Bug #3630: Recursion stack-overflow in parsing YAML configuration - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #3630

closed

Recursion stack-overflow in parsing YAML configuration

Added by Jason Ish over 4 years ago. Updated over 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Jason Ish

Target version:

6.0.0beta1

Affected Versions:

Effort:

Difficulty:

Label:

Needs backport to 4.1, Needs backport to 5.0

Description

A YAML configuration can be crafted (for example, by a fuzzer) that causes the YAML parser to recurse to a depth where a stack-overflow occurs. This appears to be at about 180. Our default configuration goes to a depth of about 16.

Suggested fix: track the recursion limit and abort at some level, for example 128 should be OK.

Longer term fix if we every have a config that needs more recursion would be to refactor into a loop.

Related issues 2 (0 open — 2 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #3630

Recursion stack-overflow in parsing YAML configuration

Updated by Victor Julien over 4 years ago

Updated by Jeff Lucovsky over 4 years ago

Updated by Jeff Lucovsky over 4 years ago