Snort mailing list archives
report frag3 preprocess bug
From: zhaohui yin <yinzhaohui () gmail com>
Date: Wed, 9 Nov 2005 09:50:42 +0800
It's sound snort-devel mail list is not active,so I send the message to snort-users. 1. a small mem leak in Frag3Init() will lost a IpAddrSet struct memory, I attach the patch file. 2. code confused? in Frag3NewTracker() function: fragStart = ((char *)p->iph + IP_HLEN(p->iph) * 4) + (u_int16_t)p->ip_options_len; fragLength = p->actual_ip_len - IP_HLEN(p->iph) * 4 - (u_int16_t)p->ip_options_len; in RFC , IP Header Len had include the options len, does need subtract IP header len and options len again? -- yinzhaohui
Attachment:
spp_frag3_c.patch
Description:
Current thread:
- report frag3 preprocess bug zhaohui yin (Nov 08)