From: Philippe Antoine <pantoine@oisf.net>
Date: Fri, 17 May 2024 07:39:52 +0000 (+0200)
Subject: http: fix nul deref on memcap reached
X-Git-Tag: suricata-7.0.6~73
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2bd3bd0e318f19008e9fe068ab17277c530ffb92;p=thirdparty%2Fsuricata.git

http: fix nul deref on memcap reached

HttpRangeOpenFileAux may return NULL in different cases, including
when memcap is reached.
But is only caller did not check it before calling HttpRangeAppendData
which would dereference the NULL value.

Ticket: 7029
(cherry picked from commit fd262df457f67f2174752dd6505ba2ed5911fd96)
---

diff --git a/src/app-layer-htp-range.c b/src/app-layer-htp-range.c
index 3cdde35ba2..f0d75a9750 100644
--- a/src/app-layer-htp-range.c
+++ b/src/app-layer-htp-range.c
@@ -351,8 +351,10 @@ static HttpRangeContainerBlock *HttpRangeOpenFile(HttpRangeContainerFile *c, uin
 {
     HttpRangeContainerBlock *r =
             HttpRangeOpenFileAux(c, start, end, total, sbcfg, name, name_len, flags);
-    if (HttpRangeAppendData(sbcfg, r, data, len) < 0) {
-        SCLogDebug("Failed to append data while opening");
+    if (r) {
+        if (HttpRangeAppendData(sbcfg, r, data, len) < 0) {
+            SCLogDebug("Failed to append data while opening");
+        }
     }
     return r;
 }