Fix the bug specified in the previous commit.

Bug emanates from byte_test, byte_jump and byte_extract keyword being
unable to handle negative offsets when the inspection pointer is at the
end of the buffer.

diff --git a/src/detect-byte-extract.c b/src/detect-byte-extract.c
index f70dc79ac081eb1f221bd6324a9c2c51c7e8121d..6a20b188d07de5ec1a247097726e9d0f840909f4 100644 (file)
--- a/src/detect-byte-extract.c
+++ b/src/detect-byte-extract.c
@@ -156,14 +156,13 @@ int DetectByteExtractDoMatch(DetectEngineThreadCtx *det_ctx, SigMatch *sm,
         ptr = payload + det_ctx->buffer_offset;
         len = payload_len - det_ctx->buffer_offset;
 
-        /* No match if there is no relative base */
-        if (len == 0) {
-            return 0;
-        }
-
         ptr += data->offset;
         len -= data->offset;
 
+        /* No match if there is no relative base */
+        if (len <= 0) {
+            return 0;
+        }
         //PrintRawDataFp(stdout,ptr,len);
     } else {
         SCLogDebug("absolute, data->offset %"PRIu32"", data->offset);

diff --git a/src/detect-bytejump.c b/src/detect-bytejump.c
index 185089445be6765d5337e4f72ace2e892d225ba5..ac65197b65b1628bef4cda98dee0c1c7430ed079 100644 (file)
--- a/src/detect-bytejump.c
+++ b/src/detect-bytejump.c
@@ -129,13 +129,13 @@ int DetectBytejumpDoMatch(DetectEngineThreadCtx *det_ctx, Signature *s,
         ptr = payload + det_ctx->buffer_offset;
         len = payload_len - det_ctx->buffer_offset;
 
+        ptr += offset;
+        len -= offset;
+
         /* No match if there is no relative base */
-        if (ptr == NULL || len == 0) {
+        if (ptr == NULL || len <= 0) {
             SCReturnInt(0);
         }
-
-        ptr += offset;
-        len -= offset;
     }
     else {
         ptr = payload + offset;

diff --git a/src/detect-bytetest.c b/src/detect-bytetest.c
index 109837400f269406fe40bd944563fb34fbd0d526..7e849f177701aaafe5b332968cbbbc5acf2be095 100644 (file)
--- a/src/detect-bytetest.c
+++ b/src/detect-bytetest.c
@@ -136,14 +136,13 @@ int DetectBytetestDoMatch(DetectEngineThreadCtx *det_ctx, Signature *s, SigMatch
         ptr = payload + det_ctx->buffer_offset;
         len = payload_len - det_ctx->buffer_offset;
 
-        /* No match if there is no relative base */
-        if (ptr == NULL || len == 0) {
-            SCReturnInt(0);
-        }
-
         ptr += offset;
         len -= offset;
 
+        /* No match if there is no relative base */
+        if (ptr == NULL || len <= 0) {
+            SCReturnInt(0);
+        }
         //PrintRawDataFp(stdout,ptr,len);
     }
     else {