Project

General

Profile

Actions
Copy link

Bug #5193

closed

SSL : over allocation for certificates

Added by Shivani Bhardwaj about 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Jeff Lucovsky
Target version:
5.0.9
Affected Versions:
6.0.4
Effort:
Difficulty:
Label:

Description

Found by Coverity

Untrusted allocation size (TAINTED_SCALAR)

in curr_connp->trec = SCMalloc(curr_connp->trec_len); where trec_len is a u24 read from the network, so suricata can call malloc with up to 16Mbytes even if there is no data yet to fill them...

Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #5188: SSL : over allocation for certificatesClosedPhilippe AntoineActions
Actions
Copy link
 #1

Updated by Shivani Bhardwaj about 2 years ago

  • Copied from Bug #5188: SSL : over allocation for certificates added
Actions
Copy link
 #2

Updated by Shivani Bhardwaj about 2 years ago

  • Label deleted (Needs backport, Needs backport to 5.0, Needs backport to 6.0)
Actions
Copy link
 #3

Updated by Jeff Lucovsky about 2 years ago

  • Status changed from Assigned to In Progress

Cherry-pick commit(s):
- 862e84877ff262cd4b8c4b191a8710f94f63fcf7
- 3ed188e0bc Validation macros only
- d1ada2e13c207e0937f8a4818d5731d319f5fa07

Actions
Copy link
 #4

Updated by Jeff Lucovsky about 2 years ago

  • Status changed from In Progress to In Review
Actions
Copy link
 #6

Updated by Victor Julien almost 2 years ago

  • Status changed from In Review to Resolved

Fix staged.

Actions
Copy link
 #7

Updated by Jeff Lucovsky almost 2 years ago

  • Status changed from Resolved to Closed

Commit(s)
- e0c8dba7ac6eaa757daf80245688f9f2b2496eff
- 4ee374a3bbd4d1a645584742103311bae66bbda1
- c71fb2d3cff567002fa0badf178d1739841037cc

Actions
Copy link

Also available in: Atom PDF