Pull request #4919: appid: nntp validate data loop fix

Merge in SNORT/snort3 from ~DKOLOMII/snort3:nntp_loop_fix to master

Squashed commit of the following:

commit ceb7f626ad0b09cb6bc264261868d716a50dcd46
Author: Daniil Kolomiiets <dkolomii@cisco.com>
Date:   Tue Sep 30 09:37:27 2025 -0400

    appid: fixing loop inside nntp validate data

diff --git a/src/network_inspectors/appid/service_plugins/service_nntp.cc b/src/network_inspectors/appid/service_plugins/service_nntp.cc
index 36cef5d8ceb56d50d503a7e859eb71546fad182b..fac31511b6cdad0c2ec96944abfa584deecee12c 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_nntp.cc
+++ b/src/network_inspectors/appid/service_plugins/service_nntp.cc
@@ -259,6 +259,11 @@ static int nntp_validate_data(const uint8_t* data, uint16_t* offset, uint16_t si
                 break;
             }
         }
+
+        if(*offset == std::numeric_limits<uint16_t>::max())
+        {
+            return 0;
+        }
     }
     return 0;
 }

diff --git a/src/network_inspectors/appid/service_plugins/test/CMakeLists.txt b/src/network_inspectors/appid/service_plugins/test/CMakeLists.txt
index a80b83fb83c0c92430be1b5b369115ee7ab0732d..6c78f2a3b917f37f1bdcd07159641b4e2c0c87e2 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/test/CMakeLists.txt
+++ b/src/network_inspectors/appid/service_plugins/test/CMakeLists.txt
@@ -6,3 +6,4 @@ add_cpputest( alpn_patterns_tests )
 add_cpputest( service_snmp_test )
 add_cpputest( service_rtmp_test )
 add_cpputest( service_netbios_test )
+add_cpputest( service_nntp_test )

diff --git a/src/network_inspectors/appid/service_plugins/test/service_nntp_test.cc b/src/network_inspectors/appid/service_plugins/test/service_nntp_test.cc
new file mode 100644 (file)
index 0000000..8862e6a
--- /dev/null
+++ b/src/network_inspectors/appid/service_plugins/test/service_nntp_test.cc
@@ -0,0 +1,58 @@
+//--------------------------------------------------------------------------
+// Copyright (C) 2022-2025 Cisco and/or its affiliates. All rights reserved.
+//
+// This program is free software; you can redistribute it and/or modify it
+// under the terms of the GNU General Public License Version 2 as published
+// by the Free Software Foundation.  You may not use, modify or distribute
+// this program under any other version of the GNU General Public License.
+//
+// This program is distributed in the hope that it will be useful, but
+// WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+// General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+//--------------------------------------------------------------------------
+//
+// service_nntp_test.cc author Daniil Kolomiiets <dkolomii@cisco.com>
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "../service_nntp.cc"
+#include "service_plugin_mock.h"
+
+#include <CppUTest/CommandLineTestRunner.h>
+#include <CppUTest/TestHarness.h>
+#include <CppUTestExt/MockSupport.h>
+
+TEST_GROUP(nntp_validate_data_tests)
+{
+    void setup() override
+    {
+    }
+    void teardown() override
+    {
+    }
+};
+
+TEST(nntp_validate_data_tests, nntp_validate_loop)
+{    
+    constexpr uint16_t size = std::numeric_limits<uint16_t>::max();
+    uint8_t data[size];
+    memset(data, 0, sizeof(data));
+    uint16_t offset = 0;
+    int flags = 0;
+    
+    int result = nntp_validate_data(data, &offset, size, &flags);
+    CHECK_EQUAL(0, result);
+}
+
+int main(int argc, char** argv)
+{
+    int return_value = CommandLineTestRunner::RunAllTests(argc, argv);
+    return return_value;
+}
\ No newline at end of file