[Snort-devel] strdup in snort

Todd Wease twease at ...402...
Mon Apr 2 11:32:17 EDT 2007


Sebastien Tandel wrote:
> Hi,
> 
> 
>    While reading the code of snort, I saw SnortStrdup() which is in fact
> a copy of strdup() + a log message in case of failure of strdup.
> In case the string to duplicate is NULL, snort will crash. (strdup is
> used in many places and will follow the same behavior) Is it really what
> you're expecting from this function?
> 
> 
> Regards,
> Sebastien Tandel

Thanks, Sebastien for pointing this out.  Yes, we should be checking for
 a NULL pointer coming in.  The fix for this will be in the next 2.7.0
release.

Thanks,
Todd





More information about the Snort-devel mailing list