From: Philippe Antoine Date: Mon, 30 Aug 2021 20:01:18 +0000 (+0200) Subject: detect: debug validation for list ids overflows X-Git-Tag: suricata-7.0.0-beta1~1486 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bbbb816ed686e12ab716c344fb7e29af0463cf16;p=thirdparty%2Fsuricata.git detect: debug validation for list ids overflows --- diff --git a/src/detect-engine-mpm.c b/src/detect-engine-mpm.c index 96bb001151..702ad734f0 100644 --- a/src/detect-engine-mpm.c +++ b/src/detect-engine-mpm.c @@ -115,6 +115,7 @@ void DetectAppLayerMpmRegister2(const char *name, am->name = name; snprintf(am->pname, sizeof(am->pname), "%s", am->name); am->direction = direction; + DEBUG_VALIDATE_BUG_ON(sm_list < 0 || sm_list > INT16_MAX); am->sm_list = sm_list; am->sm_list_base = sm_list; am->priority = priority; @@ -155,6 +156,7 @@ void DetectAppLayerMpmRegisterByParentId(DetectEngineCtx *de_ctx, BUG_ON(am == NULL); am->name = t->name; am->direction = t->direction; + DEBUG_VALIDATE_BUG_ON(id < 0 || id > INT16_MAX); am->sm_list = id; // use new id am->sm_list_base = t->sm_list; am->type = DETECT_BUFFER_MPM_TYPE_APP; @@ -314,6 +316,7 @@ void DetectPktMpmRegister(const char *name, BUG_ON(am == NULL); am->name = name; snprintf(am->pname, sizeof(am->pname), "%s", am->name); + DEBUG_VALIDATE_BUG_ON(sm_list < 0 || sm_list > INT16_MAX); am->sm_list = sm_list; am->priority = priority; am->type = DETECT_BUFFER_MPM_TYPE_PKT; @@ -351,6 +354,7 @@ void DetectPktMpmRegisterByParentId(DetectEngineCtx *de_ctx, BUG_ON(am == NULL); am->name = t->name; snprintf(am->pname, sizeof(am->pname), "%s#%d", am->name, id); + DEBUG_VALIDATE_BUG_ON(id < 0 || id > INT16_MAX); am->sm_list = id; // use new id am->sm_list_base = t->sm_list; am->type = DETECT_BUFFER_MPM_TYPE_PKT;