Project

General

Profile

Bug #4433

Debug assert failed in ikev1 logger

Added by Philippe Antoine 4 months ago. Updated 3 months ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 6.0

Description

Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33241

Reproducer pcap is attached

I wonder if the fix is to remove the assert
https://github.com/OISF/suricata/pull/5955/files#diff-bc4b3b79e63dd6bb3f1b719352a30e9c979b36ada374b68ddaba29c54b410c26R79

Because I do not see how the code can prevent multiple transforms, coming from two different packets/transactions and registered in the ikev1 state

Another fix could be that update keeps at most one transform


Files

isa.pcap (1.62 KB) isa.pcap Philippe Antoine, 04/15/2021 12:57 PM

Related issues

Copied to Bug #4456: Debug assert failed in ikev1 loggerRejectedShivani BhardwajActions

Also available in: Atom PDF