Snort mailing list archives

Re: Unchecked call to stat() in src/util.c for Snort-2.9.5.3

From: Russ Combs <rcombs () sourcefire com>
Date: Thu, 8 Aug 2013 10:32:22 -0400

Thanks Bill.  Bug filed.

On Wed, Aug 7, 2013 at 12:33 PM, Bill Parker <wp02855 () gmail com> wrote:

Hello All,

In reviewing snort-2.9.5.3, I found some calls to stat()
without return value checks testing for a value of less than
zero, indicating failure.

The patch file below adds this test for file src/util.c:

--- util.c.orig 2013-08-06 16:07:42.274552534 -0700
+++ util.c      2013-08-06 16:15:36.051551155 -0700
@@ -781,14 +781,20 @@
                        "system\n", _PATH_VARRUN);
 #endif  /* _PATH_VARRUN */

-            stat(_PATH_VARRUN, &pt);
+            if (stat(_PATH_VARRUN, &pt) == -1)
+           {
+               LogMessage("WARNING: Unable to stat() /var/run...\n");
+           }

             if(!S_ISDIR(pt.st_mode) || access(_PATH_VARRUN, W_OK) == -1)
             {
                 LogMessage("WARNING: _PATH_VARRUN is invalid, trying "
                            "/var/log/ ...\n");
                 SnortStrncpy(snort_conf->pid_path, "/var/log/",
sizeof(snort_conf->pid_path));
-                stat(snort_conf->pid_path, &pt);
+                if (stat(snort_conf->pid_path, &pt) == -1)
+               {
+                   LogMessage("WARNING: unable to stat() (%s).\n",
snort_conf->pid_path);
+               }

                 if(!S_ISDIR(pt.st_mode) || access(snort_conf->pid_path,
W_OK) == -1)
                 {

A 'make' results in successful compilation of snort-2.9.5.3.

I am attaching the patch file to this email.

Bill Parker (wp02855 at gmail dot com)


------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead. 
Download for free and get started troubleshooting in minutes. 
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Unchecked call to stat() in src/util.c for Snort-2.9.5.3 Bill Parker (Aug 07)
- Re: Unchecked call to stat() in src/util.c for Snort-2.9.5.3 Russ Combs (Aug 08)