From: Philippe Antoine <pantoine@oisf.net>
Date: Thu, 4 Jul 2024 07:21:29 +0000 (+0200)
Subject: ssh: avoid panic in packet path
X-Git-Tag: suricata-8.0.0-beta1~972
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ef42f835eb07427b37502259938f34fef656b6bc;p=thirdparty%2Fsuricata.git

ssh: avoid panic in packet path

use debug_validate_bug_on instead
---

diff --git a/rust/src/ssh/ssh.rs b/rust/src/ssh/ssh.rs
index ce651de60d..1d38a1bd50 100644
--- a/rust/src/ssh/ssh.rs
+++ b/rust/src/ssh/ssh.rs
@@ -267,15 +267,12 @@ impl SSHState {
                         }
                         Err(Err::Incomplete(_)) => {
                             //we may have consumed data from previous records
-                            if input.len() < SSH_RECORD_HEADER_LEN {
-                                //do not trust nom incomplete value
-                                return AppLayerResult::incomplete(
-                                    (il - input.len()) as u32,
-                                    SSH_RECORD_HEADER_LEN as u32,
-                                );
-                            } else {
-                                panic!("SSH invalid length record header");
-                            }
+                            debug_validate_bug_on!(input.len() >= SSH_RECORD_HEADER_LEN);
+                            //do not trust nom incomplete value
+                            return AppLayerResult::incomplete(
+                                (il - input.len()) as u32,
+                                SSH_RECORD_HEADER_LEN as u32,
+                            );
                         }
                         Err(_e) => {
                             SCLogDebug!("SSH invalid record header {}", _e);