From c6afee64d510daa9f383b160f3abd194ee74a15b Mon Sep 17 00:00:00 2001 From: Philippe Antoine Date: Wed, 30 Aug 2023 21:35:08 +0200 Subject: [PATCH] smtp: fix null deref with config option body md5 Ticket: #6279 If we have the smtp body beginning without headers, we need to create the md5 context and right away and supply data to it. Otherwise, on the next line being processed, md5_ctx will be NULL but body_begin will have been reset to 0 --- src/util-decode-mime.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/util-decode-mime.c b/src/util-decode-mime.c index 7ee5263b76..b22a8c2e6f 100644 --- a/src/util-decode-mime.c +++ b/src/util-decode-mime.c @@ -1766,6 +1766,12 @@ static int FindMimeHeader(const uint8_t *buf, uint32_t blen, state->body_begin = 1; state->body_end = 0; + // Begin the body md5 computation if config asks so + if (MimeDecGetConfig()->body_md5 && state->md5_ctx == NULL) { + state->md5_ctx = SCMd5New(); + SCMd5Update(state->md5_ctx, buf, blen + state->current_line_delimiter_len); + } + ret = ProcessBodyLine(buf, blen, state); if (ret != MIME_DEC_OK) { SCLogDebug("Error: ProcessBodyLine() function failed"); -- 2.47.2