From: Daniil Kolomiiets -X (dkolomii - SOFTSERVE INC at Cisco) Date: Tue, 30 Sep 2025 20:12:49 +0000 (+0000) Subject: Pull request #4919: appid: nntp validate data loop fix X-Git-Tag: 3.9.6.0~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=88c7f124a66b8f5384269ecfaa952d8224f560c8;p=thirdparty%2Fsnort3.git Pull request #4919: appid: nntp validate data loop fix Merge in SNORT/snort3 from ~DKOLOMII/snort3:nntp_loop_fix to master Squashed commit of the following: commit ceb7f626ad0b09cb6bc264261868d716a50dcd46 Author: Daniil Kolomiiets Date: Tue Sep 30 09:37:27 2025 -0400 appid: fixing loop inside nntp validate data --- diff --git a/src/network_inspectors/appid/service_plugins/service_nntp.cc b/src/network_inspectors/appid/service_plugins/service_nntp.cc index 36cef5d8c..fac31511b 100644 --- a/src/network_inspectors/appid/service_plugins/service_nntp.cc +++ b/src/network_inspectors/appid/service_plugins/service_nntp.cc @@ -259,6 +259,11 @@ static int nntp_validate_data(const uint8_t* data, uint16_t* offset, uint16_t si break; } } + + if(*offset == std::numeric_limits::max()) + { + return 0; + } } return 0; } diff --git a/src/network_inspectors/appid/service_plugins/test/CMakeLists.txt b/src/network_inspectors/appid/service_plugins/test/CMakeLists.txt index a80b83fb8..6c78f2a3b 100644 --- a/src/network_inspectors/appid/service_plugins/test/CMakeLists.txt +++ b/src/network_inspectors/appid/service_plugins/test/CMakeLists.txt @@ -6,3 +6,4 @@ add_cpputest( alpn_patterns_tests ) add_cpputest( service_snmp_test ) add_cpputest( service_rtmp_test ) add_cpputest( service_netbios_test ) +add_cpputest( service_nntp_test ) diff --git a/src/network_inspectors/appid/service_plugins/test/service_nntp_test.cc b/src/network_inspectors/appid/service_plugins/test/service_nntp_test.cc new file mode 100644 index 000000000..8862e6a1f --- /dev/null +++ b/src/network_inspectors/appid/service_plugins/test/service_nntp_test.cc @@ -0,0 +1,58 @@ +//-------------------------------------------------------------------------- +// Copyright (C) 2022-2025 Cisco and/or its affiliates. All rights reserved. +// +// This program is free software; you can redistribute it and/or modify it +// under the terms of the GNU General Public License Version 2 as published +// by the Free Software Foundation. You may not use, modify or distribute +// this program under any other version of the GNU General Public License. +// +// This program is distributed in the hope that it will be useful, but +// WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +// General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +//-------------------------------------------------------------------------- +// +// service_nntp_test.cc author Daniil Kolomiiets + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include "../service_nntp.cc" +#include "service_plugin_mock.h" + +#include +#include +#include + +TEST_GROUP(nntp_validate_data_tests) +{ + void setup() override + { + } + void teardown() override + { + } +}; + +TEST(nntp_validate_data_tests, nntp_validate_loop) +{ + constexpr uint16_t size = std::numeric_limits::max(); + uint8_t data[size]; + memset(data, 0, sizeof(data)); + uint16_t offset = 0; + int flags = 0; + + int result = nntp_validate_data(data, &offset, size, &flags); + CHECK_EQUAL(0, result); +} + +int main(int argc, char** argv) +{ + int return_value = CommandLineTestRunner::RunAllTests(argc, argv); + return return_value; +} \ No newline at end of file