Snort mailing list archives
Lack of Sanity Checks in 'flow_control.cc' in Snort-3.0.0-a1
From: Bill Parker <wp02855 () gmail com>
Date: Fri, 12 Dec 2014 13:36:26 -0800
Missing Sanity Check for calloc() in Snort-3.0.0-a1 Hello All, In reviewing code in 'flow_control.cc' in directory '/src/flow' for snort-3.0.0-a1, I found 4 calls to calloc() which lacked a test for a return value of NULL, indicating failure. The patch file below adds the needed check and returns on failure :) --- flow_control.cc.orig 2014-12-12 13:24:44.430284296 -0800 +++ flow_control.cc 2014-12-12 13:28:13.310831940 -0800 @@ -407,6 +407,8 @@ fc.cache_nominal_timeout, 5, 0); tcp_mem = (Flow*)calloc(fc.max_sessions, sizeof(Flow)); + if (tcp_mem == NULL) { // unable to calloc memory, print error msg or just go home? + return; for ( unsigned i = 0; i < fc.max_sessions; ++i ) tcp_cache->push(tcp_mem + i); @@ -453,6 +455,8 @@ fc.cache_nominal_timeout, 5, 0); udp_mem = (Flow*)calloc(fc.max_sessions, sizeof(Flow)); + if (udp_mem == NULL) // unable to calloc memory, print error msg or just go home? + return; for ( unsigned i = 0; i < fc.max_sessions; ++i ) udp_cache->push(udp_mem + i); @@ -499,6 +503,8 @@ fc.cache_nominal_timeout, 5, 0); icmp_mem = (Flow*)calloc(fc.max_sessions, sizeof(Flow)); + if (icmp_mem == NULL) // unable to calloc memory, print error msg or just go home? + return; for ( unsigned i = 0; i < fc.max_sessions; ++i ) icmp_cache->push(icmp_mem + i); @@ -548,6 +554,8 @@ fc.cache_nominal_timeout, 5, 0); ip_mem = (Flow*)calloc(fc.max_sessions, sizeof(Flow)); + if (ip_mem == NULL) // unable to calloc memory, print error msg or just go home? + return; for ( unsigned i = 0; i < fc.max_sessions; ++i ) ip_cache->push(ip_mem + i); I am attaching the patch file to this email. Bill Parker (wp02855 at gmail dot com)
Attachment:
flow_control.cc.patch
Description:
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Lack of Sanity Checks in 'flow_control.cc' in Snort-3.0.0-a1 Bill Parker (Dec 12)