Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Possible memory leak in service_ssl.c for snort-2.9.7.x and Snort++?

From: Bill Parker <wp02855 () gmail com>
Date: Thu, 19 Mar 2015 14:47:56 -0700
Hello All,

    In reviewing code in '/src/dynamic-preprocessors/appid/service_plugins'
file 'service_ssl.c', I found a call to malloc() while checked for a return
value of NULL, a return SERVICE_ENOMEM; executed immediately upon failure,
but variable 'ss' was previously assigned memory by a call to calloc() at
line 629 in function 'MakeRNAServiceValidationPrototype', should it not
be released prior to the return SERVICE_ENOMEM;?  The patch file below
corrects this issue:

--- service_ssl.c.orig  2015-03-19 10:09:57.358608756 -0700
+++ service_ssl.c       2015-03-19 10:16:01.295863310 -0700
@@ -762,8 +762,10 @@
                         certs_rec = (ServiceSSLV3CertsRecord *)data;
                         ss->certs_len = ntoh3(certs_rec->certs_len);
                         ss->certs_data = malloc(ss->certs_len);
-                        if (!ss->certs_data)
+                        if (!ss->certs_data) {
+                            free(ss);
                             return SERVICE_ENOMEM;
+                       }
                         if ((size - sizeof(ServiceSSLV3CertsRecord)) <
ss->certs_len)
                         {
                             /* Will have to get more next time around. */

I am attaching the patch file to this possible bug report.

Bill Parker (wp02855 at gmail dot com)

Attachment: service_ssl.c.patch
Description: 

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: