]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3ec88f3)
kerberos: fix against packet split in record size 4833/head
authorPhilippe Antoine <contact@catenacyber.fr>
Fri, 6 Mar 2020 09:45:23 +0000 (10:45 +0100)
committerShivani Bhardwaj <shivanib134@gmail.com>
Fri, 17 Apr 2020 16:53:27 +0000 (22:23 +0530)
(cherry picked from commit 23f796a021cd4a0f2614418a5d2d40acefd56df3)

rust/src/krb/krb5.rs patch | blob | blame | history

diff --git a/rust/src/krb/krb5.rs b/rust/src/krb/krb5.rs
index e1756d36a9354b2760fec22eee0c23ada50f357a..b040aa0429ced610f045b20d06865a3a6bb2eaab 100644 (file)
--- a/rust/src/krb/krb5.rs
+++ b/rust/src/krb/krb5.rs
@@ -494,7 +494,6 @@ pub extern "C" fn rs_krb5_parse_request_tcp(_flow: *const core::Flow,
                                        input_len: u32,
                                        _data: *const libc::c_void,
                                        _flags: u8) -> i32 {
-    if input_len < 4 { return -1; }
     let buf = build_slice!(input,input_len as usize);
     let state = cast_pointer!(state,KRB5State);
 
@@ -522,6 +521,10 @@ pub extern "C" fn rs_krb5_parse_request_tcp(_flow: *const core::Flow,
                     state.record_ts = record as usize;
                     cur_i = rem;
                 },
+                IResult::Incomplete(_) => {
+                    state.defrag_buf_ts.extend_from_slice(cur_i);
+                    return 0;
+                }
                 _ => {
                     SCLogDebug!("rs_krb5_parse_request_tcp: reading record mark failed!");
                     return 1;
@@ -552,7 +555,6 @@ pub extern "C" fn rs_krb5_parse_response_tcp(_flow: *const core::Flow,
                                        input_len: u32,
                                        _data: *const libc::c_void,
                                        _flags: u8) -> i32 {
-    if input_len < 4 { return -1; }
     let buf = build_slice!(input,input_len as usize);
     let state = cast_pointer!(state,KRB5State);
 
@@ -580,6 +582,10 @@ pub extern "C" fn rs_krb5_parse_response_tcp(_flow: *const core::Flow,
                     state.record_tc = record as usize;
                     cur_i = rem;
                 },
+                IResult::Incomplete(_) => {
+                    state.defrag_buf_tc.extend_from_slice(cur_i);
+                    return 0;
+                }
                 _ => {
                     SCLogNotice!("rs_krb5_parse_response_tcp: reading record mark failed!");
                     return 1;
Mirror of https://github.com/OISF/suricata.git