Project

General

Profile

Actions

Bug #3930

closed

Out of memory from THashInitConfig called by DetectDatasetSetup

Added by Philippe Antoine over 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25713

Reproducer is signature with big hashsize
alert udp any any <> any 2 ipv4.hdr;Datarep:c,>,2,type string, hashsize 101737023 ;

Actions #1

Updated by Philippe Antoine over 4 years ago

  • Status changed from Assigned to In Review

Gitlab

Actions #2

Updated by Victor Julien about 4 years ago

  • Status changed from In Review to Closed
Actions #3

Updated by Philippe Antoine about 4 years ago

  • Status changed from Closed to Assigned

Fix was incomplete and oss-fuzz found another variant
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26925

Actions #4

Updated by Philippe Antoine about 4 years ago

  • Target version changed from 6.0.0 to 6.0.1
  • Affected Versions 6.0.0 added
  • Affected Versions deleted (6.0.0rc1)
Actions #5

Updated by Philippe Antoine about 4 years ago

  • Status changed from Assigned to In Review

Gitlab MR

Actions #6

Updated by Philippe Antoine about 4 years ago

  • Status changed from In Review to Closed

https://github.com/OISF/suricata/pull/5616
more precisely commit "limit memcap for datasets when fuzzing to avoid OOMs"

Actions #7

Updated by Jeff Lucovsky about 4 years ago

  • Private changed from Yes to No
Actions

Also available in: Atom PDF