]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cfa7a74)
datajson: add sanity check on length
authorEric Leblond <el@stamus-networks.com>
Sat, 7 Jun 2025 20:19:03 +0000 (22:19 +0200)
committerVictor Julien <victor@inliniac.net>
Wed, 11 Jun 2025 18:49:18 +0000 (20:49 +0200)
Also cast to avoid compilation error.

src/datasets-context-json.c patch | blob | blame | history

diff --git a/src/datasets-context-json.c b/src/datasets-context-json.c
index 7668583793b2deb4d22ea7db4f2902ae848d74e7..568a75ce253c5b1d01306136e61b88c0df3cd2e5 100644 (file)
--- a/src/datasets-context-json.c
+++ b/src/datasets-context-json.c
@@ -80,6 +80,11 @@ static bool IsFloat(const char *in, size_t ins)
 
 static int ParseJsonLine(const char *in, size_t ins, DataJsonType *rep_out)
 {
+    if (ins > DATAJSON_JSON_LENGTH) {
+        SCLogError("dataset: json string too long: %s", in);
+        return -1;
+    }
+
     json_error_t jerror;
     json_t *msg = json_loads(in, 0, &jerror);
     if (msg == NULL) {
@@ -92,7 +97,7 @@ static int ParseJsonLine(const char *in, size_t ins, DataJsonType *rep_out)
     } else {
         json_decref(msg);
     }
-    rep_out->len = ins;
+    rep_out->len = (uint16_t)ins;
     rep_out->value = SCStrndup(in, ins);
     if (rep_out->value == NULL) {
         return -1;
Mirror of https://github.com/OISF/suricata.git