Snort mailing list archives
[snort-devel] - additional error checking for calls in snort-2.9.7.0-alpha
From: Bill Parker <wp02855 () gmail com>
Date: Thu, 13 Mar 2014 14:20:52 -0700
Hi All, In reviewing code in Snort-2.9.7.0-alpha, I found some instances where the library call to stat() was used, but without a check of the return value being < 0, which would indicate failure. The patch file is below: --- util.c.orig 2014-03-13 09:17:43.801561939 -0700 +++ util.c 2014-03-13 09:26:56.257776283 -0700 @@ -788,14 +788,16 @@ "system\n", _PATH_VARRUN); #endif /* _PATH_VARRUN */ - stat(_PATH_VARRUN, &pt); + if (stat(_PATH_VARRUN, &pt) == -1) + LogMessage("WARNING: Could not stat _PATH_VARRUN...\n"); if(!S_ISDIR(pt.st_mode) || access(_PATH_VARRUN, W_OK) == -1) { LogMessage("WARNING: _PATH_VARRUN is invalid, trying " "/var/log/ ...\n"); SnortStrncpy(snort_conf->pid_path, "/var/log/", sizeof(snort_conf->pid_path)); - stat(snort_conf->pid_path, &pt); + if (stat(snort_conf->pid_path, &pt) == -1) + LogMessage("WARNING: Could not stat %s\n", snort_conf->pid_path); if(!S_ISDIR(pt.st_mode) || access(snort_conf->pid_path, W_OK) == -1) { This patch file just outputs a WARNING via LogMessage, since additional checks take care of any path/file issues later on. In checking /tools/u2openappid, file 'u2openappid.c', I found an instance where fseek() was called with no check for a return value of -1, indicating failure. The patch file below adds a simple warning message: --- u2openappid.c.orig 2014-03-13 09:47:59.775362871 -0700 +++ u2openappid.c 2014-03-13 09:49:50.465431009 -0700 @@ -173,7 +173,10 @@ if ( s_off ) { - fseek(it->file, s_pos+s_off, SEEK_SET); + if (fseek(it->file, s_pos+s_off, SEEK_SET) == -1) { + puts("Unable to SEEK on current file .. and this is not being handled yet."); + return FAILURE; + } s_off = 0; } In checking /tools/u2spewfoo, file 'u2spewfoo.c', I found an instance where fseek() was called with no check for a return value of -1, indicating failure. The patch file below adds a simple warning message: --- u2spewfoo.c.orig 2014-03-13 09:55:39.834834064 -0700 +++ u2spewfoo.c 2014-03-13 09:56:37.657182987 -0700 @@ -174,7 +174,10 @@ if ( s_off ) { - fseek(it->file, s_pos+s_off, SEEK_SET); + if (fseek(it->file, s_pos+s_off, SEEK_SET) == -1) { + puts("Unable to SEEK on current file .. and this is not being handled yet."); + return FAILURE; + } s_off = 0; } In directory 'tools/file_server', file 'file_server.c', I found an instance where listen() is called without a check of the return value being < 0, which would indicate failure. The patch file below adds the check and a error message: --- file_server.c.orig 2014-03-13 10:06:37.844463704 -0700 +++ file_server.c 2014-03-13 10:07:44.643953576 -0700 @@ -615,7 +615,12 @@ //listen marks the socket as passive socket listening to incoming connections, //it allows max 5 backlog connections: backlog connections are pending in queue //if pending connections are more than 5, later request may be ignored - listen(sockfd,5); + + if (listen(sockfd,5) < 0) + { + ErrorMessage("ERROR on listen.\n"); + exit(1); + } while (!stop_processing) { A 'make' results in a clean compile of the above patch files :) I am attaching the patch file(s) to this email. Bill Parker (wp02855 at gmail dot com) m000000000000000000000000000000!
Attachment:
util.c.patch
Description:
Attachment:
u2openappid.c.patch
Description:
Attachment:
u2spewfoo.c.patch
Description:
Attachment:
file_server.c.patch
Description:
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- [snort-devel] - additional error checking for calls in snort-2.9.7.0-alpha Bill Parker (Mar 13)
- Re: [snort-devel] - additional error checking for calls in snort-2.9.7.0-alpha Costas Kleopa (ckleopa) (Mar 14)