From d2920048801b68d6075ff9672710c4a1f59e4707 Mon Sep 17 00:00:00 2001 From: Eric Leblond Date: Fri, 21 Sep 2012 23:26:53 +0200 Subject: [PATCH] Add some missing checks of SCStrdup return. --- src/conf.c | 10 ++++++++++ src/detect-engine-address.c | 2 ++ src/detect-engine-iponly.c | 2 ++ src/detect-engine-port.c | 3 +++ src/detect-id.c | 4 ++-- src/detect-ssl-version.c | 4 ++-- src/detect-tls-version.c | 4 ++-- src/detect-tls.c | 12 ++++++------ src/detect.c | 4 ++++ src/runmode-erf-file.c | 4 ++++ src/runmode-napatech.c | 33 +++++++++++++++++++++++++++++++++ src/runmode-pcap-file.c | 8 ++++++++ src/runmodes.c | 8 ++++++++ src/util-runmodes.c | 25 ++++++++++++++++++++++++- 14 files changed, 110 insertions(+), 13 deletions(-) diff --git a/src/conf.c b/src/conf.c index 3f04723f40..dd11948a1e 100644 --- a/src/conf.c +++ b/src/conf.c @@ -129,6 +129,9 @@ ConfGetNode(char *key) /* Need to dup the key for tokenization... */ char *tokstr = SCStrdup(key); + if (tokstr == NULL) { + return NULL; + } #if defined(__WIN32) || defined(_WIN32) token = strtok(tokstr, "."); @@ -195,6 +198,9 @@ ConfSet(char *name, char *val, int allow_override) } else { char *tokstr = SCStrdup(name); + if (tokstr == NULL) { + return 0; + } #if defined(__WIN32) || defined(_WIN32) token = strtok(tokstr, "."); #else @@ -727,9 +733,13 @@ char *ConfLoadCompleteIncludePath(char *file) strlcat(path, file, path_len); } else { path = SCStrdup(file); + if (path == NULL) + return NULL; } } else { path = SCStrdup(file); + if (path == NULL) + return NULL; } return path; } diff --git a/src/detect-engine-address.c b/src/detect-engine-address.c index 8c120f32bf..001fd7ba85 100644 --- a/src/detect-engine-address.c +++ b/src/detect-engine-address.c @@ -602,6 +602,8 @@ int DetectAddressParseString(DetectAddress *dd, char *str) char *mask = NULL; int r = 0; + if (ipdup == NULL) + return -1; SCLogDebug("str %s", str); /* first handle 'any' */ diff --git a/src/detect-engine-iponly.c b/src/detect-engine-iponly.c index 21cafc735f..355b2b4ef7 100644 --- a/src/detect-engine-iponly.c +++ b/src/detect-engine-iponly.c @@ -108,6 +108,8 @@ static int IPOnlyCIDRItemParseSingle(IPOnlyCIDRItem *dd, char *str) char *mask = NULL; int r = 0; + if (ipdup == NULL) + return -1; SCLogDebug("str %s", str); /* first handle 'any' */ diff --git a/src/detect-engine-port.c b/src/detect-engine-port.c index b242018560..afa7e88bdb 100644 --- a/src/detect-engine-port.c +++ b/src/detect-engine-port.c @@ -1383,6 +1383,9 @@ DetectPort *PortParse(char *str) { char *port2 = NULL; DetectPort *dp = NULL; + if (portdup == NULL) { + return NULL; + } dp = DetectPortInit(); if (dp == NULL) goto error; diff --git a/src/detect-id.c b/src/detect-id.c index 1627810f02..a7973b15fb 100644 --- a/src/detect-id.c +++ b/src/detect-id.c @@ -165,10 +165,10 @@ DetectIdData *DetectIdParse (char *idstr) goto error; orig = SCStrdup((char*)str_ptr); - tmp_str=orig; - if (tmp_str == NULL) { + if (orig == NULL) { goto error; } + tmp_str=orig; /* Let's see if we need to scape "'s */ if (tmp_str[0] == '"') diff --git a/src/detect-ssl-version.c b/src/detect-ssl-version.c index 292c345cfd..186769f5d3 100644 --- a/src/detect-ssl-version.c +++ b/src/detect-ssl-version.c @@ -224,10 +224,10 @@ DetectSslVersionData *DetectSslVersionParse(char *str) } orig = SCStrdup((char*) str_ptr[i]); - tmp_str = orig; - if (tmp_str == NULL) { + if (orig == NULL) { goto error; } + tmp_str = orig; /* Let's see if we need to scape "'s */ if (tmp_str[0] == '"') { diff --git a/src/detect-tls-version.c b/src/detect-tls-version.c index b356bfdeae..f4435c3e97 100644 --- a/src/detect-tls-version.c +++ b/src/detect-tls-version.c @@ -179,10 +179,10 @@ DetectTlsVersionData *DetectTlsVersionParse (char *str) goto error; orig = SCStrdup((char*)str_ptr); - tmp_str=orig; - if (tmp_str == NULL) { + if (orig == NULL) { goto error; } + tmp_str=orig; /* Let's see if we need to scape "'s */ if (tmp_str[0] == '"') diff --git a/src/detect-tls.c b/src/detect-tls.c index a54c5ba8ce..ae48b3607b 100644 --- a/src/detect-tls.c +++ b/src/detect-tls.c @@ -284,10 +284,10 @@ static DetectTlsData *DetectTlsSubjectParse (char *str) tls->flags = flag; orig = SCStrdup((char*)str_ptr); - tmp_str=orig; - if (tmp_str == NULL) { + if (orig == NULL) { goto error; } + tmp_str=orig; /* Let's see if we need to escape "'s */ if (tmp_str[0] == '"') { @@ -483,10 +483,10 @@ static DetectTlsData *DetectTlsIssuerDNParse(char *str) tls->flags = flag; orig = SCStrdup((char*)str_ptr); - tmp_str=orig; - if (tmp_str == NULL) { + if (orig == NULL) { goto error; } + tmp_str=orig; /* Let's see if we need to escape "'s */ if (tmp_str[0] == '"') @@ -619,10 +619,10 @@ static DetectTlsData *DetectTlsFingerprintParse (char *str) tls->flags = flag; orig = SCStrdup((char*)str_ptr); - tmp_str=orig; - if (tmp_str == NULL) { + if (orig == NULL) { goto error; } + tmp_str=orig; /* Let's see if we need to escape "'s */ if (tmp_str[0] == '"') diff --git a/src/detect.c b/src/detect.c index f76f0b4db4..0f64639731 100644 --- a/src/detect.c +++ b/src/detect.c @@ -257,9 +257,13 @@ char *DetectLoadCompleteSigPath(char *sig_file) strlcat(path, sig_file, path_len); } else { path = SCStrdup(sig_file); + if (path == NULL) + return NULL; } } else { path = SCStrdup(sig_file); + if (path == NULL) + return NULL; } return path; } diff --git a/src/runmode-erf-file.c b/src/runmode-erf-file.c index 3d11aefaf7..b514944757 100644 --- a/src/runmode-erf-file.c +++ b/src/runmode-erf-file.c @@ -210,6 +210,10 @@ int RunModeErfFileAutoFp(DetectEngineCtx *de_ctx) SCLogDebug("tname %s, qname %s", tname, qname); char *thread_name = SCStrdup(tname); + if (thread_name == NULL) { + printf("ERROR: Can't allocate thread name\n"); + exit(EXIT_FAILURE); + } SCLogDebug("Assigning %s affinity to cpu %u", thread_name, cpu); ThreadVars *tv_detect_ncpu = diff --git a/src/runmode-napatech.c b/src/runmode-napatech.c index 170386f1d7..cbc11221ad 100644 --- a/src/runmode-napatech.c +++ b/src/runmode-napatech.c @@ -95,12 +95,25 @@ int RunModeNapatechAuto(DetectEngineCtx *de_ctx) { for (feed=0; feed < feed_count; feed++) { snprintf(tname, sizeof(tname),"%"PRIu16":%"PRIu16, adapter, feed); feedName = SCStrdup(tname); + if (feedName == NULL) { + fprintf(stderr, "ERROR: Alloc feed name\n"); + exit(EXIT_FAILURE); + } snprintf(tname, sizeof(tname),"Feed%"PRIu16,feed); threadName = SCStrdup(tname); + if (threadName == NULL) { + fprintf(stderr, "ERROR: Alloc thread name\n"); + exit(EXIT_FAILURE); + } + snprintf(tname, sizeof(tname),"feed-queue%"PRIu16,feed); outQueueName = SCStrdup(tname); + if (outQueueName == NULL) { + fprintf(stderr, "ERROR: Alloc output queue name\n"); + exit(EXIT_FAILURE); + } /* create the threads */ ThreadVars *tv_napatechFeed = TmThreadCreatePacketHandler(threadName,"packetpool", @@ -149,8 +162,16 @@ int RunModeNapatechAuto(DetectEngineCtx *de_ctx) { { snprintf(tname, sizeof(tname),"Detect%"PRIu16"/%"PRIu16,feed,detect++); threadName = SCStrdup(tname); + if (threadName == NULL) { + fprintf(stderr, "ERROR: can not strdup thread name\n"); + exit(EXIT_FAILURE); + } snprintf(tname, sizeof(tname),"feed-queue%"PRIu16,feed); inQueueName = SCStrdup(tname); + if (inQueueName == NULL) { + fprintf(stderr, "ERROR: can not strdup in queue name\n"); + exit(EXIT_FAILURE); + } ThreadVars *tv_detect = TmThreadCreatePacketHandler(threadName, inQueueName,"simple", @@ -241,12 +262,24 @@ int RunModeNapatechAuto2(DetectEngineCtx *de_ctx) { for (feed=0; feed < feed_count; feed++) { snprintf(tname, sizeof(tname),"%"PRIu16":%"PRIu16, adapter, feed); feedName = SCStrdup(tname); + if (feedName == NULL) { + fprintf(stderr, "ERROR: can not strdup feed name\n"); + exit(EXIT_FAILURE); + } snprintf(tname, sizeof(tname),"Feed%"PRIu16,feed); threadName = SCStrdup(tname); + if (threadName == NULL) { + fprintf(stderr, "ERROR: can not strdup in thread name\n"); + exit(EXIT_FAILURE); + } snprintf(tname, sizeof(tname),"feed-queue%"PRIu16,feed); outQueueName = SCStrdup(tname); + if (outQueueName == NULL) { + fprintf(stderr, "ERROR: can not strdup out queue name\n"); + exit(EXIT_FAILURE); + } /* create the threads */ ThreadVars *tv_napatechFeed = TmThreadCreatePacketHandler(threadName,"packetpool", diff --git a/src/runmode-pcap-file.c b/src/runmode-pcap-file.c index 4128b02e6c..9829b8eee0 100644 --- a/src/runmode-pcap-file.c +++ b/src/runmode-pcap-file.c @@ -293,6 +293,10 @@ int RunModeFilePcapAuto(DetectEngineCtx *de_ctx) snprintf(tname, sizeof(tname), "Detect%"PRIu16, thread+1); char *thread_name = SCStrdup(tname); + if (thread_name == NULL) { + printf("ERROR: Can not strdup thread name\n"); + exit(EXIT_FAILURE); + } SCLogDebug("Assigning %s affinity to cpu %u", thread_name, cpu); ThreadVars *tv_detect_ncpu = @@ -456,6 +460,10 @@ int RunModeFilePcapAutoFp(DetectEngineCtx *de_ctx) SCLogDebug("tname %s, qname %s", tname, qname); char *thread_name = SCStrdup(tname); + if (thread_name == NULL) { + printf("ERROR: Can not strdup thread name\n"); + exit(EXIT_FAILURE); + } SCLogDebug("Assigning %s affinity to cpu %u", thread_name, cpu); ThreadVars *tv_detect_ncpu = diff --git a/src/runmodes.c b/src/runmodes.c index 9fab3ee783..4802eb8eba 100644 --- a/src/runmodes.c +++ b/src/runmodes.c @@ -276,6 +276,10 @@ void RunModeDispatch(int runmode, const char *custom_mode, DetectEngineCtx *de_c SCLogWarning(SC_ERR_RUNMODE, "'worker' mode have been renamed " "to 'workers', please modify your setup."); custom_mode = SCStrdup("workers"); + if (unlikely(custom_mode == NULL)) { + SCLogError(SC_ERR_MEM_ALLOC, "Unable to dup custom mode"); + exit(EXIT_FAILURE); + } } } @@ -290,6 +294,10 @@ void RunModeDispatch(int runmode, const char *custom_mode, DetectEngineCtx *de_c /* Export the custom mode */ active_runmode = SCStrdup(custom_mode); + if (unlikely(active_runmode == NULL)) { + SCLogError(SC_ERR_MEM_ALLOC, "Unable to dup active mode"); + exit(EXIT_FAILURE); + } mode->RunModeFunc(de_ctx); diff --git a/src/util-runmodes.c b/src/util-runmodes.c index 6e37ad8603..68ff4cb81d 100644 --- a/src/util-runmodes.c +++ b/src/util-runmodes.c @@ -797,6 +797,10 @@ int RunModeSetIPSAuto(DetectEngineCtx *de_ctx, snprintf(tname, sizeof(tname), "Recv-Q%s", cur_queue); char *thread_name = SCStrdup(tname); + if (unlikely(thread_name == NULL)) { + printf("ERROR: Can't create thread name failed\n"); + exit(EXIT_FAILURE); + } ThreadVars *tv_receivenfq = TmThreadCreatePacketHandler(thread_name, "packetpool", "packetpool", @@ -866,6 +870,10 @@ int RunModeSetIPSAuto(DetectEngineCtx *de_ctx, snprintf(tname, sizeof(tname), "Detect%"PRIu16, thread+1); char *thread_name = SCStrdup(tname); + if (unlikely(thread_name == NULL)) { + printf("ERROR: thead name creation failed\n"); + exit(EXIT_FAILURE); + } SCLogDebug("Assigning %s affinity", thread_name); ThreadVars *tv_detect_ncpu = @@ -906,6 +914,10 @@ int RunModeSetIPSAuto(DetectEngineCtx *de_ctx, snprintf(tname, sizeof(tname), "Verdict%"PRIu16, i); char *thread_name = SCStrdup(tname); + if (unlikely(thread_name == NULL)) { + printf("ERROR: thead name creation failed\n"); + exit(EXIT_FAILURE); + } ThreadVars *tv_verdict = TmThreadCreatePacketHandler(thread_name, "verdict-queue", "simple", @@ -1005,7 +1017,10 @@ int RunModeSetIPSAutoFp(DetectEngineCtx *de_ctx, snprintf(tname, sizeof(tname), "Recv-Q%s", cur_queue); char *thread_name = SCStrdup(tname); - + if (unlikely(thread_name == NULL)) { + printf("ERROR: thead name creation failed\n"); + exit(EXIT_FAILURE); + } ThreadVars *tv_receive = TmThreadCreatePacketHandler(thread_name, "packetpool", "packetpool", @@ -1094,6 +1109,10 @@ int RunModeSetIPSAutoFp(DetectEngineCtx *de_ctx, snprintf(tname, sizeof(tname), "Verdict%"PRIu16, i); char *thread_name = SCStrdup(tname); + if (unlikely(thread_name == NULL)) { + SCLogError(SC_ERR_RUNMODE, "Error allocating memory"); + exit(EXIT_FAILURE); + } ThreadVars *tv_verdict = TmThreadCreatePacketHandler(thread_name, "verdict-queue", "simple", @@ -1151,6 +1170,10 @@ int RunModeSetIPSWorker(DetectEngineCtx *de_ctx, snprintf(tname, sizeof(tname), "Worker-Q%s", cur_queue); char *thread_name = SCStrdup(tname); + if (unlikely(thread_name == NULL)) { + SCLogError(SC_ERR_RUNMODE, "Error allocating memory"); + exit(EXIT_FAILURE); + } tv = TmThreadCreatePacketHandler(thread_name, "packetpool", "packetpool", "packetpool", "packetpool",