Actions
Bug #3936
closedInteger overflow in DetectContentPropagateLimits leading to unintended signature behavior
Affected Versions:
Effort:
Difficulty:
Label:
Description
Found by oss-fuzz :
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24105
Reproducer isalert tcp any any -> any any (msg:"JllWorkAndNoPlay"; content:"threshoBoy"; content:"æ†≤<MrkBoyy"; distance:2147483647“id:0;)
distance:2147483647 is 0x7FFFFFFF aka INT32_MAX
This distance is used to compute a new offset but offset is uint16_t
Actions