From: Shivani Bhardwaj Date: Tue, 25 Apr 2023 07:12:16 +0000 (+0530) Subject: smtp: return on line completion X-Git-Tag: suricata-6.0.12~15 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e95e9281caec46afeb0dadf95969c353ce8850a2;p=thirdparty%2Fsuricata.git smtp: return on line completion Problem: If we receive a long line w/o LF, we cap it to 4k bytes and wait until a line with LF comes in order to consider the previous line complete. Any data post the 4k bytes is discarded. Currently, if a line with LF comes in after a long line, we reset all the parameters used for processing it like the line.len and line.delim_len but we still make the call to SMTPProcessRequest fn without even the need to process anything. Since such a line (with len and delim_len set to 0) should not reach mime decoder, a debug assertion triggers there in this case. Fix: Make sure to return early as the line has to be skipped and not processed at all. Bug 6019 (cherry picked from commit c0067a5fffeb8b014b6756a572afe437d2bb561d) --- diff --git a/src/app-layer-smtp.c b/src/app-layer-smtp.c index f3bcd623ee..46637fd6ae 100644 --- a/src/app-layer-smtp.c +++ b/src/app-layer-smtp.c @@ -1051,6 +1051,13 @@ static int SMTPProcessRequest(SMTPState *state, Flow *f, SCEnter(); SMTPTransaction *tx = state->curr_tx; + /* If current input is to be discarded because it completes a long line, + * line's length and delimeter len are reset to 0. Skip processing this line. + * This line is only to get us out of the state where we should discard any + * data till LF. */ + if (state->current_line_len == 0 && state->current_line_delimiter_len == 0) { + return 0; + } if (state->curr_tx == NULL || (state->curr_tx->done && !NoNewTx(state))) { tx = SMTPTransactionCreate(); if (tx == NULL)