detect: fix read overflow in DetectGetLastSMByListId

author Philippe Antoine <contact@catenacyber.fr>

Thu, 23 Jul 2020 11:28:57 +0000 (13:28 +0200)

committer Jeff Lucovsky <jeff@lucovsky.org>

Sat, 19 Sep 2020 14:20:57 +0000 (10:20 -0400)
author Philippe Antoine <contact@catenacyber.fr>
Thu, 23 Jul 2020 11:28:57 +0000 (13:28 +0200)
committer Jeff Lucovsky <jeff@lucovsky.org>
Sat, 19 Sep 2020 14:20:57 +0000 (10:20 -0400)
diff --git a/src/detect-parse.c b/src/detect-parse.c

index f559f826b54ac6e831ddfccb776561b2bb434cd5..00e0eca0daaf2bf60647e9b512e30d60014f03d6 100644 (file)
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -543,6 +543,9 @@ SigMatch *DetectGetLastSMByListId(const Signature *s, int list_id, ...)
      SigMatch *sm_new;
      int sm_type;
  
+    if ((uint32_t)list_id >= s->init_data->smlists_array_size) {
+        return NULL;
+    }
      SigMatch *sm_list = s->init_data->smlists_tail[list_id];
      if (sm_list == NULL)
          return NULL;
author	Philippe Antoine <contact@catenacyber.fr>
	Thu, 23 Jul 2020 11:28:57 +0000 (13:28 +0200)
committer	Jeff Lucovsky <jeff@lucovsky.org>
	Sat, 19 Sep 2020 14:20:57 +0000 (10:20 -0400)