[Snort-devel] Patch for snort-1.9.1: CORE-2003-0307: StreamReassembly Integer Overflow (fwd)

Chris Green cmg at ...402...
Wed Apr 16 07:41:06 EDT 2003

"Dave Greenstein" <dave at ...1918...> writes:

> Hi Chris,
> I think a lot of people have not or can not upgrade to snort 2.0
> immediately, so, can you make an official 1.9.1 patch? 

No, I won't. I have no objection to making your patch available on
snort.org's webpage for the immediate short term as an unsupported
patch that can be used until you can upgrade.

The bugs that I can commit snort to dealing with are at snort

> I noticed the main 1.9.1 source link has been removed from
> snort.org. Others might need it to patch their own 1.9.1 versions if
> they can't upgrade to 2.0.  I've submitted the changes I think are
> necessary to 1.9.1. These changes correct the memory overflow and
> use the SafeMemcpy as in snort 2.0.

Did you add SafeMemcpy to frag2 as well? I don't know of issues there
but it was added as a safety precaution.
Chris Green <cmg at ...402...>
Chicken's thinkin'

More information about the Snort-devel mailing list