blob: 14a958cb11c21e987275f3114da8126aa199e91a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
From f1645ea911d4e90b1be8ee5863e8e1a665079cce Mon Sep 17 00:00:00 2001
From: Philippe Antoine <pantoine@oisf.net>
Date: Thu, 25 Apr 2024 21:24:33 +0200
Subject: [PATCH 2/4] modbus: abort flow parsing on flood
Ticket: 6987
Let's not spend more resources for a flow which is trying to
make us do it...
(cherry picked from commit 37509e8e0ed097f8e0174df754835ac60584fc72)
Upstream-Status: Backport from [https://github.com/OISF/suricata/commit/a753cdbe84caee3b66d0bf49b2712d29a50d67ae]
CVE: CVE-2024-38534
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
---
rust/src/modbus/modbus.rs | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/rust/src/modbus/modbus.rs b/rust/src/modbus/modbus.rs
index 246e9ca..d2f7c6b 100644
--- a/rust/src/modbus/modbus.rs
+++ b/rust/src/modbus/modbus.rs
@@ -189,7 +189,7 @@ impl ModbusState {
None => {
let mut tx = match self.new_tx() {
Some(tx) => tx,
- None => return AppLayerResult::ok(),
+ None => return AppLayerResult::err(),
};
tx.set_events_from_flags(&msg.error_flags);
tx.request = Some(msg);
@@ -215,7 +215,7 @@ impl ModbusState {
None => {
let mut tx = match self.new_tx() {
Some(tx) => tx,
- None => return AppLayerResult::ok(),
+ None => return AppLayerResult::err(),
};
if msg
.access_type
--
2.44.0
|
