Actions
Bug #2745
closedInvalid detect-engine config could lead to segfault
Affected Versions:
Effort:
Difficulty:
Label:
Description
Certain invalid YAML configs for the legacy detect-engine config node can cause a segfault. The following config node can reproduce this when launched with -T:
detect-engine:
custom-values:
toclient-groups: 200
toserver-groups: 200
This is caused by a strcmp on line 1873 in detect-engine.c, where opt->val is null for the custom-values node:
https://github.com/OISF/suricata/blob/0b3220a0df9689e3cc9633981c0e558f451d23b8/src/detect-engine.c#L1873
Updated by Victor Julien about 6 years ago
- Status changed from New to Assigned
- Assignee set to Victor Julien
- Target version set to 4.1.2
Updated by Victor Julien about 6 years ago
- Status changed from Assigned to Closed
Updated by Victor Julien almost 6 years ago
- Copied to Bug #2828: Invalid detect-engine config could lead to segfault (4.0.x) added
Actions