git.ipfire.org Git - thirdparty/snort3.git/commit

Pull request #3872: libasan: fix out-of-bounds issues

Merge in SNORT/snort3 from ~ANOROKH/snort3:asan_invest to master

Squashed commit of the following:

commit 10d928de831b99b2fc6063cf5dc640dc83c4f5b6
Author: Anna Norokh <anorokh@cisco.com>
Date:   Mon May 29 11:31:43 2023 +0300

    analyzer: poison memory segment after msg->data

    This will work only for regtests, memory will be poisoned for 16 bytes
    to provide libasan possibility to sanitize memory that was allocated in DAQ.

commit 11e64eabf0d8fe3845f8cc3e85d040537ddf9103
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed May 24 22:31:03 2023 +0300

    log: fix out-of-bounds read access

    The source structure is over the packet raw data.
    The structure declares an array of maximum possible size.
    The default assign/copy operator may go out of bounds if underlying raw data is shorter.

commit dc558bab687ffc779af2ca285240aa34ceb8c2a2
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed May 24 15:39:19 2023 +0300

    codecs: fix tcp options parsing

commit bda86b5636c95909ed151c013adc481edde815f8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed May 24 14:51:25 2023 +0300

    codecs: fix ipv6_mobility parsing

    Check data availability before accessing the structure.

commit d3d9b96e273c130e53637246d07ae367912719ff
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed May 24 14:39:33 2023 +0300

    appid: fix FTP parsing

    Prevent offset going beyond the buffer.

commit 6bbb52ff4333c6f0222d6fb05e6ac736d93b5a86
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed May 24 13:12:55 2023 +0300

    rna: fix icmpv6 decoding

    IPv6 payload length may include extenstion headers,
    which should be accounted when looking for the end of ICMPv6.

commit 91f70f976963b9229259f11fabd561fcf5c5c269
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed May 24 09:22:29 2023 +0300

    netflow: fix raw data conversion

    Netflow dedicates 4 bytes for a time record.
    Field size is better to be compared to the type size directly rather than
    to an external variable size.

commit 761afb8d664b7314c4225a3699f1b0bfe95bde3f
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Fri May 19 15:58:56 2023 +0300

    utils: fix out-of-bound access

    Before the change the function accepted a limit for the destination buffer,
    which may cause out-of-bounds reading from the source buffer.

commit e936d5b47d672e7ac7f6c03afdd55af0d34e04a7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Thu May 4 13:54:05 2023 +0300

    appid: check size boundaries before header validation

commit 3708040ec8e130a365cff68b25fb2776db3ae98c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed May 3 14:56:40 2023 +0300

    protocols: remove of unnecessary old_opt check

author	Anna Norokh -X (anorokh - SOFTSERVE INC at Cisco) <anorokh@cisco.com>
	Wed, 21 Jun 2023 06:13:14 +0000 (06:13 +0000)
committer	Oleksii Shumeiko -X (oshumeik - SOFTSERVE INC at Cisco) <oshumeik@cisco.com>
	Wed, 21 Jun 2023 06:13:14 +0000 (06:13 +0000)
commit	66c1ae477ac91a730fe86c8e6cfec502b8733c71
tree	a0b89de645caf2e95760d7823c785a4c6b9eb1e1	tree
parent	83e9a2dda250a0ced9a105454a5a4fe59c304601	commit \| diff

src/codecs/ip/cd_mobility.cc		diff \| blob \| blame \| history
src/codecs/ip/cd_tcp.cc		diff \| blob \| blame \| history
src/log/log_text.cc		diff \| blob \| blame \| history
src/main/analyzer.cc		diff \| blob \| blame \| history
src/network_inspectors/appid/detector_plugins/detector_dns.cc		diff \| blob \| blame \| history
src/network_inspectors/appid/service_plugins/service_ftp.cc		diff \| blob \| blame \| history
src/network_inspectors/rna/rna_pnd.cc		diff \| blob \| blame \| history
src/protocols/tcp_options.cc		diff \| blob \| blame \| history
src/service_inspectors/netflow/netflow.cc		diff \| blob \| blame \| history
src/utils/util.cc		diff \| blob \| blame \| history