[Snort-devel] Add strdup() sanity checks to DAQ 2.0.6

Bill Parker wp02855 at ...2499...
Thu Dec 31 17:17:37 EST 2015


Hello All,

In reviewing code in DAQ 2.0.6, I found some instances where
calls to strdup() are not checked for a return value of NULL,
indicating failure.  These were found in daq-2.0.6/os-daq-modules,
in files 'daq_dump.c', 'daq_nfq.c', and 'daq_ipq.c'.

The patch files below should address/correct the above issues:

--- daq_dump.c.orig     2015-12-31 10:12:49.658673025 -0800
+++ daq_dump.c  2015-12-31 10:15:48.951460216 -0800
@@ -70,6 +70,13 @@
         else if ( !strcmp(entry->key, "file") )
         {
             impl->name = strdup(entry->value);
+           if ( !impl->name )
+           {
+               snprintf(errBuf, errMax,
+                   "%s: can't allocate memory for device (%s)\n",
+                   __FUNCTION__, impl->name);
+                   return 1;
+           }
         }
     }
     if ( !s )

=======================================================================

--- daq_nfq.c.orig      2015-12-31 10:17:25.295705075 -0800
+++ daq_nfq.c   2015-12-31 10:18:54.427033208 -0800
@@ -592,6 +592,13 @@
         free(impl->fcode.bf_insns);

     impl->filter = strdup(filter);
+    if ( !impl->filter )
+    {
+       snprintf(errBuf, errMax,
+           "%s: can't allocate memory for device (%s)\n",
+           __FUNCTION__, filter);
+       return DAQ_ERROR;
+    }
     impl->fcode = fcode;

     return DAQ_SUCCESS;

=======================================================================

--- daq_ipq.c.orig      2015-12-31 10:07:40.385365978 -0800
+++ daq_ipq.c   2015-12-31 10:10:11.605585290 -0800
@@ -435,6 +435,13 @@
         free(impl->fcode.bf_insns);

     impl->filter = strdup(filter);
+    if ( !impl->filter )
+    {
+       snprintf(errBuf, errMax,
+           "%s: can't allocate memory for device (%s)\n",
+           __FUNCTION__, filter);
+       return DAQ_ERROR;
+    }
     impl->fcode = fcode;

     return DAQ_SUCCESS;

=======================================================================

A ./configure, make && sudo make install results in a clean compile
build and install, btw.

I am attaching the patch files to this bug report...

Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20151231/057fd9a9/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: daq_dump.c.patch
Type: application/octet-stream
Size: 441 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20151231/057fd9a9/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: daq_ipq.c.patch
Type: application/octet-stream
Size: 423 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20151231/057fd9a9/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: daq_nfq.c.patch
Type: application/octet-stream
Size: 423 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20151231/057fd9a9/attachment-0002.obj>


More information about the Snort-devel mailing list