]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9c43674)
kerberos: fix probing parser tag condition
authorPhilippe Antoine <contact@catenacyber.fr>
Thu, 11 Mar 2021 15:12:36 +0000 (16:12 +0100)
committerJeff Lucovsky <jeff@lucovsky.org>
Sat, 1 May 2021 12:09:17 +0000 (08:09 -0400)
according to the comment

(cherry picked from commit cb150e97d09baea09a738388426eafad3cccff2a)

rust/src/krb/krb5.rs patch | blob | blame | history

diff --git a/rust/src/krb/krb5.rs b/rust/src/krb/krb5.rs
index 70a0b8e3bf45b0c3e371aaa78aca75c889050053..eb753600db48da7d9c0155342681956d38361bc1 100644 (file)
--- a/rust/src/krb/krb5.rs
+++ b/rust/src/krb/krb5.rs
@@ -445,7 +445,7 @@ pub extern "C" fn rs_krb5_probing_parser(_flow: *const Flow,
             // Kerberos messages start with an APPLICATION header
             if hdr.class != 0b01 { return unsafe{ALPROTO_FAILED}; }
             // Tag number should be <= 30
-            if hdr.tag >= 30 { return unsafe{ALPROTO_FAILED}; }
+            if hdr.tag > 30 { return unsafe{ALPROTO_FAILED}; }
             // Kerberos messages contain sequences
             if rem.is_empty() || rem[0] != 0x30 { return unsafe{ALPROTO_FAILED}; }
             // Check kerberos version
Mirror of https://github.com/OISF/suricata.git