]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3fbcba8)
ssl: add debug validation checks for recent changes
authorVictor Julien <vjulien@oisf.net>
Tue, 1 Nov 2022 15:48:13 +0000 (16:48 +0100)
committerVictor Julien <vjulien@oisf.net>
Tue, 8 Nov 2022 05:08:37 +0000 (07:08 +0200)
Make sure the assumptions are correct.

src/app-layer-ssl.c patch | blob | blame | history

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index 8a7d4602c02653f2b8a8e2fa49fb1867542bca11..7451796c573a4727c847eff8fc616459b2204ddb 100644 (file)
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -1512,6 +1512,7 @@ static int SSLv3ParseHandshakeType(SSLState *ssl_state, const uint8_t *input,
         case SSLV3_HS_SERVER_HELLO:
             ssl_state->current_flags = SSL_AL_FLAG_STATE_SERVER_HELLO;
 
+            DEBUG_VALIDATE_BUG_ON(ssl_state->curr_connp->message_length != input_len);
             rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
             if (rc < 0)
                 return rc;
@@ -1611,6 +1612,8 @@ static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, const uint8_t *input
 
             if (ssl_state->curr_connp->hs_buffer_message_size <=
                     ssl_state->curr_connp->hs_buffer_offset) {
+                DEBUG_VALIDATE_BUG_ON(ssl_state->curr_connp->hs_buffer_message_size !=
+                                      ssl_state->curr_connp->hs_buffer_offset);
 
                 ssl_state->curr_connp->handshake_type =
                         ssl_state->curr_connp->hs_buffer_message_type;
Mirror of https://github.com/OISF/suricata.git