From: Pierre Chifflier <pollux@debian.org>
Date: Sun, 30 Mar 2025 10:03:02 +0000 (+0200)
Subject: CVE-2024-55626
X-Git-Tag: archive/raspbian/1%6.0.1-3+rpi1+deb11u1^2~1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=ea874c812e58e90f5f444367310edcc9eb033673;p=suricata.git

CVE-2024-55626

commit 470795e65ba77cffba3aed850313a5f23c4b278d
Author: Philippe Antoine <pantoine@oisf.net>
Date:   Mon Nov 4 17:09:32 2024 +0100

    suricata/bpf: fix -Wshorten-64-to-32 warning

    Ticket: 7366
    Ticket: 6186
    (cherry picked from commit dd71ef0af222a566e54dfc479dd1951dd17d7ceb)


Gbp-Pq: Name CVE-2024-55626.patch
---

diff --git a/src/suricata.c b/src/suricata.c
index 3d6faf15..722a9b3b 100644
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -458,7 +458,7 @@ static void SetBpfStringFromFile(char *filename)
     char *bpf_filter = NULL;
     char *bpf_comment_tmp = NULL;
     char *bpf_comment_start =  NULL;
-    uint32_t bpf_len = 0;
+    size_t bpf_len = 0;
 #ifdef OS_WIN32
     struct _stat st;
 #else
@@ -481,7 +481,8 @@ static void SetBpfStringFromFile(char *filename)
         SCLogError(SC_ERR_FOPEN, "Failed to stat file %s", filename);
         exit(EXIT_FAILURE);
     }
-    bpf_len = st.st_size + 1;
+    // st.st_size is signed on Windows
+    bpf_len = ((size_t)(st.st_size)) + 1;
 
     // coverity[toctou : FALSE]
     fp = fopen(filename,"r");