[Snort-devel] patch for sp_pattern_match.c::ParsePattern (BAD JUJU)

Pavel Zeldin pavel.zeldin at ...2210...
Fri Sep 26 16:45:02 EDT 2003


There is piece of code in ParsePattern() marked "BAD JUJU" which has a
potential buffer overflow while parsing rules.
Here is a patch to avoid buffer overflow. It does not improve parsing
code in any other way, therefore "BAD JUJU" is still bad :-)

The patch is against snort-2.0.2
/* $Id: sp_pattern_match.c,v 1.56 2003/07/28 17:35:22 chris_reid Exp $ */


Pavel.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: sp_pattern_match.c.diff
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20030926/3489ec15/attachment.ksh>


More information about the Snort-devel mailing list