Uploaded image for project: 'Bro Issue Tracker'
  1. BIT-1856

segfault in Content_Analyzer with multipart/form-data http

    Details

    • Type: Problem
    • Status: Closed
    • Priority: Normal
    • Resolution: Merged
    • Affects Version/s: git/master
    • Fix Version/s: None
    • Component/s: Bro
    • Labels:
      None
    • Environment:

      FreeBSD 10.3 RELEASE

      Description

      When ContentLine_Analyzer::DoDeliverOnce is called with a value of "\nfalse\r\n----WebkitFormBoundary" and last_char was set to '\r' in a previous call, buf is set to \0 at index -1.

      I think a fix would be to check the offset in the EMIT_LINE macro to be > 0.

      Sadly I can not share the original trace which triggers the segfault. If this report is not enough I can spend some more time trying to create a test trace.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              Franky Frank Meier
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: