logo       
<prev   next>

Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...

Parsing Bug in ProgVars.c Causes Segfault: msg#00001

security.ids.snort.barnyard.user

Subject: Parsing Bug in ProgVars.c Causes Segfault

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

I am using barnyard-0.2.0 from source and have noticed a bug in src/ProgVars.c.

The bug is in the following code:

/* Process the spool file and directory */
if(strchr(clargs->file_base, '/'))
{
/* file base includes path information */
if(clargs->spool_dir)
FatalError("Path information included in both spool_dir "
"and spool_file arguments");

spool_file = strrchr(clargs->file_base, '/') + 1;
if(!(spool_dir = strdup(spool_file)))
{
FatalError("Out of memory (wanted %u bytes)\n",
strlen(spool_file));
}
*(strrchr(spool_dir, '/')) = '\0';
}
The spool_file variable will start one character beyond the last '/' in
clargs->file_base. spool_dir is then assigned
the same value as spool_file. The last strrchr() call will search for the last
'/' in spool_dir. However, spool_dir will
never have that character. Therefore, strrchr() will return a null pointer. The
resulting assignment of this to \0
results in a segmentation fault.

The command line with which I start barnyard is
/home/snort/bin/barnyard -c /home/snort/etc/barnyard.conf.ppp0.alert \
-s /home/snort/rules/sid-msg.map -g /home/snort/rules/gen-msg.map \
-p /home/snort/rules/classification.config \
-f /home/snort/var/log/snort/snort.alert.ppp0 \
-X /home/snort/var/run/barnyard.pid.alert \
-w /home/snort/var/log/snort/waldo.alert -D

Specifying both -f and -d arguments will avoid the problem as well.

The following patch should fix this:

513c513
< if(!(spool_dir = strdup(spool_file)))
- ---
> if(!(spool_dir = strdup(clargs->file_base)))

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iQIVAwUBQtIiOlLqcPqR+0T2AQJjpw/+JenWWgeZfJzyZGGvqHIqWSLMlFZv7xHR
KeLvfYcF4B66CFYU/bvEHHnul6W4ZBzgiFiGgk69nQXVAFE0ehPaKUHRD4qNA9Cp
cUIHEd7ByULw3jJbfcoPJdQvu5vqLfO00eUyqZzyaXIY71ddN9AKBKCNZRKUvjmY
ytXfVftvGfFSoyIlRqyXY8VTjlFYxyluIbE1phM+uOB9tAcwY13AoArBw45VgjCp
zarJQfBuHIZEjKdFglGgpsJj4IgqVQft7A89C0zZJzOdOTXoEyKFNz/uPNAPZ830
d51yNuDqWRHCnX9fXjXDJBXbJ/hdYeSsmKQHdGkAPvyWwMyjIgK1pahq/XOL8Nt2
0KbSHAi82wrpVowqerIDWPa1DZZDU0ufieOm41CHc42GcIHw33u3k7hjJyPRbmxf
AU1A1xXV58/5NcaL2U8Mf8Ol2tlQEWqCsE3fzwIWzmBlbODQZBBRxI8G3D7hI0IK
SNn7tCgaUBqfMcDnOPuEzSTk3ue6fXTNPITlFic8rng+8x5M6TWuw48VcgHjgCW/
kanynBdQSYjdvJnjHcAV4EFr+rNfAJyEJ2hSBPwa371XCgkhznymInbxy+1BRoCO
ZRBBtctAEHxQgWKjUp3bujN541VmFZukAH3XTBizWTL1o6O7cBdm5liMd1XIcuvH
i9MBah5AuC4=
=Z9Hd
-----END PGP SIGNATURE-----





-------------------------------------------------------
This SF.Net email is sponsored by the 'Do More With Dual!' webinar happening
July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual
core and dual graphics technology at this free one hour event hosted by HP,
AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Output acid_db, lmarcilly
Next by Date:  Question on the logs.., lmarcilly
Previous by Thread:  Output acid_db, lmarcilly
Next by Thread:  Question on the logs.., lmarcilly
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
Recently Viewed:
qnx.openqnx.dev...    gcc.libstdc++.c...    solaris.opensol...    information-ret...    misc.misterhous...    web.catalyst.ge...    apache.webservi...    redhat.release....    hardware.lirc/2...    kernel.autofs/2...    technology.sust...    linux.vdr/2003-...    editors.lyx.gen...    org.user-groups...    netbsd.devel.pk...    xdg.devel/2004-...    version-control...    jakarta.slide.d...    debian.packages...    creativecommons...    ports.ppc.embed...    bug-tracking.bu...   
Home | blog view | USPTO Patent Archive | advertise | OSDir is an inevitable website. super tiny logo

Free Magazines

Cisco News
Receive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business.
subscribe

Systems Management News, the newspaper for IT systems administration and data center managers! Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field.
subscribe

The Enterprise Newsweekly eWeek is the essential technology information source for builders of e-business.
subscribe

Oracle Magazine Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company.
subscribe

Total Telecom Total Telecom is "The Economist of the communications industry".
subscribe

Navigation