Bug #5850: frames: Assertion failed: buffer initialized - Suricata - Open Information Security Foundation

Actions

Bug #5850

closed

frames: Assertion failed: buffer initialized

Added by Philippe Antoine over 1 year ago. Updated over 1 year ago.

Status:

Closed

Priority:

Normal

Assignee:

Target version:

Affected Versions:

Effort:

Difficulty:

Label:

Description

Found by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55542&q=label%3AProj-suricata

Files

Download all files

repro2.pcap (5.32 KB) repro2.pcap		Philippe Antoine, 02/03/2023 05:04 PM
repro.rules (296 Bytes) repro.rules		Philippe Antoine, 02/03/2023 05:06 PM

Actions

#1

Updated by Philippe Antoine over 1 year ago

Regression range is https://github.com/OISF/suricata/compare/c1c67536b6c7c1ff9fa12327e4e0d109071c372f...9e41075d5da64f95cd6ff5f5d23722207c7462cf

Actions

#2

Updated by Philippe Antoine over 1 year ago

./src/suricata -S repro.rules -k none -c suricata.yaml --set stream.midstream=true -r repro2.pcap gets the assertion triggered

Actions

#3

Updated by Philippe Antoine over 1 year ago

File repro2.pcap repro2.pcap added

Actions

#4

Updated by Philippe Antoine over 1 year ago

alert smb any any -> any any (flow:to_server; frame:smb2.data; content:!"|FE|SMB"; startswith; sid:6;)
alert dcerpc any any -> any any (flow:to_server; dcerpc.iface:367abb81-9844-35f1-ad32-98f038001003; dcerpc.opnum:15; sid:3;)

Actions

#5

Updated by Philippe Antoine over 1 year ago

File repro.rules repro.rules added

The first rule make redmine go 500

Actions

#6

Updated by Victor Julien over 1 year ago

Status changed from New to In Progress

Actions

#7

Updated by Victor Julien over 1 year ago

Status changed from In Progress to Closed

https://github.com/OISF/suricata/pull/8522

Actions

Also available in: Atom PDF