Actions
Bug #3779
closedExit on signature with invalid transform pcrexform
Affected Versions:
Effort:
Difficulty:
Label:
Description
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23274
Sample reproducer isalert tcp any any <> any 1 pcrexform:"[";
Updated by Jeff Lucovsky over 4 years ago
- Label Needs backport to 4.1, Needs backport to 5.0 added
The issue also applies to 4.x.y
Updated by Philippe Antoine over 4 years ago
I do not think this needs backporting as pcrexform is new
Updated by Jeff Lucovsky over 4 years ago
The underlying issue --
FatalError-- is in the codebase and has been for ~4 years. A malformed PCRE from a rule could trigger the issue.
Updated by Philippe Antoine over 4 years ago
A malformed PCRE from a rule could trigger the issue.
I think not sinceDetectPcreSetup does not call DetectSetupParseRegexes
Could you show me an example where it fails ?
The use of FatalError seems to me to have been on purpose, for better debugging during development as the pcres used up until pcrexform are hardcoded
Updated by Philippe Antoine over 4 years ago
- Label deleted (
Needs backport to 4.1, Needs backport to 5.0)
Updated by Philippe Antoine over 4 years ago
- Affected Versions 6.0.0beta1 added
- Affected Versions deleted (
5.0.3)
Updated by Victor Julien over 4 years ago
- Status changed from In Review to Closed
- Private changed from Yes to No
Actions