Snort mailing list archives
Re: Replace deprecated bzero() calls in Snort-2.9.5 with memset()
From: Hui Cao <hcao () sourcefire com>
Date: Mon, 22 Jul 2013 13:28:38 -0400
Hi Bill, Thanks for providing the patches. We have created a bug to track this. Best, Hui. On Thu, Jul 18, 2013 at 1:20 PM, Bill Parker <wp02855 () gmail com> wrote:
Hello All, The patch files below replace the deprecated library call 'bzero()', with the ANSI/ISO compliant library call 'memset() in Snort-2.9.5': In directory 'snort-2.9.5/src/detection-plugins', file 'sp_replace.c', the patch file below converts all bzero() calls to use memset(): --- sp_replace.c.orig 2013-07-18 08:48:41.818893728 -0700 +++ sp_replace.c 2013-07-18 08:49:52.614891492 -0700 @@ -111,7 +111,7 @@ file_name, file_line); } /* clear out the temp buffer */ - bzero(tmp_buf, MAX_PATTERN_SIZE); + memset(tmp_buf, '\0', MAX_PATTERN_SIZE); while(isspace((int)*rule)) rule++; @@ -163,8 +163,7 @@ dummy_end = (dummy_idx + size); /* why is this buffer so small? */ - bzero(hex_buf, 3); - memset(hex_buf, '0', 2); + memset(hex_buf, '\0', 3); /* BEGIN BAD JUJU..... */ while(idx < end_ptr) @@ -269,8 +268,7 @@ strtol(hex_buf, (char **) NULL, 16)&0xFF; dummy_size++; - bzero(hex_buf, 3); - memset(hex_buf, '0', 2); + memset(hex_buf, '\0', 3); } else { In directory 'snort-2.9.5/src/detection-plugins', file 'sp_pattern_match.c', the patch file below converts all bzero() calls to use memset(): --- sp_pattern_match.c.orig 2013-07-18 08:43:44.369888130 -0700 +++ sp_pattern_match.c 2013-07-18 08:47:55.985889284 -0700 @@ -1471,7 +1471,7 @@ PatternMatchData *ds_idx; /* clear out the temp buffer */ - bzero(tmp_buf, MAX_PATTERN_SIZE); + memset(tmp_buf, '\0', MAX_PATTERN_SIZE); if (rule == NULL) ParseError("ParsePattern Got Null enclosed in quotation marks (\")!"); @@ -1530,8 +1530,7 @@ dummy_end = (dummy_idx + size); /* why is this buffer so small? */ - bzero(hex_buf, 3); - memset(hex_buf, '0', 2); + memset(hex_buf, '\0', 3); /* BEGIN BAD JUJU..... */ while(idx < end_ptr) @@ -1640,8 +1639,7 @@ strtol(hex_buf, (char **) NULL, 16)&0xFF; dummy_size++; - bzero(hex_buf, 3); - memset(hex_buf, '0', 2); + memset(hex_buf, '\0', 3); } else { @@ -2545,8 +2543,8 @@ } /* clear the line and rule buffers */ - bzero((char *) buf, STD_BUF); - bzero((char *) rule_buf, STD_BUF); + memset((char *) buf, '\0', STD_BUF); + memset((char *) rule_buf, '\0', STD_BUF); frazes_count = 0; /* loop thru each list_file line and content to the rule */ In directory 'snort-2.9.5/src/detection-plugins', file 'sp_session.c', the patch file below converts all bzero() calls to use memset(): --- sp_session.c.orig 2013-07-18 09:24:23.125889515 -0700 +++ sp_session.c 2013-07-18 09:25:20.785887266 -0700 @@ -377,8 +377,8 @@ return NULL; } - bzero((char *)session_file, STD_BUF); - bzero((char *)log_path, STD_BUF); + memset((char *)session_file, '\0', STD_BUF); + memset((char *)log_path, '\0', STD_BUF); /* figure out which way this packet is headed in relation to the homenet */ dst = GET_DST_IP(p); In directory 'snort-2.9.5/src/preprocessors/Stream5', file 'snort_stream5_tcp.c', the patch file below converts all bzero() calls to use memset(): --- snort_stream5_tcp.c.orig 2013-07-18 09:28:49.334885922 -0700 +++ snort_stream5_tcp.c 2013-07-18 09:29:42.858887756 -0700 @@ -7448,7 +7448,7 @@ char timestamp[TIMEBUF_SIZE]; char src_addr[17]; char dst_addr[17]; - bzero((char *)timestamp, TIMEBUF_SIZE); + memset((char *)timestamp, '\0', TIMEBUF_SIZE): ts_print((struct timeval *) &p->pkth->ts, timestamp); SnortSnprintf(src_addr, 17, "%s", inet_ntoa(GET_SRC_ADDR(p))); --- snort.c.orig 2013-07-18 09:32:36.807878056 -0700 +++ snort.c 2013-07-18 09:33:56.340889957 -0700 @@ -3587,7 +3587,7 @@ sfActionQueueDestroy (decoderActionQ); mempool_destroy (&decoderAlertMemPool); decoderActionQ = NULL; - bzero(&decoderAlertMemPool, sizeof(decoderAlertMemPool)); + memset(&decoderAlertMemPool, 0, sizeof(decoderAlertMemPool)); } DAQ_Delete(); In directory 'snort-2.9.5/src/', file 'parser.c', the patch file below converts all bzero() calls to use memset(): --- parser.c.orig 2013-07-18 09:35:14.051888306 -0700 +++ parser.c 2013-07-18 09:37:07.167887183 -0700 @@ -4258,7 +4258,7 @@ if(!string || !*string || !strchr(string, '$')) return(string); - bzero((char *) estring, PARSERULE_SIZE); + memset((char *) estring, '\0', PARSERULE_SIZE); i = j = 0; l_string = strlen(string); @@ -4277,7 +4277,7 @@ if(c == '$' && !quote_toggle) { - bzero((char *) rawvarname, sizeof(rawvarname)); + memset((char *) rawvarname, '\0', sizeof(rawvarname)); varname_completed = 0; name_only = 1; iv = i; @@ -4317,8 +4317,8 @@ varcontents = NULL; - bzero((char *) varname, sizeof(varname)); - bzero((char *) varaux, sizeof(varaux)); + memset((char *) varname, '\0', sizeof(varname)); + memset((char *) varaux, '\0', sizeof(varaux)); varmodifier = ' '; p = strchr(rawvarname, ':'); @@ -4335,7 +4335,7 @@ else SnortStrncpy(varname, rawvarname, sizeof(varname)); - bzero((char *) varbuffer, sizeof(varbuffer)); + memset((char *) varbuffer, '\0', sizeof(varbuffer)); varcontents = VarSearch(sc, varname); In directory 'snort-2.9.5/src/', file 'mempool.c', the patch file below converts all bzero() calls to use memset(): --- mempool.c.orig 2013-07-18 09:38:24.391886709 -0700 +++ mempool.c 2013-07-18 09:39:02.291888500 -0700 @@ -281,7 +281,7 @@ /* TBD -- make configurable */ b = li->data; - bzero(b->data, mempool->obj_size); + memset(b->data, 0, mempool->obj_size); return b; } In directory 'snort-2.9.5/src/', file 'util.c', the patch file below converts all bzero() calls to use memset(): --- util.c.orig 2013-07-18 09:38:35.070887929 -0700 +++ util.c 2013-07-18 09:40:46.841889641 -0700 @@ -239,7 +239,7 @@ if(!tvp) { /* manual page (for linux) says tz is never used, so.. */ - bzero((char *) &tz, sizeof(tz)); + memset((char *) &tz, '\0', sizeof(tz)); gettimeofday(&tv, &tz); tvp = &tv; } In directory 'snort-2.9.5/src/output-plugins', file 'spo_log_ascii.c', the patch file below converts all bzero() calls to use memset(): --- spo_log_ascii.c.orig 2013-07-18 09:41:51.825888177 -0700 +++ spo_log_ascii.c 2013-07-18 09:42:52.453887090 -0700 @@ -190,9 +190,9 @@ #endif /* zero out our buffers */ - bzero((char *) log_path, STD_BUF); - bzero((char *) log_file, STD_BUF); - bzero((char *) proto, 5); + memset((char *) log_path, '\0', STD_BUF); + memset((char *) log_file, '\0', STD_BUF); + memset((char *) proto, '\0', 5); if (mode == GENERIC_LOG || mode == DUMP || mode == BOGUS || mode == NON_IP || mode == ARP) In directory 'snort-2.9.5/src/output-plugins', file 'spo_log_tcpdump.c', the patch file below converts all bzero() calls to use memset(): --- spo_log_tcpdump.c.orig 2013-07-18 09:44:39.116890166 -0700 +++ spo_log_tcpdump.c 2013-07-18 09:45:28.801889271 -0700 @@ -481,7 +481,7 @@ free (data->filename); } - bzero(data, sizeof(LogTcpdumpData)); + memset(data, 0, sizeof(LogTcpdumpData)); free(data); } In directory 'snort-2.9.5/src/dynamic-preprocessors/include', file 'mempool.c', the patch file below converts all bzero() calls to use memset(): --- mempool.c.orig 2013-07-18 09:47:17.136893283 -0700 +++ mempool.c 2013-07-18 09:47:35.182881592 -0700 @@ -278,7 +278,7 @@ /* TBD -- make configurable */ b = li->data; - bzero(b->data, mempool->obj_size); + memset(b->data, 0, mempool->obj_size); return b; } In directory 'snort-2.9.5/src/dynamic-preprocessors/dns', file 'spp_dns.c', the patch file below converts all bzero() calls to use memset(): --- spp_dns.c.orig 2013-07-18 09:49:53.909888242 -0700 +++ spp_dns.c 2013-07-18 09:50:52.729888843 -0700 @@ -755,7 +755,7 @@ if (dnsSessionData->curr_txt.name_state == DNS_RESP_STATE_NAME_COMPLETE) { dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_TYPE; - bzero(&dnsSessionData->curr_txt, sizeof(DNSNameState)); + memset(&dnsSessionData->curr_txt, 0, sizeof(DNSNameState)); data = data + bytes_used; bytes_unused = new_bytes_unused; @@ -843,7 +843,7 @@ if (dnsSessionData->curr_txt.name_state == DNS_RESP_STATE_NAME_COMPLETE) { dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_TYPE; - bzero(&dnsSessionData->curr_txt, sizeof(DNSNameState)); + memset(&dnsSessionData->curr_txt, 0, sizeof(DNSNameState)); data = data + bytes_used; } bytes_unused = new_bytes_unused; @@ -1275,7 +1275,7 @@ if (dnsSessionData->curr_rr.type == DNS_RR_TYPE_TXT) { /* Reset the state tracking for this record */ - bzero(&dnsSessionData->curr_txt, sizeof(DNSNameState)); + memset(&dnsSessionData->curr_txt, 0, sizeof(DNSNameState)); } data = p->payload + (p->payload_size - bytes_unused); } @@ -1331,7 +1331,7 @@ if (dnsSessionData->curr_rr.type == DNS_RR_TYPE_TXT) { /* Reset the state tracking for this record */ - bzero(&dnsSessionData->curr_txt, sizeof(DNSNameState)); + memset(&dnsSessionData->curr_txt, 0, sizeof(DNSNameState)); } data = p->payload + (p->payload_size - bytes_unused); } @@ -1387,7 +1387,7 @@ if (dnsSessionData->curr_rr.type == DNS_RR_TYPE_TXT) { /* Reset the state tracking for this record */ - bzero(&dnsSessionData->curr_txt, sizeof(DNSNameState)); + memset(&dnsSessionData->curr_txt, 0, sizeof(DNSNameState)); } data = p->payload + (p->payload_size - bytes_unused); } A 'make' results in a clean compile for all of the above patch files. Here is a listing of the zip archive 'snort-295-bzero-patches.zip': Archive: snort295-bzero-patches.zip Length Date Time Name --------- ---------- ----- ---- 1003 07-18-2013 08:50 sp_replace.c.patch 1393 07-18-2013 08:50 sp_pattern_match.c.patch 577 07-18-2013 09:32 snort_stream5_tcp.c.patch 1346 07-18-2013 09:37 parser.c.patch 286 07-18-2013 09:40 mempool.c.patch 358 07-18-2013 09:41 util.c.patch 529 07-18-2013 09:44 spo_log_ascii.c.patch 292 07-18-2013 09:46 spo_log_tcpdump.c.patch 286 07-18-2013 09:49 dynamic-preprocessor-include-mempool.c.patch 2451 07-18-2013 09:51 dynamic-preprocessor-dns-spp_dns.c.patch 411 07-18-2013 09:35 snort.c.patch --------- ------- 8932 11 files I am attaching the zip file to this bug report. Bill Parker (wp02855 at gmail dot com) ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Replace deprecated bzero() calls in Snort-2.9.5 with memset() Bill Parker (Jul 18)
- Re: Replace deprecated bzero() calls in Snort-2.9.5 with memset() Hui Cao (Jul 22)