[Snort-devel] possible segfault on snort-2.9.x.x
Lokesh Bevinamarad (lbevinam)
lbevinam at cisco.com
Thu Aug 16 10:22:52 EDT 2018
Thanks Nilesh for pointing this out. We will take a look
From: Snort-devel <snort-devel-bounces at lists.snort.org> On Behalf Of Nilesh K. Patel via Snort-devel
Sent: Thursday, August 16, 2018 7:00 PM
To: snort-devel at lists.snort.org
Subject: [SUSPECTED SPAM] [Snort-devel] possible segfault on snort-2.9.x.x
Discover possible segfault in http pre-processor. Please consider below patch to resolve.
@@ -30,7 +30,7 @@
static inline int hi_eo_generate_event(HI_SESSION *Session, int iAlert)
if(iAlert && !(Session->norm_flags & HI_BODY) &&
+ Session->server_conf && !Session->server_conf->no_alerts)
Flow from "checkCacheFlowTimeout" function, there is a chance that server_conf is null as Session pointer is pointing to static variable and current processing packet is non http.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-devel