Snort mailing list archives
[snort-devel] Patches to add error checking and replace legacy library calls in 2.9.7.0-alpha
From: Bill Parker <wp02855 () gmail com>
Date: Wed, 12 Mar 2014 10:32:00 -0700
Hi All, In reviewing code in Snort-2.9.7.0-alpha, I found instances of the legacy library call 'index()' which I have replaced with the more up to date library call 'strchr()' in directory /snort-2.9.7.0-alpha/tools/u2streamer/', file 'SpoolFileIterator.c' I also found a call to stat() and calls to write() which did not check for a return value of < 0, indicating failure (according to XXX comments in this file, it says we may want to check for errors) so this patch does that. The patch file is below: --- SpoolFileIterator.c.orig 2014-03-11 18:34:12.895026389 -0700 +++ SpoolFileIterator.c 2014-03-11 19:25:49.640606828 -0700 @@ -175,11 +175,11 @@ } /* Remove trailing newline */ - if((s_position = index(buffer, '\n'))) + if((s_position = strchr(buffer, '\n'))) *s_position = '\0'; /* Parse the position */ - if(!(s_position = index(buffer, ','))) + if(!(s_position = strchr(buffer, ','))) { fprintf(stderr, "Syntax error processing bookmark data '%s'\n", buffer); @@ -228,6 +228,7 @@ char buffer[256]; if(!iterator || !iterator->bookmark_file) return SF_EINVAL; + int offset; if(iterator->bookmark_fd == -1) { @@ -245,8 +246,22 @@ memset(buffer, 256, ' '); snprintf(buffer, 255, "%u, %u\n", timestamp, position); /* Set back to the beginning of the file */ - lseek(iterator->bookmark_fd, 0, SEEK_SET); - write(iterator->bookmark_fd, buffer, 256); + offset = 0; + offset = lseek(iterator->bookmark_fd, 0, SEEK_SET); + if (offset == -1) + { + fprintf(stderr, "Unable to seek file '%s': %s\n", + iterator->bookmark_file, strerror(errno)); + return -1; + } + offset = 0; + offset = write(iterator->bookmark_fd, buffer, 256); + if (offset == -1) + { + fprintf(stderr, "Unable to write file '%s': %s\n", + iterator->bookmark_file, strerror(errno)); + return -1; + } /* XXX Block signals here */ /* XXX We may also want to check for errors */ @@ -292,7 +307,12 @@ return SF_ENOENT; } - stat(iterator->filepath, &buf); + rval = stat(iterator->filepath, &buf); + if (rval < 0) + { + fprintf(stderr, "Unable to get file status: %s\n", + strerror(rval)); /* warning only */ + } } iterator->timestamp = file_timestamp; In directory 'snort-2.9.7.0-alpha/src/preprocessors', file 'perf-base.c', I found a call to fseek without a corresponding check for a return value of < 0, indicating failure. The patch file below corrects this issue: --- perf-base.c.orig 2014-03-11 19:31:04.498623663 -0700 +++ perf-base.c 2014-03-11 19:37:46.668737416 -0700 @@ -1433,7 +1433,11 @@ WarningMessage("%s: Failed to write stats\n", __FUNCTION__); // fseek to adjust offset; ftruncate doesn't do that for us. - fseek(fh, start, SEEK_SET); + wrote = fseek(fh, start, SEEK_SET); + if (wrote == -1) + { + WarningMessage("%s: Failed to adjust offset\n", __FUNCTION__); + } ftruncate(fileno(fh), start); } In directory "snort-2.9.7.0.alpha/src/dynamic-preprocessors/appid" file 'luaDetectorModule.c', I found calls to fseek() and ftell() without proper checks for a return value of < 0, which would be an error. The patch file below adds the necessary checks: --- luaDetectorModule.c.orig 2014-03-11 19:40:14.065470783 -0700 +++ luaDetectorModule.c 2014-03-11 19:47:25.833346260 -0700 @@ -1037,9 +1037,24 @@ } /*Load lua file as a detector. */ - fseek(file, 0, SEEK_END); + rval = fseek(file, 0, SEEK_END); + if (rval == -1) + { + _dpd.errMsg("Unable to seek lua detector '%s'\n",globs.gl_pathv[n]); + continue; + } validatorBufferLen = ftell(file); - fseek(file, 0, SEEK_SET); + if (validatorBufferLen == -1) + { + _dpd.errMsg("Unable to return offset on lua detector '%s'\n",globs.gl_pathv[n]); + continue; + } + rval = fseek(file, 0, SEEK_SET); + if (rval == -1) + { + _dpd.errMsg("Unable to seek lua detector '%s'\n",globs.gl_pathv[n]); + continue; + } if ((validatorBuffer = malloc(validatorBufferLen + 1)) == NULL) { I am attaching the patch file(s) to this email. A 'make' results in a clean compile of the above patch file(s). Bill Parker (wp02855 at gmail dot com) Ho, Ha, Ha, Guard, Turn, Parry, Dodge, Spin, Ha, Thrust! (Robin Hood Daffy)
Attachment:
SpoolFileIterator.c.patch
Description:
Attachment:
perf-base.c.patch
Description:
Attachment:
luaDetectorModule.c.patch
Description:
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- [snort-devel] Patches to add error checking and replace legacy library calls in 2.9.7.0-alpha Bill Parker (Mar 12)
- Re: [snort-devel] Patches to add error checking and replace legacy library calls in 2.9.7.0-alpha Costas Kleopa (ckleopa) (Mar 12)