From 9053c49178ac9746e9f36534c1ffce05dad205c8 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Wed, 7 Sep 2022 20:51:18 +0200 Subject: [PATCH] ssl: add debug validation check for incomplete api --- src/app-layer-ssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c index 24857b89b6..45dd9c2776 100644 --- a/src/app-layer-ssl.c +++ b/src/app-layer-ssl.c @@ -2313,6 +2313,7 @@ static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_stat uint32_t needed = ssl_state->curr_connp->record_length; SCLogDebug("record len %u input_len %u parsed %u: need %u bytes more data", ssl_state->curr_connp->record_length, input_len, parsed, needed); + DEBUG_VALIDATE_BUG_ON(needed > SSLV3_RECORD_MAX_LEN); return SSL_DECODER_INCOMPLETE(parsed, needed); } }