From 4fa81f112a5f52e5c4d3b85479d85fa7054fc043 Mon Sep 17 00:00:00 2001
From: aled-ua <bugbuster.cc@gmail.com>
Date: Tue, 24 Dec 2024 07:55:51 +0000
Subject: [PATCH] Fix vuln OSV-2023-1232

---
 Packet++/src/SSLHandshake.cpp | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/Packet++/src/SSLHandshake.cpp b/Packet++/src/SSLHandshake.cpp
index 0517c60b35..da3dbf921b 100644
--- a/Packet++/src/SSLHandshake.cpp
+++ b/Packet++/src/SSLHandshake.cpp
@@ -1204,11 +1204,27 @@ namespace pcpp
 		uint16_t extensionLength = getLength();
 		uint8_t listLength = *getData();
 		if (listLength != static_cast<uint8_t>(extensionLength - 1))
+        {
+            return result;  // bad extension data
+        }
+
+        // Ensure listLength is within valid bounds
+        if (listLength > extensionLength - 1)
+        {
+            return result;  // Prevent out-of-bounds access
+        }
+
 			return result;  // bad extension data
 
 		uint8_t* dataPtr = getData() + sizeof(uint8_t);
 		for (int i = 0; i < listLength; i++)
 		{
+			// Ensure dataPtr does not exceed allocated memory
+			if (dataPtr >= getData() + extensionLength)
+			{
+				break; // Prevent out-of-bounds access
+			}
+
 			result.push_back(*dataPtr);
 			dataPtr += sizeof(uint8_t);
 		}