Fix the bug specified in the previous commit.

Bug emanates from byte_test, byte_jump and byte_extract keyword being
unable to handle negative offsets when the inspection pointer is at the
end of the buffer.

diff --git a/src/detect-byte-extract.c b/src/detect-byte-extract.c
index 558822671c850c37ed77eae882ae5926e7f20e79..87eb69eba7ea7d4d52851706b3b7e53bb205db5f 100644 (file)
--- a/src/detect-byte-extract.c
+++ b/src/detect-byte-extract.c
@@ -156,14 +156,13 @@ int DetectByteExtractDoMatch(DetectEngineThreadCtx *det_ctx, SigMatch *sm,
         ptr = payload + det_ctx->buffer_offset;
         len = payload_len - det_ctx->buffer_offset;
 
-        /* No match if there is no relative base */
-        if (len == 0) {
-            return 0;
-        }
-
         ptr += data->offset;
         len -= data->offset;
 
+        /* No match if there is no relative base */
+        if (len <= 0) {
+            return 0;
+        }
         //PrintRawDataFp(stdout,ptr,len);
     } else {
         SCLogDebug("absolute, data->offset %"PRIu32"", data->offset);

diff --git a/src/detect-bytejump.c b/src/detect-bytejump.c
index 9b7a051a5da94656f62ec79c4d91ff1636a2529d..9d414101c210f66ba2d22108b27490471d2503c8 100644 (file)
--- a/src/detect-bytejump.c
+++ b/src/detect-bytejump.c
@@ -129,13 +129,13 @@ int DetectBytejumpDoMatch(DetectEngineThreadCtx *det_ctx, Signature *s,
         ptr = payload + det_ctx->buffer_offset;
         len = payload_len - det_ctx->buffer_offset;
 
+        ptr += offset;
+        len -= offset;
+
         /* No match if there is no relative base */
-        if (ptr == NULL || len == 0) {
+        if (ptr == NULL || len <= 0) {
             SCReturnInt(0);
         }
-
-        ptr += offset;
-        len -= offset;
     }
     else {
         ptr = payload + offset;

diff --git a/src/detect-bytetest.c b/src/detect-bytetest.c
index 297ac08c4601d7a01066e0b18da4256e2838bab7..f531be55a12d943e6d25f219a656ed7bcfd26c12 100644 (file)
--- a/src/detect-bytetest.c
+++ b/src/detect-bytetest.c
@@ -136,14 +136,13 @@ int DetectBytetestDoMatch(DetectEngineThreadCtx *det_ctx, Signature *s, SigMatch
         ptr = payload + det_ctx->buffer_offset;
         len = payload_len - det_ctx->buffer_offset;
 
-        /* No match if there is no relative base */
-        if (ptr == NULL || len == 0) {
-            SCReturnInt(0);
-        }
-
         ptr += offset;
         len -= offset;
 
+        /* No match if there is no relative base */
+        if (ptr == NULL || len <= 0) {
+            SCReturnInt(0);
+        }
         //PrintRawDataFp(stdout,ptr,len);
     }
     else {