[Bro] Bro crash with "bro: out of memory in new"
Vern Paxson
vern at icir.org
Tue Jul 15 09:14:11 PDT 2008
This looks similar to a bug Tom Kho flagged a few months ago. (His concerned
traces without full payloads - do you have that?) I've appended a patch
for it, extracted from a larger patch, so it might be incomplete. Let me
know if it fixes it.
Note, we're quite close to releasing Bro 1.4, which includes this.
Vern
Index: src/UDP.cc
===================================================================
--- src/UDP.cc (revision 5856)
+++ src/UDP.cc (revision 5857)
@@ -106,6 +106,7 @@
len -= sizeof(struct udphdr);
ulen -= sizeof(struct udphdr);
+ caplen -= sizeof(struct udphdr);
Conn()->SetLastTime(current_timestamp);
@@ -178,7 +179,8 @@
Event(udp_reply);
}
- ForwardPacket(len, data, is_orig, seq, ip, caplen);
+ if ( caplen >= len )
+ ForwardPacket(len, data, is_orig, seq, ip, caplen);
if ( TraceRewriter() && current_hdr )
((UDP_Rewriter*) TraceRewriter())->NextPacket(is_orig,
More information about the Bro
mailing list