Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
detect: fixes use-after-free with http.request_header
Ticket: #6441 This keyword and the response one use a multiple inspection buffer. But the different instances point to the same memory address that comes from HttpHeaderGetBufferSpace and is not owned by the transaction, and is rebuilt, which is a functional bug in itself. As it gets crafted, it can get reallocated if one header is over 1024 bytes, while the previous freed pointer will still get used for the previous headers. (cherry picked from commit bc422c1)
- Loading branch information
1 parent
cd035d5
commit cd731fc
Showing
1 changed file
with
88 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters