From: Philippe Antoine <contact@catenacyber.fr>
Date: Fri, 8 Apr 2022 09:23:09 +0000 (+0200)
Subject: smb: prevents integer underflow
X-Git-Tag: suricata-7.0.0-beta1~756
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3e48881b78f77179d75dfe0301bdd5664cd2e039;p=thirdparty%2Fsuricata.git

smb: prevents integer underflow

Ticket: 5246

If msg_id is 0, we cannot find the previous request
---

diff --git a/rust/src/smb/smb2.rs b/rust/src/smb/smb2.rs
index e85906d8d3..b77e359c36 100644
--- a/rust/src/smb/smb2.rs
+++ b/rust/src/smb/smb2.rs
@@ -376,10 +376,14 @@ pub fn smb2_request_record<'b>(state: &mut SMBState, r: &Smb2Record<'b>)
                                 None => {
                                     // try to find latest created file in case of chained commands
                                     let mut guid_key = SMBCommonHdr::from2(r, SMBHDR_TYPE_FILENAME);
-                                    guid_key.msg_id = guid_key.msg_id - 1;
-                                    match state.ssn2vec_map.get(&guid_key) {
-                                        Some(n) => { n.to_vec() },
-                                        None => { b"<unknown>".to_vec()},
+                                    if guid_key.msg_id == 0 {
+                                        b"<unknown>".to_vec()
+                                    } else {
+                                        guid_key.msg_id = guid_key.msg_id - 1;
+                                        match state.ssn2vec_map.get(&guid_key) {
+                                            Some(n) => { n.to_vec() },
+                                            None => { b"<unknown>".to_vec()},
+                                        }
                                     }
                                 },
                             };