aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect/asn1: fix offset bounds checking

Browse Source 
(cherry picked from commit 627cc23769)
pull/4447/head
Victor Julien 7 years ago
parent 14ad0ec24d
commit 3b1e2bd2d4
1 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File

22
src/detect-asn1.c
Unescape Escape View File

@ -148,21 +148,23 @@ static int DetectAsn1Match(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet
}
const DetectAsn1Data *ad = (const DetectAsn1Data *)ctx;
Asn1Ctx *ac = SCAsn1CtxNew();
if (ac == NULL)
return 0;
int32_t offset;
if (ad->flags & ASN1_ABSOLUTE_OFFSET) {
SCAsn1CtxInit(ac, p->payload + ad->absolute_offset,
p->payload_len - ad->absolute_offset);
offset = ad->absolute_offset;
} else if (ad->flags & ASN1_RELATIVE_OFFSET) {
SCAsn1CtxInit(ac, p->payload + ad->relative_offset,
p->payload_len - ad->relative_offset);
offset = ad->relative_offset;
} else {
SCAsn1CtxInit(ac, p->payload, p->payload_len);
offset = 0;
}
if (offset >= (int32_t)p->payload_len) {
return 0;
}
Asn1Ctx *ac = SCAsn1CtxNew();
if (ac == NULL)
return 0;
SCAsn1CtxInit(ac, p->payload + offset, p->payload_len - offset);
SCAsn1Decode(ac, ac->cur_frame);
/* Ok, now we have all the data. Let's check the nodes */

Write Preview
Loading…
Cancel
Save