aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

defrag: fix reconstruction

Browse Source 
This patch is fixing an issue in defragmentation code. The
insertion of a fragment in the list of fragments is done with
respect to the offset of the fragment. But the code was using
the original offset of the fragment and not the one of the
new reconstructed fragment (which can be different in the
case of overlapping segment where the left part is trimmed).

This case could lead to some evasion techniques by causing
Suricata to analyse a different payload.
pull/1001/head
Eric Leblond 12 years ago committed by Victor Julien
parent 09fd7060ec
commit 97ca02f0c5
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
src/defrag.c
Unescape Escape View File

@ -697,7 +697,7 @@ insert:
Frag *frag;
TAILQ_FOREACH(frag, &tracker->frags, next) {
if (frag_offset < frag->offset)
if (new->offset < frag->offset)
break;
}
if (frag == NULL) {

Write Preview
Loading…
Cancel
Save