segfault caused by double free in spo_database.c

[Kervin Pierre <kpierre () fit edu>]

Hi,

I'm not a snort programmer but, it seems you have a double free in 
spo_datase.c ( snort 1.8.3 )

In the listing below, if sig_id is 0, select0 is going to be free'ed 
twice, line 748 and line 751 .

This has crashed snort a few times on my box.


-Kervin


#1  0x0805fd32 in Database (p=0xbfffef70, msg=0x85735c8 "MISC Large UDP 
Packet", arg=0x81b8868, event=0x8573394) at spo_database.c:751
751              free(select0);
(gdb) l
746              if(sig_id == 0)
747              {
748                free(select0);
749                ErrorMessage("database: Problem inserting a new 
signature '%s'\n", msg);
750              }
751              free(select0);
752
753              /* add the external rule references  */
754              if(otn_tmp)
755              {

--
http://linuxquestions.org/ - Ask linux questions, give linux help.


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users