]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 89030d3)
ssl: reset state when breaking out of SSLV3_HANDSHAKE_PROTOCOL
authorPhilippe Antoine <contact@catenacyber.fr>
Fri, 18 Dec 2020 21:12:23 +0000 (22:12 +0100)
committerVictor Julien <victor@inliniac.net>
Fri, 26 Feb 2021 12:27:11 +0000 (13:27 +0100)
So that we cannot resumt it with corrupted values

src/app-layer-ssl.c patch | blob | blame | history

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index 698212ed18d1e4ec990118f41d9f065898eb649c..725fb80377aec399ad4006a95fa5e34b27f11667 100644 (file)
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -2371,6 +2371,8 @@ static int SSLv3Decode(uint8_t direction, SSLState *ssl_state,
                         ((ssl_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0)) {
                     /* do nothing */
                 } else {
+                    // if we started parsing this, we must stop
+                    ssl_state->curr_connp->hs_bytes_processed = 0;
                     break;
                 }
             }
Mirror of https://github.com/OISF/suricata.git