From: Victor Julien <victor@inliniac.net>
Date: Tue, 13 Nov 2018 00:45:05 +0000 (-0800)
Subject: detect/distance: improve value parsing and fix broken test
X-Git-Tag: suricata-4.1.1~55
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=59d526481c3b1bcfc1fb5e4f26ad8b58c1298321;p=thirdparty%2Fsuricata.git

detect/distance: improve value parsing and fix broken test
---

diff --git a/src/detect-content.c b/src/detect-content.c
index 1f369fb9c2..a4d4d98ea2 100644
--- a/src/detect-content.c
+++ b/src/detect-content.c
@@ -2773,7 +2773,7 @@ static int SigTest69TestNegatedContent(void)
 
 static int SigTest70TestNegatedContent(void)
 {
-    return SigTestNegativeTestContent("alert tcp any any -> any any (content:\"one\"; content:!\"fourty\"; within:52; distance:45 sid:1;)", (uint8_t *)"one four nine fourteen twentythree thirtyfive fourtysix fiftysix");
+    return SigTestNegativeTestContent("alert tcp any any -> any any (content:\"one\"; content:!\"fourty\"; within:52; sid:1;)", (uint8_t *)"one four nine fourteen twentythree thirtyfive fourtysix fiftysix");
 }
 
 /** \test within and distance */
diff --git a/src/detect-distance.c b/src/detect-distance.c
index b40ded90ee..3937f7c26a 100644
--- a/src/detect-distance.c
+++ b/src/detect-distance.c
@@ -41,6 +41,7 @@
 
 #include "flow-var.h"
 
+#include "util-byte.h"
 #include "util-debug.h"
 #include "util-unittest.h"
 #include "detect-bytejump.h"
@@ -112,7 +113,11 @@ static int DetectDistanceSetup (DetectEngineCtx *de_ctx, Signature *s,
         cd->distance = ((DetectByteExtractData *)bed_sm->ctx)->local_id;
         cd->flags |= DETECT_CONTENT_DISTANCE_BE;
     } else {
-        cd->distance = strtol(str, NULL, 10);
+        if (ByteExtractStringInt32(&cd->distance, 0, 0, str) != (int)strlen(str)) {
+            SCLogError(SC_ERR_INVALID_SIGNATURE,
+                      "invalid value for distance: %s", str);
+            goto end;
+        }
     }
     cd->flags |= DETECT_CONTENT_DISTANCE;