From: Jason Ish <jason.ish@oisf.net>
Date: Fri, 24 Mar 2023 05:49:55 +0000 (-0600)
Subject: conf: fatal error if "include" is a mapping
X-Git-Tag: suricata-7.0.0-rc2~484
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6e1cd7bbea2dac74759f8843e076a9746925be87;p=thirdparty%2Fsuricata.git

conf: fatal error if "include" is a mapping

If a field named "include" is mapping it is not processed correctly.
Instead return a fatal error.

In our YAML, "include" has always been a reserved word, so this should
not break any known configuration.

Ticket: #5939
---

diff --git a/src/conf-yaml-loader.c b/src/conf-yaml-loader.c
index bbc3c9f889..57b793aa69 100644
--- a/src/conf-yaml-loader.c
+++ b/src/conf-yaml-loader.c
@@ -379,6 +379,11 @@ static int ConfYamlParse(yaml_parser_t *parser, ConfNode *parent, int inseq, int
         }
         else if (event.type == YAML_MAPPING_START_EVENT) {
             SCLogDebug("event.type=YAML_MAPPING_START_EVENT; state=%d", state);
+            if (state == CONF_INCLUDE) {
+                SCLogError("Include fields cannot be a mapping: line %zu", parser->mark.line);
+                retval = -1;
+                goto fail;
+            }
             if (inseq) {
                 char sequence_node_name[DEFAULT_NAME_LEN];
                 snprintf(sequence_node_name, DEFAULT_NAME_LEN, "%d", seq_idx++);