[Bro-Dev] [JIRA] (BIT-1421) Lack of Sanity Check in file 'bro_type.c' in directory aux/broccoli/src
Robin Sommer (JIRA)
jira at bro-tracker.atlassian.net
Mon Jun 8 08:13:01 PDT 2015
[ https://bro-tracker.atlassian.net/browse/BIT-1421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robin Sommer updated BIT-1421:
------------------------------
Fix Version/s: 2.5
> Lack of Sanity Check in file 'bro_type.c' in directory aux/broccoli/src
> -----------------------------------------------------------------------
>
> Key: BIT-1421
> URL: https://bro-tracker.atlassian.net/browse/BIT-1421
> Project: Bro Issue Tracker
> Issue Type: Patch
> Components: bro-aux
> Affects Versions: 2.3
> Environment: Operating System (Linux/Unix/Windows/All)
> Reporter: Bill Parker
> Labels: Check, Sanity
> Fix For: 2.5
>
> Attachments: bro_type.c.patch
>
>
> Hello,
> In reviewing code in file 'bro_type.c' in directory 'aux/broccoli/src', I found a(n) instance where calloc() is called without a corresponding test for NULL, indicating failure. The patch file below addresses/corrects this issue:
> --- bro_type.c.orig 2015-06-06 09:36:11.857384277 -0700
> +++ bro_type.c 2015-06-06 09:37:58.675960368 -0700
> @@ -1479,6 +1479,9 @@
> while (len--) {
> BroString name;
> uint64 *val = (uint64*) calloc(1, sizeof(uint64));
> + if (val == NULL) { /* Unable to allocate memory... */
> + D_RETURN_(FALSE);
> + }
>
> if (! __bro_buf_read_string(bc->rx_buf, &name) ||
> ! __bro_buf_read_int64(bc->rx_buf, val))
> I am attaching the patch file to this bug report.
> Bill Parker (wp02855 at gmail dot com)
--
This message was sent by Atlassian JIRA
(v6.5-OD-05-041#65001)
More information about the bro-dev
mailing list