detect: fix read overflow in DetectGetLastSMByListId

author Philippe Antoine <contact@catenacyber.fr>

Thu, 23 Jul 2020 11:28:57 +0000 (13:28 +0200)

committer Victor Julien <victor@inliniac.net>

Wed, 29 Jul 2020 08:14:23 +0000 (10:14 +0200)
author Philippe Antoine <contact@catenacyber.fr>
Thu, 23 Jul 2020 11:28:57 +0000 (13:28 +0200)
committer Victor Julien <victor@inliniac.net>
Wed, 29 Jul 2020 08:14:23 +0000 (10:14 +0200)
diff --git a/src/detect-parse.c b/src/detect-parse.c

index 03205a8f0db81bb5351e90e2744feb25211e82d3..08a1e851962615d5716e1e97b082ad541e12c47d 100644 (file)
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -543,6 +543,9 @@ SigMatch *DetectGetLastSMByListId(const Signature *s, int list_id, ...)
      SigMatch *sm_new;
      int sm_type;
  
+    if ((uint32_t)list_id >= s->init_data->smlists_array_size) {
+        return NULL;
+    }
      SigMatch *sm_list = s->init_data->smlists_tail[list_id];
      if (sm_list == NULL)
          return NULL;
author	Philippe Antoine <contact@catenacyber.fr>
	Thu, 23 Jul 2020 11:28:57 +0000 (13:28 +0200)
committer	Victor Julien <victor@inliniac.net>
	Wed, 29 Jul 2020 08:14:23 +0000 (10:14 +0200)