conf: NULL-pointer dereference in ConfUnixSocketIsEnable

The value for the configuration-option "unix-command.enabled" is not properly checked in ConfUnixSocketIsEnable. This causes a NULL-pointer dereference in strcmp. This commit fixes bug #2346. The ASAN-output looks like:

ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f03b69737cc bp 0x7ffcef322c10 sp 0x7ffcef322390 T0)
0 0x7f03b69737cb (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x447cb)
1 0x5617a76d3f55 in ConfUnixSocketIsEnable /root/suricata-1/src/util-conf.c:104
2 0x5617a741b6e7 in DetectEngineMultiTenantSetup /root/suricata-1/src/detect-engine.c:2447
3 0x5617a769e0c3 in PostConfLoadedDetectSetup /root/suricata-1/src/suricata.c:2527
4 0x5617a76a0424 in main /root/suricata-1/src/suricata.c:2887
5 0x7f03b30c82b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
6 0x5617a72411a9 in _start (/usr/local/bin/suricata+0xc51a9)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x447cb

diff --git a/src/util-conf.c b/src/util-conf.c
index 8cec65ed249bbc71dc0ca7c4c1bc268a9016f110..212be9d7a8bb33683cb26ada479c315d7694ad25 100644 (file)
--- a/src/util-conf.c
+++ b/src/util-conf.c
@@ -101,6 +101,11 @@ int ConfUnixSocketIsEnable(void)
         return 0;
     }
 
+    if (value == NULL) {
+        SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, "malformed value for unix-command.enabled: NULL");
+        return 0;
+    }
+
     if (!strcmp(value, "auto")) {
 #ifdef HAVE_LIBJANSSON
 #ifdef OS_WIN32