Project

General

Profile

Actions

Bug #6891

closed

sip: usage of Vec instead of Vecdeque leads to quadratic complexity on cleanup

Added by Philippe Antoine 8 months ago. Updated 7 months ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Found by oss-fuzz with quadfuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67597

I would rate this CRITICAL, but I am not sure it affects suricata 7 as the oss-fuzz bisect points to the addition of TCP for sip parsing...

Actions #1

Updated by Philippe Antoine 8 months ago

  • Subject changed from sip: unbounded number of transaction lead to quadratic complexity to sip: usage of Vic instead of Vecdeque leads to quadratic complexity on cleanup
  • Affected Versions git master added

Indeed only for SIP/TCP as SIP/UDP parses only one transaction per packet, and it is considered as complete

Actions #2

Updated by Philippe Antoine 8 months ago

  • Subject changed from sip: usage of Vic instead of Vecdeque leads to quadratic complexity on cleanup to sip: usage of Vec instead of Vecdeque leads to quadratic complexity on cleanup
Actions #3

Updated by Philippe Antoine 8 months ago

  • Status changed from New to In Review

Gitlab MR

Actions #4

Updated by Philippe Antoine 8 months ago

  • Status changed from In Review to Closed
Actions #5

Updated by Victor Julien 7 months ago

  • Tracker changed from Security to Bug
  • Severity deleted (MODERATE)
  • Disclosure Date deleted (06/24/2024)

Set to bug as it's not part of released code.

Actions #6

Updated by Victor Julien 7 months ago

  • Private changed from Yes to No
Actions

Also available in: Atom PDF