Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Missing Sanity Check for segment_calloc() in snort-3.0.0 Alpha 3

From: Bill Parker <wp02855 () gmail com>
Date: Thu, 31 Dec 2015 14:22:05 -0800
Hello All,

In reviewing source code in sub-directory
'src/network_inspectors/reputation'
file 'reputation_parse' in function 'IpListInit' there is a call to
segment_calloc() which is not checked against variable/constant 'nullptr'
which could lead to additional issues in the white/black list entries.

The patch file below should address/correct this issue:

--- reputation_parse.cc.orig    2015-12-31 08:54:46.879515874 -0800
+++ reputation_parse.cc 2015-12-31 08:59:20.703317471 -0800
@@ -119,6 +119,10 @@
         }

         list_ptr = segment_calloc((size_t)DECISION_MAX, sizeof(ListInfo));
+       if (list_ptr == nullptr)
+       {
+           FatalError("Failed to allocate memory for white-black
lists.\n");
+       }
         config->iplist->list_info = list_ptr;

         config->local_black_ptr = list_ptr + BLACKLISTED *
sizeof(ListInfo);

=======================================================================

I am attaching the patch file to this bug report...

This issue does not appear to exist in
Snort-2.9.8.0/src/dynamic-preprocessors/
reputation, btw

Bill Parker (wp02855 at gmail dot com) <m0000000!>

Attachment: reputation_parse.cc.patch
Description: 

------------------------------------------------------------------------------

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: