]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 97f97dd)
ssl: add debug validation checks for recent changes
authorVictor Julien <vjulien@oisf.net>
Tue, 1 Nov 2022 15:48:13 +0000 (16:48 +0100)
committerVictor Julien <vjulien@oisf.net>
Fri, 13 Jan 2023 11:33:04 +0000 (12:33 +0100)
Make sure the assumptions are correct.

(cherry picked from commit 8f0d820218585ea450fd87b86e8754f03805cb38)

src/app-layer-ssl.c patch | blob | blame | history

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index 9f4fc659b344904621b30b27d3d32aa17a4994ed..306adba714267beca2f9dbdc730f3ac95f5963c1 100644 (file)
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -1493,6 +1493,7 @@ static int SSLv3ParseHandshakeType(SSLState *ssl_state, const uint8_t *input,
         case SSLV3_HS_SERVER_HELLO:
             ssl_state->current_flags = SSL_AL_FLAG_STATE_SERVER_HELLO;
 
+            DEBUG_VALIDATE_BUG_ON(ssl_state->curr_connp->message_length != input_len);
             rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
             if (rc < 0)
                 return rc;
@@ -1592,6 +1593,8 @@ static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, const uint8_t *input
 
             if (ssl_state->curr_connp->hs_buffer_message_size <=
                     ssl_state->curr_connp->hs_buffer_offset) {
+                DEBUG_VALIDATE_BUG_ON(ssl_state->curr_connp->hs_buffer_message_size !=
+                                      ssl_state->curr_connp->hs_buffer_offset);
 
                 ssl_state->curr_connp->handshake_type =
                         ssl_state->curr_connp->hs_buffer_message_type;
Mirror of https://github.com/OISF/suricata.git