From: Jeff Lucovsky Date: Mon, 8 Feb 2021 13:05:41 +0000 (-0500) Subject: detct/pcre: Correct capture group count check X-Git-Tag: suricata-5.0.6~16 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b0746091b5bd39b4f8f65e438d325b784469a335;p=thirdparty%2Fsuricata.git detct/pcre: Correct capture group count check This commit corrects the validation check between the number of variables used and the number of specified capture groups. (cherry picked from commit 469d5bb214195d8939be467c66ef1e6d25ad3e1f) --- diff --git a/src/detect-pcre.c b/src/detect-pcre.c index c2ae04777d..f0a7798c9d 100644 --- a/src/detect-pcre.c +++ b/src/detect-pcre.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2013 Open Information Security Foundation +/* Copyright (C) 2007-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -711,7 +711,7 @@ static int DetectPcreParseCapture(const char *regexstr, DetectEngineCtx *de_ctx, { char *ptr = NULL; while ((name_array[name_idx] = strtok_r(name_idx == 0 ? capture_names : NULL, " ,", &ptr))){ - if (name_idx > capture_cnt) { + if (name_idx > (capture_cnt - 1)) { SCLogError(SC_ERR_VAR_LIMIT, "more pkt/flow " "var capture names than capturing substrings"); return -1;