[Bro-Dev] [JIRA] (BIT-1416) Lack of Sanity Checking in file nfcollector.c in Bro-2.3.2
Robin Sommer (JIRA)
jira at bro-tracker.atlassian.net
Mon Jun 8 08:14:01 PDT 2015
[ https://bro-tracker.atlassian.net/browse/BIT-1416?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robin Sommer updated BIT-1416:
------------------------------
Fix Version/s: 2.5
> Lack of Sanity Checking in file nfcollector.c in Bro-2.3.2
> ----------------------------------------------------------
>
> Key: BIT-1416
> URL: https://bro-tracker.atlassian.net/browse/BIT-1416
> Project: Bro Issue Tracker
> Issue Type: Patch
> Components: bro-aux
> Affects Versions: 2.3
> Environment: Unix/Linux/Windows/All (OS)
> Reporter: Bill Parker
> Labels: cleanup
> Fix For: 2.5
>
> Attachments: nfcollector.c.patch
>
>
> Hello All,
> In reviewing code in Bro-2.3.2, file 'nfcollector.c', in directory 'aux/bro-aux/nftools', I found a call to malloc() without a check for a return value of NULL, indicating failure. The patch file below should correct/address this issue:
> --- nfcollector.c.orig 2015-06-05 13:13:50.404241937 -0700
> +++ nfcollector.c 2015-06-05 13:16:10.305022607 -0700
> @@ -41,6 +41,10 @@
> switch (opt) {
> case 'o':
> outfile = malloc (strlen(optarg) + 1);
> + if (outfile == NULL) {
> + fprintf(stderr, " Unable to allocate memory for output file I/O, exiting...\n");
> + pleave(1, "Out of Memory");
> + }
> strcpy (outfile, optarg);
> break;
> case 'p':
> I am attaching the patch file to this bug report
> Bill Parker (wp02855 at gmail dot com)
--
This message was sent by Atlassian JIRA
(v6.5-OD-05-041#65001)
More information about the bro-dev
mailing list