[Bro-Dev] #567: Protect/secure format strings in Reporter.cc
Bro Tracker
bro at tracker.bro-ids.org
Tue Aug 23 22:42:27 PDT 2011
#567: Protect/secure format strings in Reporter.cc
---------------------+------------------------
Reporter: gregor | Owner:
Type: Problem | Status: new
Priority: Normal | Milestone: Bro1.6
Component: Bro | Version: git/master
Keywords: |
---------------------+------------------------
{{{
#!rst
Reporter.cc uses variable argument list for formatting error message. This
is problematic if somebody doesn't specify a format and the passed string
contains a % character. E.g.,::
char foo[] = "foo Bar %s";
// Not a good idea
reporter->Error(foo);
// That's the way to do it:
reporter->Error("%s", foo);
We should check the code an identify each such occurrence and fix it.
However, this won't prevent future errors. Given the severity of such
errors (e.g., if the error message contains packet data) I would actually
opt for a way to make it harder for programmers to cause such errors.
E.g., by removing the methods with variable arguments from Reporter.cc and
only accepting fixed strings without formatting. If formatting is desired,
one can then use ``fmt()``.
See also commit d3e4d5b
}}}
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/567>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list