Actions
Bug #8500
closed
SP
SP
reputation: useless code leads to buffer underflow
Bug #8500:
reputation: useless code leads to buffer underflow
Affected Versions:
Effort:
Difficulty:
Label:
Description
in src/reputation.c there is 2 places where:
while (isspace((unsigned char)line[--len]));
immediately followed by
len = strlen(line);
this while() is useless and dungerous, because it can lead to access memory before the buffer
if line contains all whitespace characters and the first one is not '\n'/'\r'/'\t' or ' ' (i.e. 0x0c)
SP Updated by Sergey Pinaev 28 days ago
PA Updated by Philippe Antoine 26 days ago
- Tracker changed from Optimization to Bug
- Subject changed from reputation: remove useless dangerous code to reputation: useless code leads to buffer underflow
- Status changed from New to In Review
- Assignee set to Sergey Pinaev
- Target version changed from TBD to 9.0.0-beta1
PA Updated by Philippe Antoine 26 days ago
- Related to Optimization #3589: fuzz: target for iprep data files added
PA Updated by Philippe Antoine 18 days ago
- Related to Task #8532: suricata-verify: ensure CI covers all tests added
PA Updated by Philippe Antoine 13 days ago
- Status changed from In Review to Resolved
PA Updated by Philippe Antoine 13 days ago
- Label Needs backport to 8.0 added
OT Updated by OISF Ticketbot 13 days ago
- Subtask #8553 added
OT Updated by OISF Ticketbot 13 days ago
- Label deleted (
Needs backport to 8.0)
PA Updated by Philippe Antoine 11 days ago
- Status changed from Resolved to Closed
Actions