Snort mailing list archives
Snort-Bug in Samba-Logging
From: "Thorsten Sauter" <tsauter () gmx net>
Date: Tue, 14 Aug 2001 08:06:01 +0200
Hello List, I have found an little bug in sort-1.8p1. I don't know, if this problem is fixed in the lastest cvs code, but I can't find any problem discribtion similar to this. I've running OpenBSD 2.9-current with Samba 2.0.8 (if, this is the Problem?). If I start snort with the following parameters: # snort -M /etc/snort/smb.hosts -c /etc/snort/snort.conf Snort is comming up and check some things, and terminate with an SIGSERV coredump. After some debugging, I've found, that this is a problem with smb-alerts. If snort is started without the -M switch everthing works fine. The problem is the otn_tmp pointer with is NULL in the funcions SmbAlert (log.c). Currently I can't say, if this is only an openbsd problem, or the same will happend on a linux or windows system. If anybody need more info about my BSD-System, the core-File, or so, please let me know. Any hints appreciated. Thorsten p.s. This is my little workaround: diff -Naur snort/log.c mysnort/log.c --- snort/log.c Tue Jul 10 04:47:17 2001 +++ mysnort/log.c Sat Aug 11 03:38:31 2001 @@ -1040,9 +1040,10 @@ char sip[16]; char dip[16]; char pri_data[STD_BUF]; - PriorityData *ds_ptr; + PriorityData *ds_ptr = NULL; - ds_ptr = (PriorityData *) otn_tmp->ds_list[PLUGIN_PRIORITY_NUMBER]; + if(otn_tmp != NULL) + if(otn_tmp != NULL) if(ds_ptr != NULL) { _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort-Bug in Samba-Logging Thorsten Sauter (Aug 13)
- <Possible follow-ups>
- Snort-Bug in Samba-Logging Thorsten Sauter (Aug 14)