Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

detect: SigMatchAppendSMToList can fail #9852

Closed
wants to merge 1 commit into from
Closed

detect: SigMatchAppendSMToList can fail #9852

wants to merge 1 commit into from

Conversation

catenacyber
Copy link
Contributor

Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/6104

Describe changes:

  • fixes buffer overflow in rules parsing
  • fixes memory leak in parsing dcerpc.iface on OOM condition (if SigMatchAlloc returns NULL)

Replaces #9838 with better style

@catenacyber
detect: SigMatchAppendSMToList can fail
7685efc 
Ticket: OISF#6104

And failures should be handled to say that the rule failed to load

Reverts the fix by 299ee6e
that was simple, but not complete (memory leak),
to have this bigger API change which simplifies code.
@catenacyber catenacyber mentioned this pull request Nov 20, 2023
Closed
@codecov Codecov
Copy link

codecov bot commented Nov 20, 2023

Codecov Report

Merging #9852 (7685efc) into master (90c1765) will decrease coverage by 0.02%.
The diff coverage is 78.36%.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #9852      +/-   ##
==========================================
- Coverage   82.47%   82.45%   -0.02%     
==========================================
  Files         973      973              
  Lines      273962   273410     -552     
==========================================
- Hits       225944   225438     -506     
+ Misses      48018    47972      -46
Flag Coverage Δ
fuzzcorpus 64.30% <70.97%> (-0.08%) ⬇️
suricata-verify 61.10% <53.56%> (+<0.01%) ⬆️
unittests 62.89% <49.86%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 16662

@victorjulien victorjulien added this to the 8.0 milestone Nov 21, 2023
@victorjulien victorjulien mentioned this pull request Nov 21, 2023
Merged
@victorjulien
Copy link
Member

Merged in #9853, thanks!

This was referenced Nov 21, 2023
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien victorjulien approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
8.0
Development

Successfully merging this pull request may close these issues.
3 participants
@catenacyber @suricata-qa @victorjulien