Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Stream6 PAF callback function sharing (void **user) argument issue.

From: Mitesh Jadia <mitesh.jadia () gmail com>
Date: Mon, 3 Nov 2014 18:39:33 +0530
Hello,

I read the code in Stream6/stream_paf.c
function s5_paf_callback

It calls each function registered with port for PAF.
            paf = s5_cb[i](ssn, &ps->user, data, len, flags, &ps->fpt);

callback function will calloc some data structure and put it's reference at
&ps->user.
Now if in case more than one callback functions are being called for first
packet in tcp session then following sequence will occur.

1)  1st callback calloc one data structure and stores it in  *user argument
and returns PAF_SEARCH.

2) 2nd function again calloc other data structure and overwrites it at
*user(which is common for StreamTracker). It also returns PAF_SEARCH.


I may be wrong in my analysis but I found that basically this is breaking
functionality along with causing memory leak.



Regards,
Mitesh Jadia

------------------------------------------------------------------------------

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: