Snort mailing list archives
Stream6 PAF callback function sharing (void **user) argument issue.
From: Mitesh Jadia <mitesh.jadia () gmail com>
Date: Mon, 3 Nov 2014 18:39:33 +0530
Hello, I read the code in Stream6/stream_paf.c function s5_paf_callback It calls each function registered with port for PAF. paf = s5_cb[i](ssn, &ps->user, data, len, flags, &ps->fpt); callback function will calloc some data structure and put it's reference at &ps->user. Now if in case more than one callback functions are being called for first packet in tcp session then following sequence will occur. 1) 1st callback calloc one data structure and stores it in *user argument and returns PAF_SEARCH. 2) 2nd function again calloc other data structure and overwrites it at *user(which is common for StreamTracker). It also returns PAF_SEARCH. I may be wrong in my analysis but I found that basically this is breaking functionality along with causing memory leak. Regards, Mitesh Jadia
------------------------------------------------------------------------------
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Stream6 PAF callback function sharing (void **user) argument issue. Mitesh Jadia (Nov 03)
- Re: Stream6 PAF callback function sharing (void **user) argument issue. Josh Rosenbaum (jrosenba) (Nov 06)