debug/validation: check tcp/app-layer data lengths

author Victor Julien <victor@inliniac.net>

Sat, 14 Dec 2019 06:11:26 +0000 (07:11 +0100)

committer Victor Julien <victor@inliniac.net>

Mon, 20 Jan 2020 14:43:23 +0000 (15:43 +0100)
author Victor Julien <victor@inliniac.net>
Sat, 14 Dec 2019 06:11:26 +0000 (07:11 +0100)
committer Victor Julien <victor@inliniac.net>
Mon, 20 Jan 2020 14:43:23 +0000 (15:43 +0100)
diff --git a/src/app-layer.c b/src/app-layer.c

index ebd91158e840235d41370cadefb531102193bc8b..9924b8def0f7cbf9c25b1de293c195bce3530bde 100644 (file)
--- a/src/app-layer.c
+++ b/src/app-layer.c
@@ -569,6 +569,7 @@ int AppLayerHandleTCPData(ThreadVars *tv, TcpReassemblyThreadCtx *ra_ctx,
      SCEnter();
  
      DEBUG_ASSERT_FLOW_LOCKED(f);
+    DEBUG_VALIDATE_BUG_ON(data_len > (uint32_t)INT_MAX);
  
      AppLayerThreadCtx *app_tctx = ra_ctx->app_tctx;
      AppProto alproto;
diff --git a/src/stream-tcp-reassemble.c b/src/stream-tcp-reassemble.c

index f8177d54c1ea1920c63912f14c07cb9da72cc279..e48659a225ae09555131314260b472b90bc49cac 100644 (file)
--- a/src/stream-tcp-reassemble.c
+++ b/src/stream-tcp-reassemble.c
@@ -1023,6 +1023,7 @@ static int ReassembleUpdateAppLayer (ThreadVars *tv,
  
      while (1) {
          GetAppBuffer(*stream, &mydata, &mydata_len, app_progress);
+        DEBUG_VALIDATE_BUG_ON(mydata_len > (uint32_t)INT_MAX);
          if (mydata == NULL && mydata_len > 0 && CheckGap(ssn, *stream, p)) {
              SCLogDebug("sending GAP to app-layer (size: %u)", mydata_len);
author	Victor Julien <victor@inliniac.net>
	Sat, 14 Dec 2019 06:11:26 +0000 (07:11 +0100)
committer	Victor Julien <victor@inliniac.net>
	Mon, 20 Jan 2020 14:43:23 +0000 (15:43 +0100)
src/app-layer.c		patch \| blob \| blame \| history
src/stream-tcp-reassemble.c		patch \| blob \| blame \| history