From: Philippe Antoine <contact@catenacyber.fr>
Date: Fri, 10 Jul 2020 08:50:36 +0000 (+0200)
Subject: dcerpc: detect right parsing of empty op version
X-Git-Tag: suricata-6.0.0-beta1~216
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ca6d0722970b8d8a15b4c82df0c3e5b4edccac83;p=thirdparty%2Fsuricata.git

dcerpc: detect right parsing of empty op version
---

diff --git a/rust/src/dcerpc/detect.rs b/rust/src/dcerpc/detect.rs
index 5d798a65e0..2e9d78f8d6 100644
--- a/rust/src/dcerpc/detect.rs
+++ b/rust/src/dcerpc/detect.rs
@@ -60,6 +60,9 @@ pub struct DCEOpnumData {
 }
 
 fn extract_op_version(opver: &str) -> Result<(u8, u16), ()> {
+    if opver.len() < 1 {
+        return Err(());
+    }
     let (op, version) = opver.split_at(1);
     let opval: u8 = match op {
         ">" => DETECT_DCE_IFACE_OP_GT,
@@ -363,6 +366,13 @@ mod test {
 
         let op_version = "@1";
         assert_eq!(true, extract_op_version(op_version).is_err());
+
+        let op_version = "";
+        assert_eq!(
+            Err(()),
+            extract_op_version(op_version)
+        );
+
     }
 
     #[test]