From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Mon, 30 Mar 2020 13:51:27 +0000 (-0400)
Subject: detect/bsize: Ensure numeric values fit
X-Git-Tag: suricata-6.0.0-beta1~574
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5b38bc989492672277178e93b8685b9e63fe6ec8;p=thirdparty%2Fsuricata.git

detect/bsize: Ensure numeric values fit

This commit ensures that the numeric values will not exceed the size of
the containers used to hold them.
---

diff --git a/src/detect-bsize.c b/src/detect-bsize.c
index 2df983a028..d80ef09309 100644
--- a/src/detect-bsize.c
+++ b/src/detect-bsize.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2017 Open Information Security Foundation
+/* Copyright (C) 2017-2020 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
@@ -177,7 +177,7 @@ static DetectBsizeData *DetectBsizeParse (const char *str)
     char str1[11], *p = str1;
     memset(str1, 0, sizeof(str1));
     while (*str && isdigit(*str)) {
-        if (p - str1 >= (int)sizeof(str1))
+        if (p - str1 >= ((int)sizeof(str1) - 1))
             return NULL;
         *p++ = *str++;
     }
@@ -224,7 +224,7 @@ static DetectBsizeData *DetectBsizeParse (const char *str)
         p = str2;
         memset(str2, 0, sizeof(str2));
         while (*str && isdigit(*str)) {
-            if (p - str2 >= (int)sizeof(str2))
+            if (p - str2 >= ((int)sizeof(str2) - 1))
                 return NULL;
             *p++ = *str++;
         }