Fix the bug specified in the previous commit.

Bug emanates from byte_test, byte_jump and byte_extract keyword being
unable to handle negative offsets when the inspection pointer is at the
end of the buffer.

src/detect-byte-extract.c

@@ -156,14 +156,13 @@ int DetectByteExtractDoMatch(DetectEngineThreadCtx *det_ctx, SigMatch *sm,
         ptr = payload + det_ctx->buffer_offset;
         len = payload_len - det_ctx->buffer_offset;
 
-        /* No match if there is no relative base */
-        if (len == 0) {
-            return 0;
-        }
-
         ptr += data->offset;
         len -= data->offset;
 
+        /* No match if there is no relative base */
+        if (len <= 0) {
+            return 0;
+        }
         //PrintRawDataFp(stdout,ptr,len);
     } else {
         SCLogDebug("absolute, data->offset %"PRIu32"", data->offset);

src/detect-bytejump.c

@@ -129,13 +129,13 @@ int DetectBytejumpDoMatch(DetectEngineThreadCtx *det_ctx, Signature *s,
         ptr = payload + det_ctx->buffer_offset;
         len = payload_len - det_ctx->buffer_offset;
 
+        ptr += offset;
+        len -= offset;
+
         /* No match if there is no relative base */
-        if (ptr == NULL || len == 0) {
+        if (ptr == NULL || len <= 0) {
             SCReturnInt(0);
         }
-
-        ptr += offset;
-        len -= offset;
     }
     else {
         ptr = payload + offset;

src/detect-bytetest.c

@@ -136,14 +136,13 @@ int DetectBytetestDoMatch(DetectEngineThreadCtx *det_ctx, Signature *s, SigMatch
         ptr = payload + det_ctx->buffer_offset;
         len = payload_len - det_ctx->buffer_offset;
 
-        /* No match if there is no relative base */
-        if (ptr == NULL || len == 0) {
-            SCReturnInt(0);
-        }
-
         ptr += offset;
         len -= offset;
 
+        /* No match if there is no relative base */
+        if (ptr == NULL || len <= 0) {
+            SCReturnInt(0);
+        }
         //PrintRawDataFp(stdout,ptr,len);
     }
     else {