Project

General

Profile

Actions

Bug #5193

closed

SSL : over allocation for certificates

Added by Shivani Bhardwaj almost 3 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Found by Coverity

Untrusted allocation size (TAINTED_SCALAR)

in curr_connp->trec = SCMalloc(curr_connp->trec_len); where trec_len is a u24 read from the network, so suricata can call malloc with up to 16Mbytes even if there is no data yet to fill them...


Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #5188: SSL : over allocation for certificatesClosedPhilippe AntoineActions
Actions

Also available in: Atom PDF