Suricata

### Bugreport SSHParseBanner (app-layer-ssh.c)
There is an integer and as a result a heap buffer overflow at line 99.
## Input
If *input of the function *SSHParseBanner(SshState *state, SshHeader *header, const uint8_t *input, uint32_t
input_len)* only consists only one spezial character **'\n'**, the program runs
into a heap buffer overfow.
## Reason
At **line 76** in the function *SSHParseBanner*, the program search for a “'\r'”.
If not, then match the input with a “'\n'”.
After this point line_len is “0”. And this is the problem.
At line 97, we subtract “-4” from line_len and we get a negativ integer.
Unfortunatly, input_len is an unsigned integer and smaall negativ integers are now very big unsigned integers.
The result is, that the **input_len** is much higher then the given buffer.
The function *BasicSearch* needs the length and will crash by of reading to much memory space
because of the high input_len value.
This results in a heap-buffer-overflow.