[Snort-devel] Minor error in spo_database.c

Roman Danyliw roman at ...49...
Wed Oct 16 13:56:02 EDT 2002


Dirk,

You are correct.  The msg variable should be escaped before being written
to signature.sig_name field.  A patch has been committed to CVS.

thanks,
Roman

On Wed, 16 Oct 2002, Dirk Geschke wrote:

> Hi all,
>
> I think there is a minor error in the Database() Routine where a new
> rule gets added to the database. In the actual file it is the line 964:
>
> 964   tmp2_len += snprintf(tmp2, MAX_QUERY_LENGTH-tmp2_len, "'%s'", msg);
>
> Here instead of 'msg' there should be something like sig_name, which is:
>
> sig_name = snort_escape_string(msg, data);
>
> (Of course, if you use sig_name here then you should move the line:
>
> 903 free(sig_name);
>
> to some later point then line 964...)
>
> Best regards
>
> Dirk
>
> +------------------------------------------------------------+
> | Dr. Dirk Geschke            | E-mail: geschke at ...802...     |
> | Gesellschaft fuer Netzwerk  | Tel.  : +49-(0)-89-991950-31 |
> | und Unix Administration mbH | Fax   : +49-(0)-89-991950-99 |
> | 85551 Kirchheim / Germany   | Raeter Stra/3e 26            |
> +------------------------------------------------------------+
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by: viaVerio will pay you up to
> $1,000 for every account that you consolidate with us.
> http://ad.doubleclick.net/clk;4749864;7604308;v?
> http://www.viaverio.com/consolidator/osdn.cfm
> _______________________________________________
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
>





More information about the Snort-devel mailing list