Project

General

Profile

Actions
Copy link

Bug #3774

closed

Assert failed in TLS due to integer underflow

Added by Philippe Antoine almost 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
6.0.0
Affected Versions:
5.0.3
Effort:
Difficulty:
Label:
Needs backport

Description

Found by oss-fuzz :
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22564

Stack trace is :

    #8 0x51f4b0 in SSLv3ParseHandshakeType suricata/src/app-layer-ssl.c:1666:9
    #9 0x51e780 in SSLv3ParseHandshakeProtocol suricata/src/app-layer-ssl.c:1736:18
    #10 0x51cef6 in SSLv3Decode suricata/src/app-layer-ssl.c:2421:26
    #11 0x51b6b7 in SSLDecode suricata/src/app-layer-ssl.c:2608:26
    #12 0x51a9d1 in SSLParseServerRecord suricata/src/app-layer-ssl.c:2658:12
    #13 0x50da1a in AppLayerParserParse suricata/src/app-layer-parser.c:1228:30
    #14 0x4c3860 in LLVMFuzzerTestOneInput suricata/src/tests/fuzz/fuzz_applayerparserparse.c:146:16

Files

clusterfuzz-testcase-minimized-fuzz_applayerparserparse-5111608992071680 (49 Bytes) clusterfuzz-testcase-minimized-fuzz_applayerparserparse-5111608992071680 Philippe Antoine, 06/16/2020 11:19 AM

Related issues 2 (0 open2 closed)

Copied to Suricata - Bug #3791: Assert failed in TLS due to integer underflowClosedShivani BhardwajActions
Copied to Suricata - Bug #3792: Assert failed in TLS due to integer underflowClosedJeff LucovskyActions
Actions
Copy link

Also available in: Atom PDF