Jason Ish

  • Email: ish@unx.ca
  • Registered on: 11/09/2009
  • Last connection: 05/11/2015

Projects

Activity

Reported issues: 11

05/19/2015

10:36 AM Suricata Revision 9fdae828: conf - process includes even if not at root node.
10:35 AM Suricata Revision 56f6e373: radix-tree - prevent out of bounds array access
An IPv6 entry specified before an IPv4 entry on the host-os-policy
table can cause the stream byte array to be access...

05/11/2015

11:04 AM Suricata Bug #1467 (Assigned): Specifying an IPv6 entry before an IPv4 entry in host-os-policy causes ASAN...
11:04 AM Suricata Bug #1466 (Assigned): Rule reload - Rules won't reload if rule files are listed in an included file.
10:58 AM Suricata Bug #1467 (Assigned): Specifying an IPv6 entry before an IPv4 entry in host-os-policy causes ASAN...
By putting an IPv6 entry in before IPv4 entries in the host-os-policy, ASAN will detect a heap-buffer-overflow.
Ex...
10:45 AM Suricata Bug #1466 (Assigned): Rule reload - Rules won't reload if rule files are listed in an included file.
Appears to affect at least 2.1beta3, and 2.1beta4. 2.0.8 seems fine.
If the "rule-files" configuration node is in...

04/30/2015

07:50 AM Suricata Revision 75d21851: afl - Don't fail if app-layer proto enabled value is NULL.
Found by using AFL on suricata.yaml.
07:50 AM Suricata Revision 11d6770a: afl - SCHINfoLoadFromConfig - check for NULL before parsing.
Found by AFL on suricata.yaml.

04/16/2015

04:56 PM Suricata Revision 1f9d9256: spelling - dubbed -> duped (for duplicate)
04:54 PM Suricata Revision 8911b040: DetectGidSet - safer stripping of quotes.
Discovered by AFL when using a rule like:
alert tcp any any -> any any (content:"ABC"; gid:";)
resulting a negati...

Also available in: Atom