Project

General

Profile

Actions
Copy link

Security #6187

open

DetectEngineReload: handle allocation failures

Added by Philippe Antoine over 1 year ago. Updated about 1 month ago.

Status:
Assigned
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
9.0.0-beta1
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
MODERATE
Disclosure Date:

Description

Currently, we `BUG_ON` allocation failures

It looks plausible to run out of memory when trying to reload rules...

Found by nallocfuzz

Related issues 2 (2 open0 closed)

Copied from Suricata - Security #5851: rust: handle allocation failuresNewOISF DevActions
Copied to Suricata - Optimization #6188: ConfYamlLoadString: handle allocation failuresNewPhilippe AntoineActions
Actions
Copy link
 #1

Updated by Philippe Antoine over 1 year ago

Actions
Copy link
 #2

Updated by Philippe Antoine over 1 year ago

Actions
Copy link
 #3

Updated by Philippe Antoine over 1 year ago

  • Priority changed from Normal to Low
Actions
Copy link
 #4

Updated by Victor Julien 9 months ago

  • Status changed from New to Assigned
  • Priority changed from Low to Normal
Actions
Copy link
 #5

Updated by Philippe Antoine 9 months ago

I think this one can be postponed after 8

Actions
Copy link
 #6

Updated by Victor Julien about 1 month ago

  • Target version changed from 8.0.0-beta1 to 9.0.0-beta1

Additionally to handling the C asserts, we have the problem of Rust panic catching.

Actions
Copy link

Also available in: Atom PDF