From 04690221d5c3ad8f5bee6aea8be88b0d30472ee0 Mon Sep 17 00:00:00 2001
From: Gregory DAVID <gregory.david@p1sec.com>
Date: Tue, 1 Apr 2025 13:02:58 +0200
Subject: [PATCH] ipv4defrag: fix segfault

---
 src/ipv4defrag.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/src/ipv4defrag.c b/src/ipv4defrag.c
index 194891b..fb16a0b 100644
--- a/src/ipv4defrag.c
+++ b/src/ipv4defrag.c
@@ -90,12 +90,17 @@ unsigned int ntoh_ipv4_get_tuple4 ( struct ip *ip , pntoh_ipv4_tuple4_t tuple )
 
 unsigned short ipv4_equal_tuple ( void *a , void *b )
 {
-	unsigned short ret = 0;
-
-	if ( ! memcmp ( a , (void*)&((pntoh_ipv4_flow_t)b)->ident , sizeof ( ntoh_ipv4_tuple4_t) ) )
-		ret++;
-
-	return ret;
+	pntoh_ipv4_tuple4_t tuple_a = a;
+	pntoh_ipv4_tuple4_t tuple_b = (void*)&((pntoh_ipv4_flow_t)b)->ident;
+	if (
+        (tuple_a->source == tuple_b->source) &&
+        (tuple_a->destination == tuple_b->destination) &&
+        (tuple_a->protocol == tuple_b->protocol) &&
+        (tuple_a->id == tuple_b->id)
+        ) {
+		return 1;
+	}
+	return 0;
 }
 
 pntoh_ipv4_flow_t ntoh_ipv4_find_flow ( pntoh_ipv4_session_t session , pntoh_ipv4_tuple4_t tuple4 )
@@ -559,6 +564,7 @@ inline static void __ipv4_free_session ( pntoh_ipv4_session_t session )
 
 	while ( ( first = htable_first ( session->flows ) ) != 0 )
 	{
+		item = htable_find(session->flows, first, NULL);
 		lock_access ( &item->lock );
 		__ipv4_free_flow ( session , &item , NTOH_REASON_EXIT );
 	}