Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Possible memory leaks in Snort-3.0.0-a1 (144/145) found...

From: Bill Parker <wp02855 () gmail com>
Date: Fri, 10 Apr 2015 10:50:37 -0700
Hello All,

   In reviewing source code for Snort-3.0.0-a1 (build 144/145), in
directory 'src/filters', file 'sfthd.cc', I found a couple of calls
to calloc(), upon failure, appear to fail to release memory previously
allocated within the same function.  The patch file is below:

--- sfthd.cc.orig       2015-04-10 10:37:50.910579964 -0700
+++ sfthd.cc    2015-04-10 10:43:11.485323365 -0700
@@ -401,6 +401,7 @@
         if ( !sfthd_item->sfthd_node_list->tail)
         {
             /* can you say paranoid- if there is a count, there should be
a tail */
+           free(sfthd_item);   /*  do we have a potential leak by not
free()'ng */
             return -10;
         }
         p = (THD_NODE*)sfthd_item->sfthd_node_list->tail->ndata;
@@ -424,6 +425,7 @@
     sfthd_node = (THD_NODE*)calloc(1,sizeof(THD_NODE));
     if ( !sfthd_node )
     {
+       free(sfthd_item);
         return -6;
     }

@@ -549,6 +551,7 @@
     sfthd_node = (THD_NODE*)calloc(1,sizeof(THD_NODE));
     if ( !sfthd_node )
     {
+       free(thd_objs->sfthd_garray[policy_id]); /* from previous call to
calloc() in this func */
         return -2;
     }

I am attaching the patch file to this bug report...

Bill Parker (wp02855 at gmail dot com)

Attachment: sfthd.cc.patch
Description: 

------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: