Actions
Bug #5188
closedSSL : over allocation for certificates
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport, Needs backport to 5.0, Needs backport to 6.0
Description
Found by Coverity
Untrusted allocation size (TAINTED_SCALAR)
in curr_connp->trec = SCMalloc(curr_connp->trec_len);
where trec_len is a u24 read from the network, so suricata can call malloc with up to 16Mbytes even if there is no data yet to fill them...
Actions