Actions
Bug #2368
closedConf: Multipe NULL-pointer dereferences after ConfGetBool in StreamTcpInitConfig
Affected Versions:
Effort:
Difficulty:
Label:
Description
There are multiple NULL-pointer dereferences after calling ConfGetBool in StreamTcpInitConfig. ConfGetBool calls ConfGet which doesn't check the vptr-argument. This is a sample ASAN-output:
1453ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f2969b83a28 bp 0x7ffdbf613a90 sp 0x7ffdbf613210 T0)#0 0x7f2969b83a27 in strcasecmp (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x51a27)
#1 0x564185accefd in ConfValIsTrue /root/suricata-1/src/conf.c:559
#2 0x564185accb4f in ConfGetBool /root/suricata-1/src/conf.c:512
#3 0x564185dcbe05 in StreamTcpInitConfig /root/suricata-1/src/stream-tcp.c:381
#4 0x564185e21a88 in PreRunInit /root/suricata-1/src/suricata.c:2264
#5 0x564185e24d2c in PostConfLoadedSetup /root/suricata-1/src/suricata.c:2763
#6 0x564185e2570e in main /root/suricata-1/src/suricata.c:2898
#7 0x7f29662cb2b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
#8 0x5641859b6039 in _start (/usr/local/bin/suricata+0xc8039)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x51a27) in strcasecmp
1453ABORTING
Updated by Victor Julien about 7 years ago
- Status changed from New to Closed
- Target version changed from TBD to 4.1beta1
Actions