uint16_t) + withdrawnRouteLen + sizeof(uint16_t) > headerLen) + { + return 0; // Invalid access, return 0 + } uint16_t res = be16toh(*(uint16_t*)(m_Data + sizeof(bgp_common_header) + sizeof(uint16_t) + withdrawnRouteLen)); if ((size_t)res > headerLen - minLen - withdrawnRouteLen)