[Snort-openappid] Deprecated library calls in appID for Snort-2.9.7.0-alpha

Costas Kleopa (ckleopa) ckleopa at ...5...
Mon Mar 10 15:01:17 EDT 2014


Bill,

Thanks for the patches and update on the issues below. We will bug this change internally.

Thanks
Costas

From: Bill Parker <wp02855 at ...8...<mailto:wp02855 at ...8...>>
Date: Monday, March 10, 2014 at 12:36 PM
To: <snort-team at ...4...<mailto:snort-team at ...4...>>
Subject: Deprecated library calls in appID for Snort-2.9.7.0-alpha

Hi All,

   In reviewing the code under 'src/dynamic-preprocessors/appid'
in files 'luaDetectorApi.c' and 'luaDetectorFlowApi.c', I found
instances where bzero() was called, but per the unix/linux man
page for bzero(), this is deprecated.  The patch files below
replaces the calls to bzero() with memset(), which is current:

--- luaDetectorApi.c.orig       2014-03-09 18:35:09.650653721 -0700
+++ luaDetectorApi.c    2014-03-09 18:36:17.374261043 -0700
@@ -106,7 +106,7 @@
 #ifdef LUA_DETECTOR_DEBUG
         _dpd.debugMsg(DEBUG_LOG,"DetectorUserData %p: allocated\n\n",bar);
 #endif
-      bzero(bar, sizeof(*bar));
+      memset(bar, 0, sizeof(*bar)); /* bzero() deprecated, replaced with memset() */

       if ((bar->pDetector = (Detector *)calloc(1, sizeof(Detector))) == NULL)
       {

--- luaDetectorFlowApi.c.orig   2014-03-09 18:37:08.735788829 -0700
+++ luaDetectorFlowApi.c        2014-03-09 18:37:54.733634919 -0700
@@ -73,7 +73,7 @@
 #ifdef LUA_DETECTOR_DEBUG
         _dpd.debugMsg(DEBUG_LOG,"DetectotFlowUserData %p: allocated\n\n",pLuaData);
 #endif
-        bzero(pLuaData, sizeof(*pLuaData));
+       memset(pLuaData, 0, sizeof(*pLuaData)); /* bzero() deprecated, replaced with memset() */

         if ((pLuaData->pDetectorFlow = (DetectorFlow *)calloc(1, sizeof(DetectorFlow))) == NULL)
         {


In 'src/dynamic-preprocessors/file', file 'file_agent.c', I found a
deprecated call to bcopy(), which has been changed to use memcpy(),
which is current.  The patch is below:

--- file_agent.c.orig   2014-03-09 18:50:09.006957282 -0700
+++ file_agent.c        2014-03-09 18:51:47.023414670 -0700
@@ -124,8 +124,8 @@

     memset(&serv_addr, 0, sizeof(serv_addr));
     serv_addr.sin_family = AF_INET;
-    bcopy((char *)server->h_addr, (char *)&serv_addr.sin_addr.s_addr,
-            server->h_length);
+    memcpy((char *)&serv_addr.sin_addr.s_addr, (char *)server->h_addr,
+           server->h_length);
     serv_addr.sin_port = htons(portno);

     if (connect(sockfd,(struct sockaddr *) &serv_addr,sizeof(serv_addr)) < 0)


I am attaching the patch files to this email.

A 'make' results in a clean compile for the patch files above.

Bill Parker (wp02855 at gmail dot com)

Ho, Ha, Ha, Guard, Turn, Parry, Dodge, Spin, Ha, Thrust! (robin hood daffy)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20140310/e076e1a5/attachment.html>


More information about the Snort-openappid mailing list