Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-08 01:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

HTTP: Make Content-Range parsing more robust

Browse source 
This was exposed by OSS-Fuzz after the HTTP/0.9 changes in zeek/zeek#2851:
We do not check the result of parsing the from and last bytes of a
Content-Range header and would reference uninitialized values on the stack
if these were not valid.

This doesn't seem as bad as it sounds outside of yielding non-sensible values:
If the result was negative, we weird/bailed. If the result was positive, we
already had to treat it with suspicion anyway and the SetPlainDelivery()
logic accounts for that.
This commit is contained in:
Arne Welzel 2023-03-13 10:19:26 +01:00
parent b14cc413d8
commit b21e6f72da
5 changed files with 33 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
testing/btest/scripts/base/protocols/http/bad-content-range.zeek Normal file
View file

@ -0,0 +1,3 @@
# @TEST-EXEC: zeek -b base/protocols/http -r $TRACES/http/http-bad-content-range-01.pcap
# @TEST-EXEC: btest-diff http.log
# @TEST-EXEC: btest-diff weird.log