Project

General

Profile

Actions

Bug #1689

closed

Stack overflow in case of variables misconfiguration

Added by Alexander Gozman almost 9 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

When 'vars' section in configuration file is incorrect, a stack overflow error may occur. For instance:

vars:
HOME_NET: "!$HOME_NET"

This is undefined and recursive declaration. Suricata tries to resolve a variable, calling DetectAddressParse2() again and again until stack space is exhausted and segmentation fault occurs. No error messages are given and user can't see what went wrong.

Valgrind reports:

11392 Stack overflow in thread #1: can't grow stack to 0xffe801000
11392
11392 Process terminating with default action of signal 11 (SIGSEGV)
Actions

Also available in: Atom PDF