pool: fix memory leak

Due to pointer size mishandling, the pool code could consider a
block of memory inside the 'preallocated' block. It would then not
free the block.

diff --git a/configure.ac b/configure.ac
index 6daa5e6df8bd9000919b1fdb47bfdee4d6f0ca18..79578fb31058a46caa89fc9195de8b41a03df1b2 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -147,6 +147,7 @@
     # Checks for libraries.
 
     # Checks for header files.
+    AC_CHECK_HEADERS([stddef.h])
     AC_CHECK_HEADERS([arpa/inet.h assert.h ctype.h errno.h fcntl.h inttypes.h])
     AC_CHECK_HEADERS([getopt.h])
     AC_CHECK_HEADERS([limits.h netdb.h netinet/in.h poll.h sched.h signal.h])

diff --git a/src/suricata-common.h b/src/suricata-common.h
index 388f1a429cd3ff90bdaed3f35edb55a8e0bbb609..4d60f787818391780ee6053a533a229c51cace5a 100644 (file)
--- a/src/suricata-common.h
+++ b/src/suricata-common.h
@@ -49,6 +49,10 @@
 #include <stdio.h>
 #endif
 
+#if HAVE_STDDEF_H
+#include <stddef.h>
+#endif
+
 #if HAVE_STDINT_h
 #include <stdint.h>
 #endif

diff --git a/src/util-pool.c b/src/util-pool.c
index 6f405252046d235190793ce68c0b6699ef6b6b4b..4d4d5e40ea21d4f7f40ba95cdb9f93d2bd89a3bf 100644 (file)
--- a/src/util-pool.c
+++ b/src/util-pool.c
@@ -54,10 +54,10 @@ static int PoolMemset(void *pitem, void *initdata)
 
 /**
  * \brief Check if data is preallocated
- * \retval 0 or -1 if not inside */
+ * \retval 0 if not inside the prealloc'd block, 1 if inside */
 static int PoolDataPreAllocated(Pool *p, void *data)
 {
-    int delta = data - p->data_buffer;
+    ptrdiff_t delta = data - p->data_buffer;
     if ((delta < 0) || (delta > p->data_buffer_size)) {
         return 0;
     }