Project

General

Custom queries

Profile

Actions

Bug #3642

closed

RFB parser wrongly handles incomplete data

Added by Philippe Antoine over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

parse_supported_security_types returns nom::Err::Incomplete(nom::Needed::Size(2)) if we give it a one byte input (whose value is 2)
when parse_server_security_type returns nom::Err::Incomplete(nom::Needed::Size(4)) if we give it a one byte input

In the first case we need two additional bytes to the first byte
In the second case, we need a total of 4 bytes, including the first one we got

Rust nom doesn't give you a usable number especially when their is a chain of parsers

No backport as it is a new feature

PR :
https://github.com/OISF/suricata/pull/4817

Actions #2

Updated by Philippe Antoine over 4 years ago

  • Status changed from In Review to Closed
Actions

Also available in: Atom PDF