Project

General

Profile

Actions

Bug #626

closed

byte_jump with from_beginning option jumps too far

Added by Victor Julien about 10 years ago. Updated about 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

When using the from_beginning option byte_jump should jump from the start of the payload and it should not include the number of bytes to read the jump size in it's jump.

Depending on the rule this can lead to both FP and/or FN.

Will Metcalf reported this issue.


Subtasks 1 (0 open1 closed)

Bug #627: byte_jump with from_beginning option jumps too far (1.4.x)ClosedVictor Julien11/13/2012Actions
Actions #1

Updated by Victor Julien about 10 years ago

  • Status changed from Assigned to Closed

Fixed by:

commit bed30c30f1b942fb77998fdc3cb239b9dd216f77
Author: Victor Julien <victor@inliniac.net>
Date:   Tue Nov 13 17:49:41 2012 +0100

    byte_jump: when from_beginning option is used, the number of bytes to convert should not be used in the jump. Bug 626.

Actions

Also available in: Atom PDF