aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect/base64: minor cleanups

Browse Source 
1. decode_len can be u32 as it stores min of two u32s.
2. Add defensive check for payload_len calculation underflow.
pull/11823/head
Shivani Bhardwaj 3 months ago committed by Victor Julien
parent 86eec116eb
commit 6ff0f72f4d
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File

6
src/detect-base64-decode.c
Unescape Escape View File

@ -67,7 +67,6 @@ int DetectBase64DecodeDoMatch(DetectEngineThreadCtx *det_ctx, const Signature *s
const SigMatchData *smd, const uint8_t *payload, uint32_t payload_len) const SigMatchData *smd, const uint8_t *payload, uint32_t payload_len)
{ {
DetectBase64Decode *data = (DetectBase64Decode *)smd->ctx; DetectBase64Decode *data = (DetectBase64Decode *)smd->ctx;
int decode_len;
#if 0 #if 0
printf("Input data:\n"); printf("Input data:\n");
@ -76,6 +75,7 @@ int DetectBase64DecodeDoMatch(DetectEngineThreadCtx *det_ctx, const Signature *s
if (data->relative) { if (data->relative) {
payload += det_ctx->buffer_offset; payload += det_ctx->buffer_offset;
DEBUG_VALIDATE_BUG_ON(det_ctx->buffer_offset > payload_len);
payload_len -= det_ctx->buffer_offset; payload_len -= det_ctx->buffer_offset;
} }
@ -87,9 +87,7 @@ int DetectBase64DecodeDoMatch(DetectEngineThreadCtx *det_ctx, const Signature *s
payload_len -= data->offset; payload_len -= data->offset;
} }
decode_len = MIN(payload_len, data->bytes); uint32_t decode_len = MIN(payload_len, data->bytes);
DEBUG_VALIDATE_BUG_ON(decode_len < 0);
#if 0 #if 0
printf("Decoding:\n"); printf("Decoding:\n");
PrintRawDataFp(stdout, payload, decode_len); PrintRawDataFp(stdout, payload, decode_len);

Write Preview
Loading…
Cancel
Save