Project

General

Profile

Actions
Copy link

Bug #3783

closed
AT AT

Stack overflow in DetectFlowbitsAnalyze

Bug #3783: Stack overflow in DetectFlowbitsAnalyze

Added by Antti Tönkyrä almost 6 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Antti Tönkyrä
Target version:
6.0.0beta1
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0

Description

When doing torture tests, I discovered a stack overflow in DetectFlowbitsAnalyze. I have made a PR to github @ https://github.com/OISF/suricata/pull/5103

Overflow happens when number of flowbits is sufficiently large which in turn causes array containing FBAnalyze structs to be greater than stack size.

Changeset should apply cleanly to 5.x too.

Related issues 1 (0 open1 closed)

Copied to Suricata - Bug #3790: Stack overflow in DetectFlowbitsAnalyzeClosedJeff LucovskyActions

AT Updated by Antti Tönkyrä almost 6 years ago Actions
Copy link
 #1

  • Description updated (diff)

AT Updated by Antti Tönkyrä almost 6 years ago Actions
Copy link
 #2

  • Description updated (diff)

VJ Updated by Victor Julien almost 6 years ago Actions
Copy link
 #3

  • Status changed from New to In Review
  • Assignee set to Antti Tönkyrä
  • Target version set to 6.0.0beta1
  • Label Needs backport to 5.0 added

AT Updated by Antti Tönkyrä almost 6 years ago Actions
Copy link
 #4

  • Description updated (diff)

JL Updated by Jeff Lucovsky almost 6 years ago Actions
Copy link
 #5

  • Copied to Bug #3790: Stack overflow in DetectFlowbitsAnalyze added

VJ Updated by Victor Julien almost 6 years ago Actions
Copy link
 #6

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: PDF Atom