[Bro-Dev] #567: Protect/secure format strings in Reporter.cc

Bro Tracker bro at tracker.bro-ids.org
Tue Aug 23 22:42:27 PDT 2011

#567: Protect/secure format strings in Reporter.cc
 Reporter:  gregor   |      Owner:
     Type:  Problem  |     Status:  new
 Priority:  Normal   |  Milestone:  Bro1.6
Component:  Bro      |    Version:  git/master
 Keywords:           |

 Reporter.cc uses variable argument list for formatting error message. This
 is problematic if somebody doesn't specify a format and the passed string
 contains a % character. E.g.,::

     char foo[] = "foo Bar %s";
     // Not a good idea
     // That's the way to do it:
     reporter->Error("%s", foo);

 We should check the code an identify each such occurrence and fix it.
 However, this won't prevent future errors. Given the severity of such
 errors (e.g., if the error message contains packet data) I would actually
 opt for a way to make it harder for programmers to cause such errors.
 E.g., by removing the methods with variable arguments from Reporter.cc and
 only accepting fixed strings without formatting. If formatting is desired,
 one can then use ``fmt()``.

 See also commit d3e4d5b


Ticket URL: <http://tracker.bro-ids.org/bro/ticket/567>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker

More information about the bro-dev mailing list