Project

General

Profile

Actions

Bug #7296

closed

detect: transform base64 creates a 0-sized variable-length array

Added by Philippe Antoine about 2 months ago. Updated about 1 month ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Found by oss-fuzz
https://issues.oss-fuzz.com/u/1/issues/370595554

No need to backport as detect-transform-base64.c does not exist in main7


Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #5521: detect: transform strip whitespace creates a 0-sized variable-length arrayClosedPhilippe AntoineActions
Actions #1

Updated by Philippe Antoine about 2 months ago

  • Copied from Bug #5521: detect: transform strip whitespace creates a 0-sized variable-length array added
Actions #2

Updated by Philippe Antoine about 2 months ago

  • Status changed from New to In Review
Actions #3

Updated by Victor Julien about 2 months ago

  • Label deleted (Needs backport to 6.0)

What is the impact of this?

Actions #4

Updated by Philippe Antoine about 2 months ago

Victor Julien wrote in #note-3:

What is the impact of this?

Undefined behavior cf https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html

-fsanitize=vla-bound: A variable-length array whose bound does not evaluate to a positive value.

I do not think there is a real impact

Actions #5

Updated by Victor Julien about 2 months ago

How do we end up with a 0 byte input btw?

Actions #6

Updated by Victor Julien about 2 months ago

  • Private changed from Yes to No
Actions #7

Updated by Philippe Antoine about 2 months ago

Victor Julien wrote in #note-5:

How do we end up with a 0 byte input btw?

Looks easy, like a http header with an empty value : 0 byte input

Actions #9

Updated by Philippe Antoine about 1 month ago

  • Status changed from In Review to Closed
Actions

Also available in: Atom PDF