Skip to content

Commit

Permalink
kerberos: fix probing parser tag condition
Browse files Browse the repository at this point in the history 
according to the comment
  • Loading branch information
@catenacyber @victorjulien
catenacyber authored and victorjulien committed Mar 12, 2021
1 parent abb3cc8 commit cb150e9
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion rust/src/krb/krb5.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -415,7 +415,7 @@ pub extern "C" fn rs_krb5_probing_parser(_flow: *const Flow,
// Kerberos messages start with an APPLICATION header
if hdr.class != BerClass::Application { return unsafe{ALPROTO_FAILED}; }
// Tag number should be <= 30
if hdr.tag.0 >= 30 { return unsafe{ALPROTO_FAILED}; }
if hdr.tag.0 > 30 { return unsafe{ALPROTO_FAILED}; }
// Kerberos messages contain sequences
if rem.is_empty() || rem[0] != 0x30 { return unsafe{ALPROTO_FAILED}; }
// Check kerberos version
Expand Down

0 comments on commit cb150e9

Please sign in to comment.