Project

General

Profile

Actions
Copy link

Bug #4754

closed

Invalid range leads to OOM

Added by Philippe Antoine about 3 years ago. Updated about 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
7.0.0-beta1
Affected Versions:
git master
Effort:
Difficulty:
Label:

Description

Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39928

Having a start after the end... and not checking for integer overflows...

Related issues 2 (0 open2 closed)

Related to Suricata - Bug #4757: Incomplete range with overlap, and expected new bytes, lead to incomplete reassemblyClosedPhilippe AntoineActions
Related to Suricata - Bug #4764: range: no validity check with HTTP2 leads to over allocationClosedPhilippe AntoineActions
Actions
Copy link
 #1

Updated by Victor Julien about 3 years ago

Does this issue exist in a stable release as well? If so can you tag the backports? If not, can it be public?

Actions
Copy link
 #2

Updated by Philippe Antoine about 3 years ago

  • Private changed from Yes to No

No issue in releases

Actions
Copy link
 #3

Updated by Philippe Antoine about 3 years ago

  • Related to Bug #4757: Incomplete range with overlap, and expected new bytes, lead to incomplete reassembly added
Actions
Copy link
 #4

Updated by Philippe Antoine about 3 years ago

  • Status changed from New to In Review
Actions
Copy link
 #5

Updated by Philippe Antoine about 3 years ago

  • Status changed from In Review to Closed
Actions
Copy link
 #6

Updated by Philippe Antoine about 3 years ago

  • Related to Bug #4764: range: no validity check with HTTP2 leads to over allocation added
Actions
Copy link

Also available in: Atom PDF