]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 648bd5a)
file-hash-common: fix rule_file truncation
authorJason Ish <jason.ish@oisf.net>
Fri, 26 Jun 2020 17:45:38 +0000 (11:45 -0600)
committerVictor Julien <victor@inliniac.net>
Sun, 28 Jun 2020 12:20:59 +0000 (14:20 +0200)
Loading file hash lists uses dirname(3) on the
de_ctx->rule_file which modifies the contents,
removing the last part of the path. So on subsequent
calls the rule_file no longer contains the rule_file,
but instead just the directory name.

Mostly noticed when using "-S" with rule files outside
of the default-rule-path which requires more hunting for
the rule file.

src/detect-file-hash-common.c patch | blob | blame | history

diff --git a/src/detect-file-hash-common.c b/src/detect-file-hash-common.c
index f39d9a983c6c9097e1c89b2d05efbea5877ec8e4..cdd766bc23c4919072129f332443d796e0ca0b54 100644 (file)
--- a/src/detect-file-hash-common.c
+++ b/src/detect-file-hash-common.c
@@ -202,6 +202,7 @@ static DetectFileHashData *DetectFileHashParse (const DetectEngineCtx *de_ctx,
     DetectFileHashData *filehash = NULL;
     FILE *fp = NULL;
     char *filename = NULL;
+    char *rule_filename = NULL;
 
     /* We have a correct hash algorithm option */
     filehash = SCMalloc(sizeof(DetectFileHashData));
@@ -235,12 +236,17 @@ static DetectFileHashData *DetectFileHashParse (const DetectEngineCtx *de_ctx,
         goto error;
     }
 
+    rule_filename = SCStrdup(de_ctx->rule_file);
+    if (rule_filename == NULL) {
+        goto error;
+    }
+
     char line[8192] = "";
     fp = fopen(filename, "r");
     if (fp == NULL) {
 #ifdef HAVE_LIBGEN_H
         if (de_ctx->rule_file != NULL) {
-            char *dir = dirname(de_ctx->rule_file);
+            char *dir = dirname(rule_filename);
             if (dir != NULL) {
                 char path[PATH_MAX];
                 snprintf(path, sizeof(path), "%s/%s", dir, str);
@@ -287,6 +293,7 @@ static DetectFileHashData *DetectFileHashParse (const DetectEngineCtx *de_ctx,
     }
     SCLogInfo("Hash hash table size %u bytes%s", ROHashMemorySize(filehash->hash), filehash->negated ? ", negated match" : "");
 
+    SCFree(rule_filename);
     SCFree(filename);
     return filehash;
 
@@ -297,6 +304,9 @@ error:
         fclose(fp);
     if (filename != NULL)
         SCFree(filename);
+    if (rule_filename != NULL) {
+        SCFree(rule_filename);
+    }
     return NULL;
 }
 
Mirror of https://github.com/OISF/suricata.git