From 8f564e69f87d9921cc28172df449d3939bad4559 Mon Sep 17 00:00:00 2001 From: "Russ Combs (rucombs)" Date: Fri, 1 Sep 2017 13:25:44 -0400 Subject: [PATCH] Merge pull request #1004 in SNORT/snort3 from xcode to master Squashed commit of the following: commit 657e650852af9bc8a0c39dc986aa94edc1364f21 Author: Russ Combs Date: Fri Sep 1 09:02:29 2017 -0400 analyzer: fix possible leak upon appid info table entry dup commit ade6ed67f5602ffca18447d0b0ac1ad67da4fcd9 Author: Russ Combs Date: Fri Sep 1 08:50:07 2017 -0400 analyzer: fix possible memory leak in side channel commit 27a9d0a40ec991b938d1f801b32e7fb9fb507ea8 Author: Russ Combs Date: Thu Aug 31 19:46:22 2017 -0400 analyzer: fix missing braces around subobj initialization in flow key --- src/flow/flow_key.cc | 4 +++- src/network_inspectors/appid/app_info_table.cc | 10 ++++++++-- src/side_channel/side_channel.cc | 18 ++++++++++-------- 3 files changed, 21 insertions(+), 11 deletions(-) diff --git a/src/flow/flow_key.cc b/src/flow/flow_key.cc index 1a1de52ad..718e18709 100644 --- a/src/flow/flow_key.cc +++ b/src/flow/flow_key.cc @@ -33,7 +33,9 @@ //------------------------------------------------------------------------- // icmp foo //------------------------------------------------------------------------- -static const ip::snort_in6_addr fixed_addr = {0xFF,0,0,0}; + +static const ip::snort_in6_addr fixed_addr = { { { 0xFF, 0, 0, 0 } } }; + inline void FlowKey::update_icmp4(const SfIp*& srcIP, uint16_t& srcPort, const SfIp*& dstIP, uint16_t& dstPort) { diff --git a/src/network_inspectors/appid/app_info_table.cc b/src/network_inspectors/appid/app_info_table.cc index a4ea38157..24ee85a29 100644 --- a/src/network_inspectors/appid/app_info_table.cc +++ b/src/network_inspectors/appid/app_info_table.cc @@ -177,7 +177,12 @@ AppInfoTableEntry* AppInfoManager::add_dynamic_app_entry(const char* app_name) { entry = new AppInfoTableEntry(next_custom_appid++, snort_strdup(app_name)); custom_app_info_table[entry->appId] = entry; - add_entry_to_app_info_name_table(entry->app_name_key, entry); + + if ( !add_entry_to_app_info_name_table(entry->app_name_key, entry) ) + { + delete entry; + return nullptr; + } } return entry; @@ -574,7 +579,8 @@ void AppInfoManager::init_appid_info_table(AppIdModuleConfig* mod_config) if ((app_id = get_static_app_info_entry(entry->payloadId))) app_info_payload_table[app_id] = entry; - add_entry_to_app_info_name_table(entry->app_name_key, entry); + if ( !add_entry_to_app_info_name_table(entry->app_name_key, entry) ) + delete entry; } fclose(tableFile); diff --git a/src/side_channel/side_channel.cc b/src/side_channel/side_channel.cc index ca292ccda..624c4c8b9 100644 --- a/src/side_channel/side_channel.cc +++ b/src/side_channel/side_channel.cc @@ -212,17 +212,21 @@ bool SideChannel::process(int max_messages) { // get message if one is available. ConnectorMsgHandle* handle = connector_receive->receive_message(false); + // if none, we are complete - if ( handle == nullptr ) + if ( !handle ) break; - else + + else if ( receive_handler ) { SCMessage* msg = new SCMessage; + // get the ConnectorMsg from the (at this point) abstract class ConnectorMsg* connector_msg = connector_receive->get_connector_msg(handle); msg->content = connector_msg->data; msg->content_length = connector_msg->length; + // if the message is longer than the header, assume we have a header if ( connector_msg->length >= sizeof(SCMsgHdr) ) { @@ -234,15 +238,13 @@ bool SideChannel::process(int max_messages) } msg->handle = handle; // link back to the underlying SCC message - received_message = true; - if ( receive_handler != nullptr ) - (receive_handler)(msg); - - if ( (max_messages > 0) && (--max_messages == 0) ) - break; + receive_handler(msg); } + + if ( (max_messages > 0) && (--max_messages == 0) ) + break; } return received_message; } -- 2.47.3