Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Possible segfault on snort exit (snort-2.x)

From: "Ashwin Shimoga Nanjunda Rao \(ashimoga\) via Snort-devel" <snort-devel () lists snort org>
Date: Tue, 5 Mar 2019 03:10:48 +0000
Hi Nilesh,
  Thanks for reporting this issue. we will include this in our next OS release.

Thanks
Ashwin

From: Snort-devel <snort-devel-bounces () lists snort org> On Behalf Of Nilesh K. Patel via Snort-devel
Sent: Tuesday, March 5, 2019 12:51 AM
To: snort-devel () lists snort org
Subject: [Snort-devel] Possible segfault on snort exit (snort-2.x)

Found segfault on snort exit at HttpInspectFreeConfigs function in src/preprocessors/spp_httpinspect.c file.

Patch to fix this:


-

-    for (i = 0; (i < HTTP_MAX_XFF_FIELDS) && (oldXffFields[i]); i++)

-    {

-        free(oldXffFields[i]);

+    if(oldXffFields){

+        for (i = 0; (i < HTTP_MAX_XFF_FIELDS) && (oldXffFields[i]); i++)

+        {

+            free(oldXffFields[i]);

+            oldXffFields[i] = NULL;

+        }

+        free(oldXffFields);

+        oldXffFields = NULL;

     }

-    free(oldXffFields);

-    oldXffFields = NULL;



BT of segfault:

(gdb) bt full
#0 0x00005574a7ac4c88 in HttpInspectFreeConfigs (config=0x7fcd55431380) at spp_httpinspect.c:1492
i = 0
#1 0x00005574a7ac61ea in HttpInspectReloadSwapFree (data=0x7fcd55431380) at spp_httpinspect.c:2217
No locals.
#2 0x00005574a7a31d43 in FreePreprocessorReloadData (sc=0x7fcd54000b20) at plugbase.c:1557
node = 0x7fcd55431360
preproc = 0x5574ab775860
#3 0x00005574a7a3a239 in SnortConfFree (sc=0x7fcd54000b20) at snort.c:4601
i = 10
#4 0x00005574a7a39226 in SnortCleanup (exit_val=0) at snort.c:4018
idxPreproc = 0x0
idxPlugin = 0x0
already_exiting = 1
#5 0x00005574a7a38e25 in CleanExit (exit_val=0) at snort.c:3797
tmp = <error reading variable tmp (value of type `SnortConfig' requires 69296 bytes, which is more than max-value-size)>
#6 0x00005574a7a34042 in SnortMain (argc=22, argv=0x7ffcfd417608) at snort.c:925
tmp_ptr = 0x0
intf = 0x0
daqInit = 1
#7 0x00005574a7a33da9 in main (argc=22, argv=0x7ffcfd417608) at snort.c:754


Nilesh

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: