Project

General

Profile

Actions
Copy link

Bug #7296

closed

detect: transform base64 creates a 0-sized variable-length array

Added by Philippe Antoine 30 days ago. Updated 23 days ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
8.0.0-beta1
Affected Versions:
Effort:
Difficulty:
Label:

Description

Found by oss-fuzz
https://issues.oss-fuzz.com/u/1/issues/370595554

No need to backport as detect-transform-base64.c does not exist in main7

Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #5521: detect: transform strip whitespace creates a 0-sized variable-length arrayClosedPhilippe AntoineActions
Actions
Copy link
 #1

Updated by Philippe Antoine 30 days ago

  • Copied from Bug #5521: detect: transform strip whitespace creates a 0-sized variable-length array added
Actions
Copy link
 #2

Updated by Philippe Antoine 30 days ago

  • Status changed from New to In Review
Actions
Copy link
 #3

Updated by Victor Julien 29 days ago

  • Label deleted (Needs backport to 6.0)

What is the impact of this?

Actions
Copy link
 #4

Updated by Philippe Antoine 29 days ago

Victor Julien wrote in #note-3:

What is the impact of this?

Undefined behavior cf https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html

-fsanitize=vla-bound: A variable-length array whose bound does not evaluate to a positive value.

I do not think there is a real impact

Actions
Copy link
 #5

Updated by Victor Julien 29 days ago

How do we end up with a 0 byte input btw?

Actions
Copy link
 #6

Updated by Victor Julien 29 days ago

  • Private changed from Yes to No
Actions
Copy link
 #7

Updated by Philippe Antoine 29 days ago

Victor Julien wrote in #note-5:

How do we end up with a 0 byte input btw?

Looks easy, like a http header with an empty value : 0 byte input

Actions
Copy link
 #9

Updated by Philippe Antoine 23 days ago

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: Atom PDF