From bba70607e81b8a74436348470aa1abd4e7f8a2da Mon Sep 17 00:00:00 2001
From: Philippe Antoine <contact@catenacyber.fr>
Date: Wed, 13 Oct 2021 21:07:27 +0200
Subject: [PATCH] range: checks that end is after start

Otherwise, we end up allocating too much memory
---
 src/app-layer-htp-file.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/app-layer-htp-file.c b/src/app-layer-htp-file.c
index e73bdb524b..bde98dd0f0 100644
--- a/src/app-layer-htp-file.c
+++ b/src/app-layer-htp-file.c
@@ -196,6 +196,11 @@ static int HTPParseAndCheckContentRange(
     } else if (range->end == range->size - 1 && range->start == 0) {
         SCLogDebug("range without all information");
         return -3;
+    } else if (range->start > range->end) {
+        AppLayerDecoderEventsSetEventRaw(&htud->decoder_events, HTTP_DECODER_EVENT_RANGE_INVALID);
+        s->events++;
+        SCLogDebug("invalid range");
+        return -4;
     }
     return r;
 }