Project

General

Profile

Actions

Bug #309

closed

Mitigate dangerous macros: util-mem.h, decode.h, suricata.h, stream-tcp.c

Added by Mike Pomraning over 11 years ago. Updated over 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:

Description

The attached patches address several unsafe or broken macros in 1.1beta2 (rev 2f2eb72)

  1. SCStrdup with -DDBG_MEM_ALLOC broken/unsafe: references a "len" variable not in private scope
  2. Several macro replacement lists are not parenthesized
  3. Many, many macro parameters are not parenthesized when referenced
  4. Some statement-style macros were not do/while(0) idioms, and so could not be used anywhere a statement could

No. 2 is of course a problem when we

#define FOO  default_packet_size - 1
and later compute
FOO * 5
.

No. 3 are especially dangerous breakages waiting to happen, and are what the CERT C Secure Coding Standard calls PRE01-C. Example:

#define SCCalloc(nm, a) \
  ... \
  global_mem += a*nm \   <-- wrong for SCCalloc(1024, 2 + 0)
  ... \ 

And similarly for pointer dereferences in macros, etc. In all, these patches bring some macros in line with the better-written macros in Suricata.


Files

Actions #1

Updated by Mike Pomraning over 11 years ago

Updated patch for safe macros: decode.h, defrag.c, flow.c, queue.h, stream-tcp.c, suricata.h, tm-threads.c, util-cuda.c, util-mem.h, util-mpm-ac-gfbs.c, util-mpm-ac.c, util-mpm-b2g-cuda.c

Actions #2

Updated by Victor Julien over 11 years ago

Thanks Mike. Can you submit the patch as a git patch?

Actions #4

Updated by Victor Julien over 11 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

Applied, thanks Mike!

Actions

Also available in: Atom PDF