[Snort-devel] Potential for division by zero in file 'util.c' function TimeStop:

Kaushal Bhandankar (kbhandan) kbhandan at ...3461...
Thu Oct 15 05:22:55 EDT 2015


Hi Bill,
60/60 should be evaluated to 1. I don’t see any problem with the code.

Regards,
Kaushal

From: Bill Parker [mailto:wp02855 at ...2499...]
Sent: Monday, October 12, 2015 10:23 PM
To: snort-devel at lists.sourceforge.net; Ed Borgoyn (eborgoyn); Russ Combs (rucombs)
Subject: [Snort-devel] Potential for division by zero in file 'util.c' function TimeStop:

Hello All,

    In running Snort 2.9.8.0 Beta/RC through clang-analyzer, it
returned a potential for a division by zero at lines 1071-1073
in file 'util.c', function 'TimeStop'.  The issue could occur where
mins is 1, hrs is 0, days = 0, and the value for total_secs is 60
and SECONDS_PER_MIN is 60, which 60/60 = 0, which would result in
a division by zero error.

if ( mins > 0 || hrs > 0 || days > 0 )
{
            uint64_t n = (pc.total_from_daq / (total_secs / SECONDS_PER_MIN));

I know this is unlikely to occur, as snort would have to be started
and stopped in exactly 60 seconds, but perhaps it should be written
as this:

    if ( mins > 0 || hrs > 0 || days > 0 )
            {
                        if (total_secs != SECONDS_PER_MIN)
                        {
                                    uint64_t n = (pc.total_from_daq / (total_secs / SECONDS_PER_MIN));
                        }
                        else /* total_secs and SECONDS_PER_MIN are 60 */
                        {
                                    uint64_t n = (pc.total_from_daq / SECONDS_PER_MIN);
                        }
            }

This would elininate the potential for the division by zero occuring at
all, would it not?

The same issue could occur in TimeStop where total_secs is equal to
SECONDS_PER_HOUR at lines 1065-1069, and where total_secs is equal to
SECONDS_PER_DAY at lines 1059-1063.

Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20151015/55f076a9/attachment.html>


More information about the Snort-devel mailing list