geoip: never try to store more locations than possible (Coverity 1038517)

diff --git a/src/detect-geoip.c b/src/detect-geoip.c
index f3a865d3f7f1e125baf6d70d4e2f7816dd4fc569..a7a1d05eef47174d00b1b0e7d580033063ae2f15 100644 (file)
--- a/src/detect-geoip.c
+++ b/src/detect-geoip.c
@@ -268,6 +268,12 @@ static DetectGeoipData *DetectGeoipDataParse (char *str)
                     geoipdata->flags |= GEOIP_MATCH_NEGATED;
                     prevpos++; /* dot not copy the ! */
                 }
+
+                if (geoipdata->nlocations >= GEOOPTION_MAXLOCATIONS) {
+                    SCLogError(SC_ERR_INVALID_ARGUMENT, "too many arguements for geoip keyword");
+                    goto error;
+                }
+
                 if (pos-prevpos > GEOOPTION_MAXSIZE)
                     strlcpy((char *)geoipdata->location[geoipdata->nlocations], &str[prevpos],
                                                                             GEOOPTION_MAXSIZE);