From 82dfb9632aaadaf5d10eb47b3f40e5098eb0f182 Mon Sep 17 00:00:00 2001
From: Pierre Chifflier <pollux@debian.org>
Date: Sun, 30 Mar 2025 12:03:02 +0200
Subject: [PATCH] CVE-2024-45796

commit 9203656496c4081260817cce018a0d8fd57869b5
Author: Philippe Antoine <pantoine@oisf.net>
Date:   Mon Jul 15 09:52:00 2024 +0200

    defrag: fix off by one

    Ticket: 7067

    This off by one could lead to an empty fragment being inserted
    in the rb tree, which led to integer underflow


Gbp-Pq: Name CVE-2024-45796.patch
---
 src/defrag.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/defrag.c b/src/defrag.c
index 0051eaa3..ee68345b 100644
--- a/src/defrag.c
+++ b/src/defrag.c
@@ -818,7 +818,7 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker,
         }
     }
 
-    if (ltrim > data_len) {
+    if (ltrim >= data_len) {
         /* Full packet has been trimmed due to the overlap policy. Overlap
          * already set. */
         goto done;
-- 
2.30.2