Details
-
Type:
Problem
-
Status: Closed
-
Priority:
Normal
-
Resolution: Merged
-
Affects Version/s: git/master
-
Fix Version/s: None
-
Component/s: Bro
-
Labels:None
-
Environment:
FreeBSD 10.3 RELEASE
-
Sprint:
Description
When ContentLine_Analyzer::DoDeliverOnce is called with a value of "\nfalse\r\n----WebkitFormBoundary" and last_char was set to '\r' in a previous call, buf is set to \0 at index -1.
I think a fix would be to check the offset in the EMIT_LINE macro to be > 0.
Sadly I can not share the original trace which triggers the segfault. If this report is not enough I can spend some more time trying to create a test trace.