]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 27b4f16)
range: checks that end is after start
authorPhilippe Antoine <contact@catenacyber.fr>
Wed, 13 Oct 2021 19:07:27 +0000 (21:07 +0200)
committerVictor Julien <victor@inliniac.net>
Fri, 15 Oct 2021 06:10:52 +0000 (08:10 +0200)
Otherwise, we end up allocating too much memory

src/app-layer-htp-file.c patch | blob | blame | history

diff --git a/src/app-layer-htp-file.c b/src/app-layer-htp-file.c
index e73bdb524bb30939813c31fe544e619597758c3f..bde98dd0f0f9fff2b3f8fbf293c705ce48dc9392 100644 (file)
--- a/src/app-layer-htp-file.c
+++ b/src/app-layer-htp-file.c
@@ -196,6 +196,11 @@ static int HTPParseAndCheckContentRange(
     } else if (range->end == range->size - 1 && range->start == 0) {
         SCLogDebug("range without all information");
         return -3;
+    } else if (range->start > range->end) {
+        AppLayerDecoderEventsSetEventRaw(&htud->decoder_events, HTTP_DECODER_EVENT_RANGE_INVALID);
+        s->events++;
+        SCLogDebug("invalid range");
+        return -4;
     }
     return r;
 }
Mirror of https://github.com/OISF/suricata.git