From cebce341c5f3caa621f1a28f9bc30cdd26e949fd Mon Sep 17 00:00:00 2001
From: William Robinet <william.robinet@conostix.com>
Date: Thu, 3 Sep 2020 19:06:50 +0200
Subject: [PATCH] Fix segfault by OOB read on malformed packets

---
 base/network.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/base/network.c b/base/network.c
index f6a0109..be52116 100644
--- a/base/network.c
+++ b/base/network.c
@@ -134,6 +134,12 @@ int network_process_packet(handler,timestamp,data,length)
     hlen=p.ip->ip_hl * 4;
     p.data += hlen;
     p.len = ntohs(p.ip->ip_len);
+
+    if(p.len > length) {
+        printf("Malformed packet, size from IP header is larger than size reported by libpcap, skipping ...\n");
+        return(0);
+    }
+
     if (p.len == 0) {
         DBG((0,"ip length reported as 0, presumed to be because of 'TCP segmentation offload' (TSO)\n"));
         p.len = p._len;