[Snort-devel] Segfault in 1.8.1-RELEASE in AppendOutputFuncList
Kristofer T. Karas
ktk at ...820...
Mon Sep 17 18:19:02 EDT 2001
Hi Marty, et al,
Appologies in advance if this is old news. I just uncommented the
'mysql' output plugin in snort 1.8.1-RELEASE, and was greeted with a
segfault just after the 'welcome to snort' greeting was printed.
It turns out that in SetOutputList (in rules.c), the old list (stored
either in AlertList or LogList) is free()'ed, but the list itself is not
set to NULL. When AddFuncToOutputList is next called, it attempts to
append another link onto AlertList or LogList, which segfaults later
(it's already freed memory).
Trivial patch included. Snort seems to be humming along nicely now...
FWIW, snort is running chrooted in a jail on a Linux 2.2.19, Slackware
7.1 platform, glibc 2.1.3, configured with "--with-mysql --with-flexresp
-------------- next part --------------
--- rules.c.orig Wed Aug 15 01:54:35 2001
+++ rules.c Mon Sep 17 20:56:39 2001
@@ -1473,10 +1473,12 @@
prev = AlertList;
+ AlertList = NULL;
prev = LogList;
+ LogList = NULL;
More information about the Snort-devel