Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Segmentation fault while reloading configuration

From: "Josh Rosenbaum (jrosenba)" <jrosenba () cisco com>
Date: Fri, 28 Mar 2014 15:30:33 +0000
Hi Hugo,

Thank you for reporting this bug.  We will look into and address this
problem.

Josh


On 3/27/14, 7:06 PM, "Hugo Vasconcelos Saldanha" <hugovs () gmail com> wrote:


Hi snort-devel,


While testing snort dynamic reconfiguration feature (--enable-reload),
I'm getting a segfault in function VerifyOutputs(). The code is
similar in versions 2.9.6.0 and 2.9.7.0.alpha. Problematic line of
code is (snort.c:6125 in 2.9.6.0):

               if (strcasecmp(old_output_config->opts,
                                     new_output_config->opts) == 0)

Pointers are not tested before calling strcasecmp(). This only happens
when verifying old and new rule_type_output_configs arrays. Some lines
of code before, the options pointer is tested.

The following patch works for me.

--- snort.c.orig    2014-03-27 22:17:37.945505347 +0000
+++ snort.c    2014-03-27 22:33:29.864583499 +0000
@@ -6122,8 +6122,15 @@ static int VerifyOutputs(SnortConfig *ol
            if (strcasecmp(old_output_config->keyword,
                           new_output_config->keyword) == 0)
            {
-                if (strcasecmp(old_output_config->opts,
-                               new_output_config->opts) == 0)
+                if ((old_output_config->opts != NULL) &&
+                        (new_output_config->opts != NULL) &&
+                        (strcasecmp(old_output_config->opts,
new_output_config->opts) == 0))
+                {
+                    new_outputs++;
+                    break;
+                }
+                else if (old_output_config->opts == NULL &&
+                        new_output_config->opts == NULL)
                {
                    new_outputs++;
                    break;

--
Hugo

--------------------------------------------------------------------------
----
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!



------------------------------------------------------------------------------
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: