From: Tom Peters (thopeter) Date: Fri, 23 Jul 2021 20:30:30 +0000 (+0000) Subject: Merge pull request #2990 in SNORT/snort3 from ~KATHARVE/snort3:h2i_partial_buffer_fix... X-Git-Tag: 3.1.9.0~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c7afaded043c3560b4016e12c5f94dacab8e9f4d;p=thirdparty%2Fsnort3.git Merge pull request #2990 in SNORT/snort3 from ~KATHARVE/snort3:h2i_partial_buffer_fix to master Squashed commit of the following: commit 288ed022ae6a31f5bb2b98e84b8a42cc2bff7b5e Author: Katura Harvey Date: Tue Jul 20 14:33:28 2021 -0400 http_inspect: don't allocate 0-length partial inspection buffer --- diff --git a/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc b/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc index 213288f4b..8ba5be460 100644 --- a/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc +++ b/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc @@ -410,17 +410,22 @@ const StreamBuffer HttpStreamSplitter::reassemble(Flow* flow, unsigned total, uint32_t& running_total = session_data->running_total[source_id]; assert(running_total == total); running_total = 0; - const uint16_t buf_size = + const uint32_t buf_size = session_data->section_offset[source_id] - session_data->num_excess[source_id]; if (session_data->partial_flush[source_id]) { - // Store the data from a partial flush for reuse - partial_buffer = new uint8_t[buf_size]; - memcpy(partial_buffer, buffer, buf_size); - partial_buffer_length = buf_size; + // It's possible we're doing a partial flush but there is no actual data to flush after + // decompression. + if (buf_size > 0) + { + // Store the data from a partial flush for reuse + partial_buffer = new uint8_t[buf_size]; + memcpy(partial_buffer, buffer, buf_size); + partial_buffer_length = buf_size; + session_data->update_allocations(partial_buffer_length); + } partial_raw_bytes += total; - session_data->update_allocations(partial_buffer_length); } else partial_raw_bytes = 0;