Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Add strdup() sanity checks to DAQ 2.0.6

From: Bill Parker <wp02855 () gmail com>
Date: Thu, 31 Dec 2015 14:17:37 -0800
Hello All,

In reviewing code in DAQ 2.0.6, I found some instances where
calls to strdup() are not checked for a return value of NULL,
indicating failure.  These were found in daq-2.0.6/os-daq-modules,
in files 'daq_dump.c', 'daq_nfq.c', and 'daq_ipq.c'.

The patch files below should address/correct the above issues:

--- daq_dump.c.orig     2015-12-31 10:12:49.658673025 -0800
+++ daq_dump.c  2015-12-31 10:15:48.951460216 -0800
@@ -70,6 +70,13 @@
         else if ( !strcmp(entry->key, "file") )
         {
             impl->name = strdup(entry->value);
+           if ( !impl->name )
+           {
+               snprintf(errBuf, errMax,
+                   "%s: can't allocate memory for device (%s)\n",
+                   __FUNCTION__, impl->name);
+                   return 1;
+           }
         }
     }
     if ( !s )

=======================================================================

--- daq_nfq.c.orig      2015-12-31 10:17:25.295705075 -0800
+++ daq_nfq.c   2015-12-31 10:18:54.427033208 -0800
@@ -592,6 +592,13 @@
         free(impl->fcode.bf_insns);

     impl->filter = strdup(filter);
+    if ( !impl->filter )
+    {
+       snprintf(errBuf, errMax,
+           "%s: can't allocate memory for device (%s)\n",
+           __FUNCTION__, filter);
+       return DAQ_ERROR;
+    }
     impl->fcode = fcode;

     return DAQ_SUCCESS;

=======================================================================

--- daq_ipq.c.orig      2015-12-31 10:07:40.385365978 -0800
+++ daq_ipq.c   2015-12-31 10:10:11.605585290 -0800
@@ -435,6 +435,13 @@
         free(impl->fcode.bf_insns);

     impl->filter = strdup(filter);
+    if ( !impl->filter )
+    {
+       snprintf(errBuf, errMax,
+           "%s: can't allocate memory for device (%s)\n",
+           __FUNCTION__, filter);
+       return DAQ_ERROR;
+    }
     impl->fcode = fcode;

     return DAQ_SUCCESS;

=======================================================================

A ./configure, make && sudo make install results in a clean compile
build and install, btw.

I am attaching the patch files to this bug report...

Bill

Attachment: daq_dump.c.patch
Description:

Attachment: daq_ipq.c.patch
Description:

Attachment: daq_nfq.c.patch
Description: 

------------------------------------------------------------------------------

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: