]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2b57179) | patch
spm/hs: don't exit on bad patterns
authorVictor Julien <vjulien@oisf.net>
Tue, 5 Sep 2023 12:49:34 +0000 (14:49 +0200)
committerVictor Julien <vjulien@oisf.net>
Wed, 13 Sep 2023 08:09:22 +0000 (10:09 +0200)
commit00e00254eae205bad5d4cfbf6c9e69f944faaf69
tree3b1cb0f4ce1145cddf1d3ae51616d5f4d12f8a2ftree
parent2b57179d65ecd0c29b1031e4ac23ef5296d60046commit | diff
spm/hs: don't exit on bad patterns

A bad pattern in a rule that hyperscan would fail to compile would
exit Suricata. This could happen during a rule reload as well.

In case of a untrusted ruleset, this could potentially be used to
shut down the sensor.

Commit 7d0851b0c2 already blocks the only know case, but this patch
is more defensive.

Ticket: #6195.
src/util-spm-hs.c diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git