Snort mailing list archives

Re: possible segfault on snort-2.9.x.x

From: "Lokesh Bevinamarad \(lbevinam\) via Snort-devel" <snort-devel () lists snort org>
Date: Thu, 16 Aug 2018 14:22:52 +0000

Thanks Nilesh for pointing this out. We will take a look

Thanks
-Lokesh

From: Snort-devel <snort-devel-bounces () lists snort org> On Behalf Of Nilesh K. Patel via Snort-devel
Sent: Thursday, August 16, 2018 7:00 PM
To: snort-devel () lists snort org
Subject: [SUSPECTED SPAM] [Snort-devel] possible segfault on snort-2.9.x.x

Discover possible segfault in http pre-processor. Please consider below patch to resolve.

--- a/src/preprocessors/HttpInspect/include/hi_eo_log.h
+++ b/src/preprocessors/HttpInspect/include/hi_eo_log.h
@@ -30,7 +30,7 @@
static inline int hi_eo_generate_event(HI_SESSION *Session, int iAlert)
{
     if(iAlert && !(Session->norm_flags & HI_BODY) &&
-       !Session->server_conf->no_alerts)
+       Session->server_conf && !Session->server_conf->no_alerts)
     {
         return HI_BOOL_TRUE;
     }

Flow from "checkCacheFlowTimeout" function, there is a chance that server_conf is null as Session pointer is pointing 
to static variable and current processing packet is non http.

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

possible segfault on snort-2.9.x.x Nilesh K. Patel via Snort-devel (Aug 16)
- Re: possible segfault on snort-2.9.x.x Lokesh Bevinamarad (lbevinam) via Snort-devel (Aug 16)
  - Message not available
    - Message not available
    - Message not available
    - Re: possible segfault on snort-2.9.x.x Nilesh K. Patel via Snort-devel (Sep 06)