From: Philippe Antoine <contact@catenacyber.fr>
Date: Sun, 23 Jan 2022 20:22:32 +0000 (+0100)
Subject: http2: check overflow before it happens
X-Git-Tag: suricata-6.0.7~30
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ed15b0d6ab1e605837f1b6d328cc596294c9d30c;p=thirdparty%2Fsuricata.git

http2: check overflow before it happens

instead of checking afterwards if value got smaller

(cherry picked from commit b86beb9b68807e371f7af1ad6a1f789fdd5f7209)

Manually adapted to make it work with MSRV
---

diff --git a/rust/src/http2/parser.rs b/rust/src/http2/parser.rs
index 87e9883895..cc76f225c3 100644
--- a/rust/src/http2/parser.rs
+++ b/rust/src/http2/parser.rs
@@ -528,11 +528,11 @@ fn http2_parse_var_uint(input: &[u8], value: u64, max: u64) -> IResult<&[u8], u6
     for i in 0..varia.len() {
         varval += ((varia[i] & 0x7F) as u64) << (7 * i);
     }
-    varval += (finalv as u64) << (7 * varia.len());
-    if varval < max {
-        // this has overflown u64
+    if (finalv as u64) << (7 * varia.len()) > std::u64::MAX - varval {
+        // this would overflow u64
         return Ok((i3, 0));
     }
+    varval += (finalv as u64) << (7 * varia.len());
     return Ok((i3, varval));
 }