From 9952db6d6efe3e3b142d4b1c7d0e60d23bf39dff Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Fri, 17 Jan 2014 10:18:32 +0100 Subject: [PATCH] Fix crash in AppLayer Proto Detect The App Proto Detect code would use the wrong pattern count to index a results array, leading to SEGVs. Bug #1080. --- src/app-layer-detect-proto.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/app-layer-detect-proto.c b/src/app-layer-detect-proto.c index 9e6079d768..d190abfefa 100644 --- a/src/app-layer-detect-proto.c +++ b/src/app-layer-detect-proto.c @@ -244,7 +244,10 @@ static uint16_t AppLayerProtoDetectPMGetProto(AppLayerProtoDetectThreadCtx *tctx uint8_t pm_results_bf[(ALPROTO_MAX / 8) + 1]; memset(pm_results_bf, 0, sizeof(pm_results_bf)); - for (cnt = 0; cnt < search_cnt; cnt++) { + /* loop through unique pattern id's. Can't use search_cnt here, + * as that contains all matches, tctx->pmq.pattern_id_array_cnt + * contains only *unique* matches. */ + for (cnt = 0; cnt < tctx->pmq.pattern_id_array_cnt; cnt++) { AppLayerProtoDetectPMSignature *s = pm_ctx->map[tctx->pmq.pattern_id_array[cnt]]; while (s != NULL) { uint16_t proto = AppLayerProtoDetectPMMatchSignature(s, buf, searchlen, ipproto);