Project

General

Profile

Actions
Copy link

Bug #5529

closed

frame: memory leak in signature parsing

Added by Philippe Antoine over 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
7.0.0-rc1
Affected Versions:
git master
Effort:
Difficulty:
Label:

Description

Found by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50889&q=label%3AProj-suricata

Reproducer is alert smb any any -> any any flow:to_client; frame:smb2.data; strip_whitespace; content:"/z4>488m"; endswith; sid:4;)

Actions
Copy link
 #1

Updated by Victor Julien over 2 years ago

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Victor Julien
  • Private changed from Yes to No
Actions
Copy link
 #2

Updated by Philippe Antoine over 2 years ago

flow:to_client; and strip_whitespace; are needed by the bug

endswith is not needed

Actions
Copy link
 #3

Updated by Victor Julien about 2 years ago

  • Target version changed from 7.0.0-beta1 to 8.0.0-beta1
Actions
Copy link
 #4

Updated by Philippe Antoine about 2 years ago

Why not 7.0.rc1 ?

Actions
Copy link
 #5

Updated by Victor Julien about 2 years ago

  • Target version changed from 8.0.0-beta1 to 7.0.0-rc1

Accident during mass retargeting, thanks for catching this.

Actions
Copy link
 #6

Updated by Philippe Antoine about 2 years ago

Regression range is 0bf1227f0f061930cfdb751db5f055f20fb819a7...dff7e7d34e179fc3973bde22fcca6852ada98d24

Actions
Copy link
 #7

Updated by Philippe Antoine about 2 years ago

  • Status changed from Assigned to In Review
  • Assignee changed from Victor Julien to Philippe Antoine
Actions
Copy link
 #8

Updated by Philippe Antoine about 2 years ago

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: Atom PDF