[Bro-Dev] [JIRA] (BIT-1462) heap overflow in ARP_Analyzer::IsARP

Justin Azoff (JIRA) jira at bro-tracker.atlassian.net
Thu Aug 20 13:56:00 PDT 2015


     [ https://bro-tracker.atlassian.net/browse/BIT-1462?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Justin Azoff updated BIT-1462:
------------------------------
    Attachment: arp_bug.pcap

> heap overflow in ARP_Analyzer::IsARP
> ------------------------------------
>
>                 Key: BIT-1462
>                 URL: https://bro-tracker.atlassian.net/browse/BIT-1462
>             Project: Bro Issue Tracker
>          Issue Type: Problem
>          Components: Bro
>    Affects Versions: 2.4
>            Reporter: Justin Azoff
>         Attachments: arp_bug.pcap
>
>
> {code}
> # bro -r arp_bug.pcap
> =================================================================
> ==8775==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6310008c07fe at pc 0x00000099a56e bp 0x7fffd1826e60 sp 0x7fffd1826e58
> READ of size 2 at 0x6310008c07fe thread T0
>     #0 0x99a56d in analyzer::arp::ARP_Analyzer::IsARP(unsigned char const*, int) /scratch/bro-clean/src/analyzer/protocol/arp/ARP.cc:24:2
>     #1 0x855781 in NetSessions::NextPacket(double, pcap_pkthdr const*, unsigned char const*, int) /scratch/bro-clean/src/Sessions.cc:246:12
>     #2 0x7ba30f in net_packet_dispatch(double, pcap_pkthdr const*, unsigned char const*, int, iosource::PktSrc*) /scratch/bro-clean/src/Net.cc:281:2
>     #3 0xda1c1b in iosource::PktSrc::Process() /scratch/bro-clean/src/iosource/PktSrc.cc:423:3
>     #4 0x7ba7bf in net_run() /scratch/bro-clean/src/Net.cc:330:4
>     #5 0x641d9c in main /scratch/bro-clean/src/main.cc:1199:3
>     #6 0x7fc0ba545b44 in __libc_start_main /tmp/buildd/glibc-2.19/csu/libc-start.c:287
>     #7 0x5ee98c in _start (/scratch/bro-clean/build/src/bro+0x5ee98c)
> {code}



--
This message was sent by Atlassian JIRA
(v7.0.0-OD-01-193#70101)


More information about the bro-dev mailing list