From: Shivani Bhardwaj <shivani@oisf.net>
Date: Thu, 10 Aug 2023 12:17:35 +0000 (+0530)
Subject: af-packet: terminate on same interface & copyiface
X-Git-Tag: suricata-7.0.1~46
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d4dd53c95f5fe30a0b2a1e71ab185c06c71a1afe;p=thirdparty%2Fsuricata.git

af-packet: terminate on same interface & copyiface

If the interface and copy-iface are same for an af-packet IPS device
setting then fataly exit else it leads to a segfault in later stages.

Bug 5870
---

diff --git a/src/runmode-af-packet.c b/src/runmode-af-packet.c
index fff1bd45b9..fd21c26293 100644
--- a/src/runmode-af-packet.c
+++ b/src/runmode-af-packet.c
@@ -290,6 +290,11 @@ static void *ParseAFPConfig(const char *iface)
         if (out_iface != NULL) {
             if (strlen(out_iface) > 0) {
                 aconf->out_iface = out_iface;
+                if (strcmp(iface, out_iface) == 0) {
+                    FatalError(
+                            "Invalid config: interface (%s) and copy-iface (%s) can't be the same",
+                            iface, out_iface);
+                }
             }
         } else {
             SCLogWarning("copy-iface corresponding to %s interface cannot be NULL", iface);