From 4dc26b3ae86e1ac9885884eec30a70edc27fa883 Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Thu, 19 Apr 2018 11:27:43 +0200
Subject: [PATCH] ssh: fix out of bounds read in banner parsing

Reported-by: Henning Perl
---
 src/app-layer-ssh.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/app-layer-ssh.c b/src/app-layer-ssh.c
index 91aa9c59b6..23435fffa1 100644
--- a/src/app-layer-ssh.c
+++ b/src/app-layer-ssh.c
@@ -69,7 +69,7 @@ static int SSHParseBanner(SshState *state, SshHeader *header, const uint8_t *inp
     uint32_t line_len = input_len;
 
     /* is it the version line? */
-    if (SCMemcmp("SSH-", line_ptr, 4) != 0) {
+    if (line_len >= 4 && SCMemcmp("SSH-", line_ptr, 4) != 0) {
         SCReturnInt(-1);
     }
 
-- 
2.47.2