Project

General

Profile

Actions
Copy link

Security #5945

closed
JL JL

byte_math: Division by zero possible.

Security #5945: byte_math: Division by zero possible.

Added by Jeff Lucovsky about 3 years ago. Updated almost 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Jeff Lucovsky
Target version:
7.0.0-rc2
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
MODERATE
Disclosure Date:

Description

The byte_math keyword supports basic math and shift-left/right operations for the rvalue (either a scalar or variable).

The division operator should check for a zero-value divisor value.

alert tcp any any -> any any (msg:"Testing bytemath_body"; \
                              content:"|00 04 93 F3|";  \
                              content:"|00 00 00 07|"; distance:4; within:4; \
                              byte_math:bytes 4, offset 0, oper /, rvalue \
                              248, relative,result var; sid:1;)

Subtasks 1 (0 open1 closed)

Security #5947: byte_math: Division by zero possible. (6.0.x backport)ClosedJeff LucovskyActions

OT Updated by OISF Ticketbot about 3 years ago Actions
Copy link
 #1

  • Subtask #5947 added

OT Updated by OISF Ticketbot about 3 years ago Actions
Copy link
 #2

  • Label deleted (Needs backport to 6.0)

JL Updated by Jeff Lucovsky about 3 years ago Actions
Copy link
 #3

  • Status changed from Assigned to In Review

VJ Updated by Victor Julien about 3 years ago Actions
Copy link
 #4

  • Status changed from In Review to Closed

VJ Updated by Victor Julien almost 3 years ago Actions
Copy link
 #5

  • Private changed from Yes to No
Actions
Copy link

Also available in: PDF Atom