Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: bug in sfutil/sfrt.c

From: Joel Esler <jesler () sourcefire com>
Date: Fri, 15 Mar 2013 10:57:27 -0400
On Mar 12, 2013, at 1:46 AM, Mitesh Jadia <mitesh.jadia () gmail com> wrote:


version snort-2.9.2

FUNCTION:

table_t *sfrt_new(char table_type, char ip_type, long data_size, uint32_t mem_cap)

at the end of this function (use after free found. SUP_IP6 is enabled)

#ifdef SUP_IP6
    if (!table->rt6)
    {
        table->free( table->rt );
        free(table->data);
        free(table);
    }
#endif

    return table;
}


Thanks Mitesh,

We have fixed this in Snort version 2.9.5.0 already.  We are planning on releasing a beta for this soon.

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire


------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: