Project

General

Profile

Actions
Copy link

Bug #5282

closed
JL JI

6.0.x: ftp: don't let first incomplete segment be over maximum length

Bug #5282: 6.0.x: ftp: don't let first incomplete segment be over maximum length

Added by Jeff Lucovsky almost 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Jason Ish
Target version:
6.0.6
Affected Versions:
6.0.5
Effort:
Difficulty:
Label:

Description

The first non-terminated ftp command segment is buffered with no size limit. This results in a subsequent segment causing an integer to enter a negative state which is then asserted on with a DEBUG_VALIDATE_BUG_ON. Make sure the first segment is subject to limits of subsequent segments.

Then result is non-debug-validate-bug-on builds is that the first logged segment can be up to 65k, but their should be no security related issue here as the right thing is already done for negative values.

Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #5281: ftp: don't let first incomplete segment be over maximum lengthClosedJason IshActions

JL Updated by Jeff Lucovsky almost 4 years ago Actions
Copy link
 #1

  • Copied from Bug #5281: ftp: don't let first incomplete segment be over maximum length added

JI Updated by Jason Ish almost 4 years ago Actions
Copy link
 #2

  • Assignee changed from Shivani Bhardwaj to Jason Ish

JI Updated by Jason Ish almost 4 years ago Actions
Copy link
 #3

  • Status changed from Assigned to In Review

JI Updated by Jason Ish almost 4 years ago Actions
Copy link
 #4

  • Subject changed from ftp: don't let first incomplete segment be over maximum length to 6.0.x: ftp: don't let first incomplete segment be over maximum length
  • Status changed from In Review to Closed
Actions
Copy link

Also available in: PDF Atom