Suricata

description

File / Function: src/detect/detect_bytetest.c → DetectBytetestParse()
Issue:
The code checks data_offset == NULL instead of the caller-supplied offset pointer.
If the caller passes NULL for offset, the function later dereferences that
NULL pointer and Suricata crashes:

if (data_offset[0] != '-' && isalpha((unsigned char)data_offset[0])) {
if (data_offset NULL) { /* should be: if (offset NULL) /
...
}
*offset = SCStrdup(data_offset); / offset NULL → SIGSEGV */
}

Actual result: Suricata terminates with a segmentation fault.
Expected result: The function should return an error (NULL) and log the problem without crashing.

Proposed fix: Replace the condition with if (offset NULL); no other changes needed.