Project

General

Profile

Actions

Bug #4071

closed

Null dereference in ipv4hdr GetData

Added by Philippe Antoine about 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
High
Target version:
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0

Description

Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24288

Reproducer is
./src/suricata -r fail.pcap -S ip4hdr.rule
with ip4hdr.rule being a rule using ipv4.hdr alert ip any any -> any any (ipv4.hdr; content:"|00 00|"; offset:4; depth:2; sid:1234;)

The bug seems to be present for tcphdr as well


Files

fail.pcap (138 Bytes) fail.pcap Philippe Antoine, 10/14/2020 07:41 PM
tcp0.pcap (250 Bytes) tcp0.pcap Philippe Antoine, 10/14/2020 07:55 PM

Related issues 1 (0 open1 closed)

Copied to Suricata - Bug #4132: Null dereference in ipv4hdr GetDataClosedJeff LucovskyActions
Actions

Also available in: Atom PDF