From 52ed63329b37ae83cb86504db2c9deb6a91e2fe9 Mon Sep 17 00:00:00 2001
From: Gabriel Ganne <gabriel.ganne@gmail.com>
Date: Sun, 21 Jan 2024 08:59:10 +0100
Subject: [PATCH] ipv6 - add check for extension header length

Fixes #827

Signed-off-by: Gabriel Ganne <gabriel.ganne@gmail.com>
---
 src/common/get.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/common/get.c b/src/common/get.c
index 2d911160..18a9d7bd 100644
--- a/src/common/get.c
+++ b/src/common/get.c
@@ -663,6 +663,10 @@ get_ipv6_next(struct tcpr_ipv6_ext_hdr_base *exthdr, const u_char *end_ptr)
     case TCPR_IPV6_NH_HBH:
     case TCPR_IPV6_NH_AH:
         extlen = IPV6_EXTLEN_TO_BYTES(exthdr->ip_len);
+        if (extlen == 0) {
+            dbg(3, "Malformed IPv6 extension header...");
+            return NULL;
+        }
         dbgx(3,
              "Looks like we're an ext header (0x%hhx).  Jumping %u bytes"
              " to the next",