From e07a4393a9dc07d199a04540d0b54119ee95a2a5 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Mon, 5 Oct 2020 08:17:19 +0200 Subject: [PATCH] http: error check htp_list_size This avoids a potential casting to uint64_t of -1, leading to a very high upper bound of the tx loop. --- src/app-layer-htp.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index 8498f0730b..469fd2f1a7 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -2947,9 +2947,11 @@ static uint64_t HTPStateGetTxCnt(void *alstate) HtpState *http_state = (HtpState *)alstate; if (http_state != NULL && http_state->conn != NULL) { - const uint64_t size = (uint64_t)htp_list_size(http_state->conn->transactions); + const int64_t size = (int64_t)htp_list_size(http_state->conn->transactions); + if (size < 0) + return 0ULL; SCLogDebug("size %"PRIu64, size); - return size; + return (uint64_t)size; } else { return 0ULL; } -- 2.47.2