Snort mailing list archives

Re: Possible memory leaks in Snort-3.0.0-a1 (144/145) found...

From: Russ <rucombs () cisco com>
Date: Mon, 13 Apr 2015 09:00:43 -0400

Bill,

Thanks for keeping an eye on the code. In these cases, free() is notactually missing and should not be added. Doing so will cause problemsbecause there are other references to the data. Let us know what elseyou find.


Russ

On 4/10/15 1:50 PM, Bill Parker wrote:

Hello All,

   In reviewing source code for Snort-3.0.0-a1 (build 144/145), in
directory 'src/filters', file 'sfthd.cc', I found a couple of calls
to calloc(), upon failure, appear to fail to release memory previously
allocated within the same function.  The patch file is below:

--- sfthd.cc.orig       2015-04-10 10:37:50.910579964 -0700
+++ sfthd.cc    2015-04-10 10:43:11.485323365 -0700
@@ -401,6 +401,7 @@
         if ( !sfthd_item->sfthd_node_list->tail)
         {

/* can you say paranoid- if there is a count, thereshould be a tail */+ free(sfthd_item); /* do we have a potential leak by notfree()'ng */

             return -10;
         }
         p = (THD_NODE*)sfthd_item->sfthd_node_list->tail->ndata;
@@ -424,6 +425,7 @@
     sfthd_node = (THD_NODE*)calloc(1,sizeof(THD_NODE));
     if ( !sfthd_node )
     {
+       free(sfthd_item);
         return -6;
     }

@@ -549,6 +551,7 @@
     sfthd_node = (THD_NODE*)calloc(1,sizeof(THD_NODE));
     if ( !sfthd_node )
     {

+ free(thd_objs->sfthd_garray[policy_id]); /* from previous callto calloc() in this func */

         return -2;
     }

I am attaching the patch file to this bug report...

Bill Parker (wp02855 at gmail dot com)


------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF


_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Possible memory leaks in Snort-3.0.0-a1 (144/145) found... Bill Parker (Apr 10)
- Re: Possible memory leaks in Snort-3.0.0-a1 (144/145) found... Russ (Apr 13)