[Snort-devel] Segmentation fault while reloading configuration

Hugo Vasconcelos Saldanha hugovs at ...2499...
Thu Mar 27 19:06:57 EDT 2014


Hi snort-devel,


While testing snort dynamic reconfiguration feature (--enable-reload),
I'm getting a segfault in function VerifyOutputs(). The code is
similar in versions 2.9.6.0 and 2.9.7.0.alpha. Problematic line of
code is (snort.c:6125 in 2.9.6.0):

                if (strcasecmp(old_output_config->opts,
                                      new_output_config->opts) == 0)

Pointers are not tested before calling strcasecmp(). This only happens
when verifying old and new rule_type_output_configs arrays. Some lines
of code before, the options pointer is tested.

The following patch works for me.

--- snort.c.orig    2014-03-27 22:17:37.945505347 +0000
+++ snort.c    2014-03-27 22:33:29.864583499 +0000
@@ -6122,8 +6122,15 @@ static int VerifyOutputs(SnortConfig *ol
             if (strcasecmp(old_output_config->keyword,
                            new_output_config->keyword) == 0)
             {
-                if (strcasecmp(old_output_config->opts,
-                               new_output_config->opts) == 0)
+                if ((old_output_config->opts != NULL) &&
+                        (new_output_config->opts != NULL) &&
+                        (strcasecmp(old_output_config->opts,
new_output_config->opts) == 0))
+                {
+                    new_outputs++;
+                    break;
+                }
+                else if (old_output_config->opts == NULL &&
+                        new_output_config->opts == NULL)
                 {
                     new_outputs++;
                     break;

--
Hugo




More information about the Snort-devel mailing list