From: Philippe Antoine <contact@catenacyber.fr>
Date: Sat, 16 Apr 2022 14:51:42 +0000 (+0200)
Subject: detect: parsing avoiding infinite loop
X-Git-Tag: suricata-7.0.0-beta1~528
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ced96a8aadd8a9a4ce3d8d689ac53f7eedbbe8e9;p=thirdparty%2Fsuricata.git

detect: parsing avoiding infinite loop

by comparing size_t to strlen result
Instead of uint16_t which would loop

Ticket: #5310
---

diff --git a/src/detect-content.c b/src/detect-content.c
index b5691d416b..58493266a8 100644
--- a/src/detect-content.c
+++ b/src/detect-content.c
@@ -99,7 +99,7 @@ int DetectContentDataParse(const char *keyword, const char *contentstr,
     char converted = 0;
 
     {
-        uint16_t i, x;
+        size_t i, x;
         uint8_t bin = 0;
         uint8_t escape = 0;
         uint8_t binstr[3] = "";
diff --git a/src/detect-detection-filter.c b/src/detect-detection-filter.c
index 55cfcc21e3..557f72b89b 100644
--- a/src/detect-detection-filter.c
+++ b/src/detect-detection-filter.c
@@ -103,7 +103,7 @@ static DetectThresholdData *DetectDetectionFilterParse (const char *rawstr)
     char *copy_str = NULL, *df_opt = NULL;
     int seconds_found = 0, count_found = 0, track_found = 0;
     int seconds_pos = 0, count_pos = 0;
-    uint16_t pos = 0;
+    size_t pos = 0;
     int i = 0;
     char *saveptr = NULL;
 
diff --git a/src/detect-engine-prefilter.c b/src/detect-engine-prefilter.c
index 6cf0fbed5d..3173287731 100644
--- a/src/detect-engine-prefilter.c
+++ b/src/detect-engine-prefilter.c
@@ -599,9 +599,8 @@ static uint32_t PrefilterStoreHashFunc(HashListTable *ht, void *data, uint16_t d
     PrefilterStore *ctx = data;
 
     uint32_t hash = strlen(ctx->name);
-    uint16_t u;
 
-    for (u = 0; u < strlen(ctx->name); u++) {
+    for (size_t u = 0; u < strlen(ctx->name); u++) {
         hash += ctx->name[u];
     }
 
diff --git a/src/detect-msg.c b/src/detect-msg.c
index 98bd630d70..bdc21ef295 100644
--- a/src/detect-msg.c
+++ b/src/detect-msg.c
@@ -65,7 +65,7 @@ static int DetectMsgSetup (DetectEngineCtx *de_ctx, Signature *s, const char *ms
     char converted = 0;
 
     {
-        uint16_t i, x;
+        size_t i, x;
         uint8_t escape = 0;
 
         /* it doesn't matter if we need to escape or not we remove the extra "\" to mimic snort */
@@ -194,4 +194,4 @@ void DetectMsgRegisterTests(void)
     UtRegisterTest("DetectMsgParseTest02", DetectMsgParseTest02);
     UtRegisterTest("DetectMsgParseTest03", DetectMsgParseTest03);
 }
-#endif /* UNITTESTS */
\ No newline at end of file
+#endif /* UNITTESTS */
diff --git a/src/detect-threshold.c b/src/detect-threshold.c
index 4eb7244256..e3991b41a2 100644
--- a/src/detect-threshold.c
+++ b/src/detect-threshold.c
@@ -118,7 +118,7 @@ static DetectThresholdData *DetectThresholdParse(const char *rawstr)
     int second_found = 0, count_found = 0;
     int type_found = 0, track_found = 0;
     int second_pos = 0, count_pos = 0;
-    uint16_t pos = 0;
+    size_t pos = 0;
     int i = 0;
 
     copy_str = SCStrdup(rawstr);