Actions
Bug #2828
closedInvalid detect-engine config could lead to segfault (4.0.x)
Affected Versions:
Effort:
Difficulty:
Label:
Description
Certain invalid YAML configs for the legacy detect-engine config node can cause a segfault. The following config node can reproduce this when launched with -T:
detect-engine:
custom-values:
toclient-groups: 200
toserver-groups: 200
This is caused by a strcmp on line 1873 in detect-engine.c, where opt->val is null for the custom-values node:
https://github.com/OISF/suricata/blob/0b3220a0df9689e3cc9633981c0e558f451d23b8/src/detect-engine.c#L1873
Actions