Bug #7996: tls: certificate SAN is freed in case of any error - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #7996

open

tls: certificate SAN is freed in case of any error

Added by Shivani Bhardwaj 4 days ago. Updated 2 days ago.

Status:

Assigned

Priority:

Normal

Assignee:

Shivani Bhardwaj

Target version:

9.0.0-beta1

Affected Versions:

Effort:

Difficulty:

Label:

Description

The connp object must retain all certificate params that have been parsed successfully for a match later on. In case of an error during decoding/parsing SAN are freed from connp. This works so far because it is the last field to be parsed and if it errors out, it does not exist anyway. However, this leaves room for memory errors.

History
Property changes

Actions

Copy link

Updated by Shivani Bhardwaj 2 days ago

Private changed from Yes to No

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #7996

tls: certificate SAN is freed in case of any error

Updated by Shivani Bhardwaj 2 days ago