Bug #3642: RFB parser wrongly handles incomplete data - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #3642

closed

RFB parser wrongly handles incomplete data

Added by Philippe Antoine about 4 years ago. Updated about 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

6.0.0beta1

Affected Versions:

Effort:

Difficulty:

Label:

Description

parse_supported_security_types returns nom::Err::Incomplete(nom::Needed::Size(2)) if we give it a one byte input (whose value is 2)
when parse_server_security_type returns nom::Err::Incomplete(nom::Needed::Size(4)) if we give it a one byte input

In the first case we need two additional bytes to the first byte
In the second case, we need a total of 4 bytes, including the first one we got

Rust nom doesn't give you a usable number especially when their is a chain of parsers

No backport as it is a new feature

PR :
https://github.com/OISF/suricata/pull/4817

Actions

Copy link

Updated by Victor Julien about 4 years ago

Assignee set to Philippe Antoine
Target version changed from 5.0.3 to 6.0.0beta1

Actions

Copy link

Updated by Philippe Antoine about 4 years ago

Status changed from In Review to Closed

https://github.com/OISF/suricata/pull/4817

Actions

Copy link

Updated by Victor Julien about 4 years ago

Affected Versions deleted (~~5.0.3~~)

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #3642

RFB parser wrongly handles incomplete data

Updated by Victor Julien about 4 years ago

Updated by Philippe Antoine about 4 years ago

Updated by Victor Julien about 4 years ago