aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix a potential invalid memory read in the protocol name code used by alert-fastlog.

Browse Source
remotes/origin/master-1.1.x
Victor Julien 15 years ago
parent f92ba23331
commit bac621760e
2 changed files with 17 additions and 12 deletions
Show Stats Download Patch File Download Diff File

15
src/util-proto-name.c
Unescape Escape View File

@ -38,6 +38,7 @@ void SCProtoNameInit()
if (fp != NULL) { if (fp != NULL) {
char line[200]; char line[200];
char *ptr = NULL; char *ptr = NULL;
while(fgets(line, sizeof(line), fp) != NULL) { while(fgets(line, sizeof(line), fp) != NULL) {
if (line[0] == '#') if (line[0] == '#')
continue; continue;
@ -45,14 +46,16 @@ void SCProtoNameInit()
char *name = strtok_r(line," \t", &ptr); char *name = strtok_r(line," \t", &ptr);
if (name == NULL) if (name == NULL)
continue; continue;
char *proto_ch = strtok_r(NULL," \t", &ptr); char *proto_ch = strtok_r(NULL," \t", &ptr);
if (proto_ch == NULL) if (proto_ch == NULL)
continue; continue;
int proto = atoi(proto_ch); int proto = atoi(proto_ch);
if (proto >= 255) if (proto >= 255)
continue; continue;
char *cname = strtok_r(NULL, " \t", &ptr);
char *cname = strtok_r(NULL, " \t", &ptr);
if (cname != NULL) { if (cname != NULL) {
known_proto[proto] = strdup(cname); known_proto[proto] = strdup(cname);
} else { } else {
@ -67,14 +70,14 @@ void SCProtoNameInit()
* \brief Function to check if the received protocol number is valid and do * \brief Function to check if the received protocol number is valid and do
* we have corresponding name entry for this number or not. * we have corresponding name entry for this number or not.
* *
* @param proto Protocol number to be validated * \param proto Protocol number to be validated
* @return On success returns TRUE otherwise FALSE * \retval ret On success returns TRUE otherwise FALSE
*/ */
uint8_t SCProtoNameValid(uint16_t proto) uint8_t SCProtoNameValid(uint16_t proto)
{ {
uint8_t ret = FALSE; uint8_t ret = FALSE;
if ((proto <= 255) && known_proto[proto] != NULL)
{ if (proto <= 255 && known_proto[proto] != NULL) {
ret = TRUE; ret = TRUE;
} }
@ -91,4 +94,4 @@ void SCProtoNameDeInit()
if(known_proto[cnt] != NULL) if(known_proto[cnt] != NULL)
SCFree(known_proto[cnt]); SCFree(known_proto[cnt]);
} }
} }

14
src/util-proto-name.h
Unescape Escape View File

@ -21,16 +21,18 @@
* \author Gurvinder Singh <gurvindersinghdahiya@gmail.com> * \author Gurvinder Singh <gurvindersinghdahiya@gmail.com>
*/ */
#ifndef _UTIL_PROTO_NAME_H #ifndef __UTIL_PROTO_NAME_H__
#define _UTIL_PROTO_NAME_H #define __UTIL_PROTO_NAME_H__
#define PROTO_FILE "/etc/protocols" #define PROTO_FILE "/etc/protocols"
/* Structure to hold the information related to known protocol in /etc/protocols */ /** Lookup array to hold the information related to known protocol
char *known_proto[255]; * in /etc/protocols */
uint8_t SCProtoNameValid(uint16_t ); char *known_proto[256];
uint8_t SCProtoNameValid(uint16_t);
void SCProtoNameInit(void); void SCProtoNameInit(void);
void SCProtoNameDeInit(void); void SCProtoNameDeInit(void);
#endif /* _UTIL_PROTO_NAME_H */ #endif /* __UTIL_PROTO_NAME_H__ */

Write Preview
Loading…
Cancel
Save