[Snort-devel] Bug : unsafe pointer usage

Marc Norton marc.norton at ...402...
Fri Jul 9 08:30:14 EDT 2004


Erik,

Thanks for the catch.  The 'RULE_PTR * prule' declaration, should have
been just a 'RULE_PTR prule' declaration.  Fortunately it makes no
practical difference, since prule is just a temporary storage for the
void pointer and in this case a void ** was suitable for storing a void
*, although misleading and not the intent.  I'll fix this in the code
shortly.

In general I agree with all of your arguments regarding type checking,
void * variables should be minimize to improve type checking.  

However, this is one of those cases were void * excels were no other
pointer will. The intent was to use a void * for RULE_PTR to avoid using
any data types that will have to be revisited.  The 'struct _otnx_ *'
that is currently in use may and probably will change in the future.
Using a void * allows us to not touch this code again, it always treats
the RULE_PTR in an abstract way, and is just a container for a void
pointer. I'll probably stick with the original design, but thanks for
the bug catch.

Marc N

> -----Original Message-----
> From: snort-devel-admin at lists.sourceforge.net [mailto:snort-devel-
> admin at lists.sourceforge.net] On Behalf Of Erik de Castro Lopo
> Sent: Thursday, July 08, 2004 9:08 PM
> To: snort-devel at lists.sourceforge.net
> Subject: [Snort-devel] Bug : unsafe pointer usage
> 
> Hi all,
> 
> I would have set a patch for this but cvs.snort.org seems to be
> down at the moment.
> 
> Anyway, in src/pcrm.h, RULE_PTR is defined as:
> 
>     typedef void * RULE_PTR;
> 
> This kind of thing always makes me a little nervous, as void *
> pointers can hide bugs. Sure enough, in pcrm.c, the functions
> prmCompileGroups() and prmCompileByteGroups() each define a
> variable named prule as:
> 
>     RULE_PTR   *prule;
> 
> and in both functions, the return value of function returning
> a RULE_PTR is assigned to prule. Just in case you missed it, this
> means that a void * pointer was assigned to a void**.
> 
> The problems with void* pointers is that they completely bypass the
> type checking system by allowing ANY kind of pointer to be assigned
> to a void* and void * to be assigned to ANY kind of pointer.
> 
> It turns out that RULE_PTR does not even NEED to be defined as it
> is. This:
> 
>     typedef struct _otnx_ * RULE_PTR;
> 
> gives us back the type safety and only causes a couple of warning
> messages in pcrm.c. Funnily enough, every single one of those
> warnings disappears when the bugs in the prmCompileGroups() and
> prmCompileByteGroups() are fixed.
> 
> I would be happy to provide a patch for this when the CVS server
> comes back.
> 
> Regards,
> Erik
> --
> ------------------------------------------------------
> [N] Erik de Castro Lopo, Senior Computer Engineer
> [E] erik.de.castro.lopo at ...2292...
> [W] http://www.sensorynetworks.com
> [T] +61 2 83022726
> [F] +61 2 94750316
> [A] L4/140 William St, East Sydney NSW 2011, Australia
> ------------------------------------------------------
> A good debugger is no substitute for a good test suite.
> 
> 
> -------------------------------------------------------
> This SF.Net email sponsored by Black Hat Briefings & Training.
> Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
> digital self defense, top technical experts, no vendor pitches,
> unmatched networking opportunities. Visit www.blackhat.com
> _______________________________________________
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel






More information about the Snort-devel mailing list