From: Victor Julien <victor@inliniac.net>
Date: Tue, 13 Nov 2018 00:27:27 +0000 (-0800)
Subject: detect/within: clean up option value parsing
X-Git-Tag: suricata-4.1.1~56
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9cce1995efd431a281b350565483636dbc83007e;p=thirdparty%2Fsuricata.git

detect/within: clean up option value parsing
---

diff --git a/src/detect-within.c b/src/detect-within.c
index 273aed0dee..f98aa78275 100644
--- a/src/detect-within.c
+++ b/src/detect-within.c
@@ -39,6 +39,7 @@
 
 #include "flow-var.h"
 
+#include "util-byte.h"
 #include "util-debug.h"
 #include "detect-pcre.h"
 #include "detect-within.h"
@@ -112,7 +113,12 @@ static int DetectWithinSetup(DetectEngineCtx *de_ctx, Signature *s, const char *
         cd->within = ((DetectByteExtractData *)bed_sm->ctx)->local_id;
         cd->flags |= DETECT_CONTENT_WITHIN_BE;
     } else {
-        cd->within = strtol(str, NULL, 10);
+        if (ByteExtractStringInt32(&cd->within, 0, 0, str) != (int)strlen(str)) {
+            SCLogError(SC_ERR_INVALID_SIGNATURE,
+                      "invalid value for within: %s", str);
+            goto end;
+        }
+
         if (cd->within < (int32_t)cd->content_len) {
             SCLogError(SC_ERR_WITHIN_INVALID, "within argument \"%"PRIi32"\" is "
                        "less than the content length \"%"PRIu32"\" which is invalid, since "