Actions
Bug #7270
closed
AS
AS
conf: nullptr dereference if mem alloc fails for a node in yaml parser
Bug #7270:
conf: nullptr dereference if mem alloc fails for a node in yaml parser
Affected Versions:
Effort:
low
Difficulty:
low
Label:
Beginner
Description
conf-yaml-loader.c:334 is instruction with allocation of new node, which could return nullptr in case of unsuccessful allocation and this could potentially lead to dereference of nullptr in some(pretty rare) cases
ConfNode *existing = ConfNodeLookupChild(parent, value);
if (existing != NULL) {
if (!existing->final) {
SCLogInfo("Configuration node '%s' redefined.", existing->name);
ConfNodePrune(existing);
}
node = existing;
} else {
node = ConfNodeNew(); <---- Allocation result is not checked
node->name = SCStrdup(value);
node->parent = parent;
JI Updated by Jason Ish over 1 year ago
- Status changed from New to In Review
JI Updated by Jason Ish over 1 year ago
- Label Needs backport to 7.0 added
PA Updated by Philippe Antoine over 1 year ago
- Target version changed from TBD to 8.0.0-beta1
OT Updated by OISF Ticketbot over 1 year ago
- Subtask #7294 added
OT Updated by OISF Ticketbot over 1 year ago
- Label deleted (
Needs backport to 7.0)
JF Updated by Juliana Fajardini Reichow over 1 year ago
- Status changed from In Review to Resolved
Merged PR: https://github.com/OISF/suricata/pull/11847
JF Updated by Juliana Fajardini Reichow over 1 year ago
- Status changed from Resolved to Closed
JF Updated by Juliana Fajardini Reichow over 1 year ago
- Subject changed from yaml: Possible dereference of nullptr in case of unsuccess allocation of memory for node in yaml parser to conf: nullptr dereference if mem alloc fails for a node in yaml parser
Actions