Bug #1443
Updated by Victor Julien about 9 years ago
Hello All,
In reviewing source code in Suricata-2.0.6, in directory
'libhtp/test', file 'test.c', I found an instance where a call
to malloc() is made, without a check for a return value of NULL
which indicates failure. The patch file below corrects this
issue:
<pre>
--- test.c.orig 2015-04-07 13:16:31.699798616 -0700
+++ test.c 2015-04-07 13:18:43.828591506 -0700
@@ -120,6 +120,9 @@
}
test->buf = malloc(buf.st_size * clone_count + clone_count - 1);
+ if (test->buf == NULL) {
+ return -1;
+ }
test->len = 0;
test->pos = 0;
In directory 'src', file 'detect-dce-opnum.c', there are some instances
of the deprecated function call index(), which according to posix
standards, should be replaced by 'strchr()'. The patch file below
corrects this issue:
--- detect-dce-opnum.c.orig 2015-04-07 13:23:46.631076145 -0700
+++ detect-dce-opnum.c 2015-04-07 13:24:29.036465652 -0700
@@ -171,7 +171,7 @@
* once we are done using it */
dup_str_head = dup_str;
dup_str_temp = dup_str;
- while ( (comma_token = index(dup_str, ',')) != NULL) {
+ while ( (comma_token = strchr(dup_str, ',')) != NULL) {
comma_token[0] = '\0';
dup_str = comma_token + 1;
@@ -179,7 +179,7 @@
if (dor == NULL)
goto error;
- if ((hyphen_token = index(dup_str_temp, '-')) != NULL) {
+ if ((hyphen_token = strchr(dup_str_temp, '-')) != NULL) {
hyphen_token[0] = '\0';
hyphen_token++;
dor->range1 = atoi(dup_str_temp);
@@ -210,7 +210,7 @@
if (dor == NULL)
goto error;
- if ( (hyphen_token = index(dup_str, '-')) != NULL) {
+ if ( (hyphen_token = strchr(dup_str, '-')) != NULL) {
hyphen_token[0] = '\0';
hyphen_token++;
dor->range1 = atoi(dup_str);
In directory 'src', file 'util-host-os-info.c', there are some instances
of the deprecated function call index(), which according to posix
standards, should be replaced by 'strchr()'. The patch file below
corrects this issue:
--- util-host-os-info.c.orig 2015-04-07 13:28:20.720911554 -0700
+++ util-host-os-info.c 2015-04-07 13:29:07.043798955 -0700
@@ -160,19 +160,19 @@
}
/* check if we have more addresses in the host_os_ip_range */
- if ((ip_str_rem = index(ip_str, ',')) != NULL) {
+ if ((ip_str_rem = strchr(ip_str, ',')) != NULL) {
ip_str_rem[0] = '\0';
ip_str_rem++;
recursive = TRUE;
}
/* check if we have received a netblock */
- if ( (netmask_str = index(ip_str, '/')) != NULL) {
+ if ( (netmask_str = strchr(ip_str, '/')) != NULL) {
netmask_str[0] = '\0';
netmask_str++;
}
- if (index(ip_str, ':') == NULL) {
+ if (strchr(ip_str, ':') == NULL) {
/* if we are here, we have an IPV4 address */
if ( (ipv4_addr = ValidateIPV4Address(ip_str)) == NULL) {
SCLogError(SC_ERR_INVALID_IPV4_ADDR, "Invalid IPV4 address");
@@ -252,10 +252,10 @@
struct in6_addr *ipv6_addr = NULL;
void *user_data = NULL;
- if (ip_addr_str == NULL || index(ip_addr_str, '/') != NULL)
+ if (ip_addr_str == NULL || strchr(ip_addr_str, '/') != NULL)
return -1;
- if (index(ip_addr_str, ':') != NULL) {
+ if (strchr(ip_addr_str, ':') != NULL) {
if ( (ipv6_addr = ValidateIPV6Address(ip_addr_str)) == NULL) {
SCLogError(SC_ERR_INVALID_IPV4_ADDR, "Invalid IPV4 address");
return -1;
@@ -342,7 +342,7 @@
ConfNode *host;
TAILQ_FOREACH(host, &policy->head, next) {
int is_ipv4 = 1;
- if (index(host->val, ':') != NULL)
+ if (strchr(host->val, ':') != NULL)
is_ipv4 = 0;
if (SCHInfoAddHostOSInfo(policy->name, host->val, is_ipv4) == -1) {
SCLogError(SC_ERR_INVALID_ARGUMENT,
</pre>
In directory 'src', file 'util-radix-tree.c', there are some instances
of the deprecated function call bzero(), which according to posix
standards, should be replaced by 'memset()' (due to length of patch file
I'm not going to list the diff -u here).
I am attaching the patch file(s) to this bug report...
Bill Parker (wp02855 at gmail dot com)
Plenty, and you're welcome to help!
http://suricata-ids.org/participate/