[Snort-devel] defrag causes segfaults in cvs,beta5 version

Martin Roesch roesch at ...48...
Tue Nov 28 11:13:24 EST 2000


I'm actually working on that very problem right now, I'm hoping to have it
fixed later today...

    -Marty

Chris Green wrote:
> 
> It dies on line 821 of spp_defrag.c, the first time it enters this
> branch of code using libpcap 0.5.2 by trying to free the same memory
> twice.
> 
> In fragdelete(), free(t->key) is freeing the location freetemp points
> to.  Then on the access to freetemp->pkth, it segfaults.
> 
> I need to get more familiar with the code before I start banging
> changes.
> 
> spp_defrag.c:
> if(TIME_LT(timecheck. , p->pkth->ts.))
>                 {
>                     fragmemuse -= froot->key->pkth->caplen + sizeof(Packet);
>                     freetemp = froot->key;
> [...]
>                     froot = fragdelete(froot->key, froot);
>                     free(freetemp->pkth);  /* free packet copy */
>                     free(freetemp);
>                     fragsweep--;
>                 }
> 
> --
> Chris Green <cmg at ...81...>
> "When the going gets weird, the weird turn pro..."
>                             -- Hunter S. Thompson
> _______________________________________________
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/snort-devel

-- 
Martin Roesch
roesch at ...48...
http://www.snort.org



More information about the Snort-devel mailing list