Snort mailing list archives
Missing Sanity Checks for malloc() in Snort 2.9.8.0 beta (round 2)
From: Bill Parker <wp02855 () gmail com>
Date: Tue, 1 Sep 2015 13:59:02 -0700
Hello All, In reviewing source code in Snort-2.9.8.0 beta, I found a call to malloc() in directory 'snort-2.9.8.0_beta/src/dynamic-preprocessors/appid/client_plugins', file 'client_app_smtp.c' which is not checked for a return value of NULL indicating failure. The patch file below should address this issue: --- client_app_smtp.c.orig 2015-09-01 13:52:00.084000000 -0700 +++ client_app_smtp.c 2015-09-01 13:55:46.549000000 -0700 @@ -642,6 +642,11 @@ { if (!fd->headerline) fd->headerline = malloc(MAX_HEADER_LINE_SIZE); + if (!fd->headerline) { + _dpd.errMsg("Failed to allocate memory for fd->headerline..."); + fd->headerline = NULL; /* paranoia mode */ + goto done; /* should we do something else here perhaps? */ + } if (fd->pos < (MAX_HEADER_LINE_SIZE-1)) fd->headerline[fd->pos++] = *data; I am attaching the patch file to this bug report...m00000! Questions, Comments, Suggestions, Complaints? :) Bill Parker (wp02855 at gmail dot com)
Attachment:
client_app_smtp.c.patch
Description:
------------------------------------------------------------------------------
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Missing Sanity Checks for malloc() in Snort 2.9.8.0 beta (round 2) Bill Parker (Sep 01)