detect/prefilter: fix null ptr deref on invalid rule

A bad rule 'icode:<0; prefilter;' would trigger a null ptr deref in ApplyToU8Hash. Bug #4375.
OISF · Mar 3, 2021 · 7d68359 · 7d68359
1 parent e964643
commit 7d68359
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/src/detect-engine-prefilter-common.c b/src/detect-engine-prefilter-common.c
@@ -212,8 +212,8 @@ SetupEngineForPacketHeaderPrefilterPacketU8HashCtx(DetectEngineCtx *de_ctx,
     if (ctx == NULL)
         return -1;
 
-    int i;
-    for (i = 0; i < 256; i++) {
+    int set_cnt = 0;
+    for (int i = 0; i < 256; i++) {
         if (counts[i] == 0)
             continue;
         ctx->array[i] = SCCalloc(1, sizeof(SigsArray));
@@ -222,6 +222,12 @@ SetupEngineForPacketHeaderPrefilterPacketU8HashCtx(DetectEngineCtx *de_ctx,
         ctx->array[i]->cnt = counts[i];
         ctx->array[i]->sigs = SCCalloc(ctx->array[i]->cnt, sizeof(SigIntId));
         BUG_ON(ctx->array[i]->sigs == NULL);
+        set_cnt++;
+    }
+    if (set_cnt == 0) {
+        /* not an error */
+        PrefilterPacketU8HashCtxFree(ctx);
+        return 0;
     }
 
     for (sig = 0; sig < sgh->sig_cnt; sig++) {