From: Victor Julien <vjulien@oisf.net>
Date: Fri, 12 Sep 2025 12:20:31 +0000 (+0200)
Subject: misc: harden string shortener
X-Git-Tag: suricata-8.0.1~4
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=38a2cba5c397002047d84645f5ab770ff88020e1;p=thirdparty%2Fsuricata.git

misc: harden string shortener

Ticket: #7861.
---

diff --git a/src/util-misc.c b/src/util-misc.c
index f83b50454e..2d33cac12c 100644
--- a/src/util-misc.c
+++ b/src/util-misc.c
@@ -27,6 +27,7 @@
 #include "util-debug.h"
 #include "util-unittest.h"
 #include "util-misc.h"
+#include "util-validate.h"
 
 #define PARSE_REGEX "^\\s*(\\d+(?:.\\d+)?)\\s*([a-zA-Z]{2,3})?\\s*$"
 static pcre2_code *parse_regex = NULL;
@@ -207,6 +208,9 @@ int ParseSizeStringU64(const char *size, uint64_t *res)
 void ShortenString(const char *input,
     char *output, size_t output_size, char c)
 {
+    if (output_size == 0)
+        return;
+
     const size_t str_len = strlen(input);
     size_t half = (output_size - 1) / 2;
 
@@ -214,6 +218,9 @@ void ShortenString(const char *input,
     if (half * 2 == (output_size - 1)) {
         half = half - 1;
     }
+    DEBUG_VALIDATE_BUG_ON(half > output_size);
+    if (half == 0 || half > output_size)
+        return;
 
     size_t spaces = (output_size - 1) - (half * 2);