Project

General

Profile

Bug #3790

Stack overflow in DetectFlowbitsAnalyze

Added by Jeff Lucovsky 11 months ago. Updated 9 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

When doing torture tests, I discovered a stack overflow in DetectFlowbitsAnalyze. I have made a PR to github @ https://github.com/OISF/suricata/pull/5103

Overflow happens when number of flowbits is sufficiently large which in turn causes array containing FBAnalyze structs to be greater than stack size.

Changeset should apply cleanly to 5.x too.


Related issues

Copied from Bug #3783: Stack overflow in DetectFlowbitsAnalyzeClosedAntti TönkyräActions
#1

Updated by Jeff Lucovsky 11 months ago

  • Copied from Bug #3783: Stack overflow in DetectFlowbitsAnalyze added
#2

Updated by Jeff Lucovsky 9 months ago

  • Status changed from Assigned to In Review
#4

Updated by Jeff Lucovsky 9 months ago

  • Status changed from In Review to Closed

Also available in: Atom PDF