<HTML dir=ltr><HEAD>
<META http-equiv=Content-Type content="text/html; charset=unicode">
<META content="MSHTML 6.00.6000.16481" name=GENERATOR></HEAD>
<BODY>
<DIV id=idOWAReplyText28867 dir=ltr>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>Some of the options when not properly configured in  Stream5 and Stream4 cause segfaulting.</FONT></DIV>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>This is similar to some of the fixes made before. Not a big deal as the segfaulting is happening as the conf is parsed, but this will prevent that and display messages useful to the user as to where they went wrong.</FONT></DIV>
<DIV dir=ltr> </DIV>
<DIV dir=ltr><FONT size=2>
<P>diff -Naur snort-2.7.0-old/src/preprocessors/spp_stream4.c snort-2.7.0/src/preprocessors/spp_stream4.c<BR>--- snort-2.7.0-old/src/preprocessors/spp_stream4.c 2007-07-03 14:41:46.000000000 -0600<BR>+++ snort-2.7.0/src/preprocessors/spp_stream4.c 2007-07-24 00:04:29.000000000 -0600<BR>@@ -1151,7 +1151,15 @@<BR>         }<BR>         else if(!strcasecmp(stoks[0], "timeout"))<BR>         {<BR>-            if(isdigit((int)stoks[1][0]))<BR>+            if(!stoks[1])<BR>+            {<BR>+                LogMessage("WARNING %s(%d) => Missing timeout in config file, "<BR>+                           "defaulting to %d seconds\n", file_name, file_line, <BR>+                           PRUNE_QUANTA);<BR>+<BR>+                s4data.timeout = PRUNE_QUANTA;<BR>+            }<BR>+            else if(isdigit((int)stoks[1][0]))<BR>             {<BR>                 s4data.timeout = atoi(stoks[1]);<BR>             }<BR>@@ -1166,7 +1174,12 @@<BR>         }<BR>         else if(!strcasecmp(stoks[0], "memcap"))<BR>         {<BR>-            if(isdigit((int)stoks[1][0]))<BR>+            if(!stoks[1]) <BR>+            {<BR>+                FatalError("%s(%d) => Missing memcap in config file\n",<BR>+                           file_name, file_line);<BR>+            }<BR>+            else if(isdigit((int)stoks[1][0]))<BR>             {<BR>                 s4data.memcap = atoi(stoks[1]);<BR> <BR>@@ -1181,13 +1194,18 @@<BR>             }<BR>             else<BR>             {<BR>-                FatalError("%s(%d) => Bad memcap in config file, %d\n",<BR>+                FatalError("%s(%d) => Bad memcap in config file\n",<BR>                            file_name, file_line);<BR>             }<BR>         }<BR>         else if(!strcasecmp(stoks[0], "max_sessions"))<BR>         {<BR>-            if(isdigit((int)stoks[1][0]))<BR>+            if(!stoks[1])<BR>+            {<BR>+                FatalError("%s(%d) => Missing max_sessions in config file\n",<BR>+                           file_name, file_line);<BR>+            }<BR>+            else if(isdigit((int)stoks[1][0]))<BR>             {<BR>                 s4data.max_sessions = atoi(stoks[1]);<BR> <BR>@@ -1202,8 +1220,8 @@<BR>             }<BR>             else<BR>             {<BR>-                FatalError("%s(%d) => Bad max_sessions in config file, %d\n",<BR>-                           file_name, file_line);<BR>+                FatalError("%s(%d) => Bad max_sessions in config file\n",<BR>+                           file_name, file_line]);<BR>             }<BR>         }<BR> #ifdef STREAM4_UDP<BR>@@ -1213,7 +1231,12 @@<BR>         }<BR>         else if(!strcasecmp(stoks[0], "max_udp_sessions"))<BR>         {<BR>-            if(isdigit((int)stoks[1][0]))<BR>+            if(!stoks[1]) <BR>+            {<BR>+                FatalError("%s(%d) => Missing max_udp_sessions in config file\n",<BR>+                           file_name, file_line);<BR>+            }<BR>+            else if(isdigit((int)stoks[1][0]))<BR>             {<BR>                 s4data.max_udp_sessions = atoi(stoks[1]);<BR> <BR>@@ -1228,7 +1251,7 @@<BR>             }<BR>             else<BR>             {<BR>-                FatalError("%s(%d) => Bad max_udp_sessions in config file, %d\n",<BR>+                FatalError("%s(%d) => Bad max_udp_sessions in config file\n",<BR>                            file_name, file_line);<BR>             }<BR>         }<BR>@@ -1262,7 +1285,12 @@<BR> #endif<BR>         else if(!strcasecmp(stoks[0], "cache_clean_sessions"))<BR>         {<BR>-            if(isdigit((int)stoks[1][0]))<BR>+            if(!stoks[1]) <BR>+            {<BR>+                FatalError("%s(%d) => Missing cache cleanup value in "<BR>+                           "config file\n", file_name, file_line);<BR>+            }<BR>+            else if(isdigit((int)stoks[1][0]))<BR>             {<BR>                 s4data.cache_clean_sessions = atoi(stoks[1]);<BR>                 if (s4data.cache_clean_sessions < 1)<BR>@@ -1278,7 +1306,6 @@<BR>             {<BR>                 FatalError("%s(%d) => Bad cache cleanup value in "<BR>                            "config file\n", file_name, file_line);<BR>-<BR>             }<BR>         }<BR>         else if(!strcasecmp(stoks[0], "ttl_limit"))<BR>@@ -1312,7 +1339,15 @@<BR>         }<BR>         else if(!strcasecmp(stoks[0], "self_preservation_threshold"))<BR>         {<BR>-            if(isdigit((int)stoks[1][0]))<BR>+            if(!stoks[1]) <BR>+            {<BR>+                LogMessage("WARNING %s(%d) => Missing sp_threshold in config file, "<BR>+                           "defaulting to %d new sessions/second\n", file_name, <BR>+                           file_line, SELF_PRES_THRESHOLD);<BR>+<BR>+                s4data.sp_threshold = SELF_PRES_THRESHOLD;<BR>+            }<BR>+            else if(isdigit((int)stoks[1][0]))<BR>             {<BR>                 s4data.sp_threshold = atoi(stoks[1]);<BR>             }<BR>@@ -1327,11 +1362,20 @@<BR>         }<BR>         else if(!strcasecmp(stoks[0], "self_preservation_period"))<BR>         {<BR>-            if(isdigit((int)stoks[1][0]))<BR>+            if(!stoks[1])   <BR>+            {<BR>+                LogMessage("WARNING %s(%d) => Missing sp_period in config file, "<BR>+                           "defaulting to %d seconds\n", file_name, file_line, <BR>+                           SELF_PRES_PERIOD);<BR>+<BR>+                s4data.sp_period = SELF_PRES_PERIOD;<BR>+            }<BR>+            else if(isdigit((int)stoks[1][0]))<BR>             {<BR>                 s4data.sp_period = atoi(stoks[1]);<BR>             }<BR>-            else            {<BR>+            else   <BR>+            {<BR>                 LogMessage("WARNING %s(%d) => Bad sp_period in config file, "<BR>                            "defaulting to %d seconds\n", file_name, file_line, <BR>                            SELF_PRES_PERIOD);<BR>@@ -1341,7 +1385,15 @@<BR>         }<BR>         else if(!strcasecmp(stoks[0], "suspend_threshold"))<BR>         {<BR>-            if(isdigit((int)stoks[1][0]))<BR>+            if(!stoks[1]) <BR>+            {<BR>+                LogMessage("WARNING %s(%d) => Missing suspend_threshold in config "<BR>+                        "file, defaulting to %d new sessions/second\n", <BR>+                        file_name, file_line, SUSPEND_THRESHOLD);<BR>+<BR>+                s4data.suspend_threshold = SUSPEND_THRESHOLD;<BR>+            }<BR>+            else if(isdigit((int)stoks[1][0]))<BR>             {<BR>                 s4data.suspend_threshold = atoi(stoks[1]);<BR>             }<BR>@@ -1356,7 +1408,15 @@<BR>         }<BR>         else if(!strcasecmp(stoks[0], "suspend_period"))<BR>         {<BR>-            if(isdigit((int)stoks[1][0]))<BR>+            if(!stoks[1]) <BR>+            {<BR>+                LogMessage("WARNING %s(%d) => Missing suspend_period in config file, "<BR>+                           "defaulting to %d seconds\n", file_name, file_line, <BR>+                           SUSPEND_PERIOD);<BR>+<BR>+                s4data.suspend_period = SUSPEND_PERIOD;<BR>+            }<BR>+            else if(isdigit((int)stoks[1][0]))<BR>             {<BR>                 s4data.suspend_period = atoi(stoks[1]);<BR>             }<BR>@@ -1390,7 +1450,12 @@<BR>         }<BR>         else if(!strcasecmp(stoks[0], "server_inspect_limit"))<BR>         {<BR>-            if(isdigit((int)stoks[1][0]))<BR>+            if(!stoks[1]) <BR>+            {<BR>+                FatalError("WARNING %s(%d) => Missing server_inspect_limit in "<BR>+                           "config file\n", file_name, file_line);<BR>+            }<BR>+            else if(isdigit((int)stoks[1][0]))<BR>             {<BR>                 s4data.server_inspect_limit = atoi(stoks[1]);<BR>             }<BR>@@ -1411,7 +1476,6 @@<BR>         }<BR> <BR>         mSplitFree(&stoks, s_toks);<BR>-<BR>         i++;<BR>     }<BR> <BR>diff -Naur snort-2.7.0-old/src/preprocessors/Stream5/snort_stream5_tcp.c snort-2.7.0/src/preprocessors/Stream5/snort_stream5_tcp.c<BR>--- snort-2.7.0-old/src/preprocessors/Stream5/snort_stream5_tcp.c 2007-07-06 09:32:07.000000000 -0600<BR>+++ snort-2.7.0/src/preprocessors/Stream5/snort_stream5_tcp.c 2007-07-23 23:50:28.000000000 -0600<BR>@@ -972,6 +972,11 @@<BR>             }<BR>             else if(!strcasecmp(stoks[0], "policy"))<BR>             {<BR>+                if (!stoks[1] || (endPtr == &stoks[1][0]))<BR>+                {<BR>+                    FatalError("%s(%d) => Invalid Policy in config file. A Policy ID is required\n", file_name, file_line);<BR>+                }<BR>+<BR>                 s5TcpPolicy->policy = StreamPolicyIdFromName(stoks[1]);<BR> <BR>                 if ((s5TcpPolicy->policy == STREAM_POLICY_DEFAULT) &&<BR>@@ -1025,6 +1030,11 @@<BR>             }<BR>             else if(!strcasecmp(stoks[0], "bind_to"))<BR>             {<BR>+                if (!stoks[1] || (endPtr == &stoks[1][0]))<BR>+                {<BR>+                    FatalError("%s(%d) => Invalid Bind To address space in config file. IP address or network required\n", file_name, file_line);<BR>+                }<BR>+<BR>                 s5TcpPolicy->bound_addrs = IpAddrSetParse(stoks[1]);<BR>                 if (s_toks > 2)<BR>                 {<BR></P>
<P> </P>
<P> </P>
<P>//Joel </P></FONT></DIV>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2></FONT> </DIV></DIV>
<DIV id=idSignature15877 dir=ltr>
<DIV><FONT face=Arial color=#000000 size=2><SPAN style="FONT-WEIGHT: bold; FONT-SIZE: 7.5pt; COLOR: black; FONT-FAMILY: Verdana">StillSecure</SPAN><B><FONT face=Verdana size=1><SPAN style="FONT-WEIGHT: bold; FONT-SIZE: 7.5pt; FONT-FAMILY: Verdana"><BR></SPAN></FONT></B><FONT face=Verdana color=black size=1><SPAN style="FONT-SIZE: 7.5pt; COLOR: black; FONT-FAMILY: Verdana">Joel Ebrahimi<BR>Senior Software Engineer</SPAN></FONT></FONT></DIV><FONT face=Arial color=#000000 size=2><FONT face=Verdana color=black size=1><SPAN style="FONT-SIZE: 7.5pt; COLOR: black; FONT-FAMILY: Verdana">
<DIV><BR></SPAN></FONT><FONT face=Verdana color=black size=1><SPAN style="FONT-SIZE: 7.5pt; COLOR: black; FONT-FAMILY: Verdana"><FONT color=#ff8000>C</FONT> 805.570.8311<BR></SPAN></FONT></DIV>
<DIV><FONT face=Verdana color=black size=1><SPAN style="FONT-SIZE: 7.5pt; COLOR: black; FONT-FAMILY: Verdana"><A href="https://webmail.latis.com/exchweb/bin/redir.asp?URL=http://www.stillsecure.com/" target=_blank><FONT color=#0000ff>http://www.stillsecure.com/</FONT></A><FONT face=Verdana size=1><SPAN style="FONT-SIZE: 7.5pt; COLOR: #006633; FONT-FAMILY: Verdana"><BR></SPAN></FONT><I><FONT face=Verdana color=#666666 size=1><SPAN style="FONT-SIZE: 7.5pt; COLOR: #666666; FONT-STYLE: italic; FONT-FAMILY: Verdana">The information transmitted is intended only for the person<BR>to whom it is addressed and may contain confidential material.<BR>Review or other use of this information by persons other than<BR>the intended recipient is prohibited. If you've received<BR>this in error, please contact the sender and delete<BR>from any computer. </SPAN></FONT></I>
<DIV class=MsoNormal><FONT face=Arial size=3><SPAN style="FONT-SIZE: 12pt"></SPAN></FONT> </DIV></DIV></SPAN></FONT></FONT></DIV></BODY></HTML>