Bug #8465: config: use after free when include sequence redefines parent of dotted key - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #8465

open

JI JI

config: use after free when include sequence redefines parent of dotted key

Bug #8465: config: use after free when include sequence redefines parent of dotted key

Added by Jason Ish 4 days ago. Updated 4 days ago.

Status:

In Review

Priority:

Normal

Assignee:

Jason Ish

Target version:

9.0.0-beta1

Affected Versions:

Effort:

Difficulty:

Label:

Description

For example, a suricata.yaml that loos like:

%YAML 1.1
---
outputs.x: val
include:
  - ./include.yaml

and include.yaml:

%YAML 1.1
---
outputs: []

The override cleaned up after itself, but the node is still marked a sequence.

Reported by: Trail of Bits, in collaboration with Anthropic

History
Notes
Property changes

JI Updated by Jason Ish 4 days ago Actions
Copy link
#1

Description updated (diff)

JI Updated by Jason Ish 4 days ago Actions
Copy link
#2

Status changed from In Progress to In Review

Pull request: https://github.com/OISF/suricata/pull/15191

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Bug #8465

config: use after free when include sequence redefines parent of dotted key

JI Updated by Jason Ish 4 days ago Actions
Copy link
#1

JI Updated by Jason Ish 4 days ago Actions
Copy link
#2

Project

General

Profile

Suricata

Custom queries

Bug #8465

config: use after free when include sequence redefines parent of dotted key

JI Updated by Jason Ish 4 days ago ActionsCopy link #1

JI Updated by Jason Ish 4 days ago ActionsCopy link #2

JI Updated by Jason Ish 4 days ago Actions
Copy link
#1

JI Updated by Jason Ish 4 days ago Actions
Copy link
#2