From: Wolfgang Hotwagner <code@feedyourhead.at>
Date: Sun, 17 Dec 2017 21:54:15 +0000 (+0000)
Subject: Conf: Multipe NULL-pointer dereferences in HostInitConfig
X-Git-Tag: suricata-4.0.4~54
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0b15f2f78279f8b8d6ec0875e852ae08a1ccbb61;p=thirdparty%2Fsuricata.git

Conf: Multipe NULL-pointer dereferences in HostInitConfig

Multiple NULL-pointer dereferences after ConfGet in HostInitConfig can cause suricata to terminate with segfaults. The ASAN-output:

==29747==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7ff937904646 bp
    0 0x7ff937904645 in strlen (/lib/x86_64-linux-gnu/libc.so.6+0x80645)
    1 0x7ff93b146eec  (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x3beec)
    2 0x5618387c86a3 in HostInitConfig /root/suricata-1/src/host.c:174
    3 0x56183893eccb in PostConfLoadedSetup /root/suricata-1/src/suricata.c:2752
    4 0x56183893f70e in main /root/suricata-1/src/suricata.c:2898
    5 0x7ff9378a42b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
    6 0x5618384d0039 in _start (/usr/local/bin/suricata+0xc8039)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x80645) in strlen

This commit fixes Bug #2367
---

diff --git a/src/host.c b/src/host.c
index 84b4d5eaae..e30ad596bb 100644
--- a/src/host.c
+++ b/src/host.c
@@ -152,7 +152,7 @@ void HostInitConfig(char quiet)
     uint32_t configval = 0;
 
     /** set config values for memcap, prealloc and hash_size */
-    if ((ConfGet("host.memcap", &conf_val)) == 1)
+    if ((ConfGetValue("host.memcap", &conf_val)) == 1)
     {
         if (ParseSizeStringU64(conf_val, &host_config.memcap) < 0) {
             SCLogError(SC_ERR_SIZE_PARSE, "Error parsing host.memcap "
@@ -161,7 +161,7 @@ void HostInitConfig(char quiet)
             exit(EXIT_FAILURE);
         }
     }
-    if ((ConfGet("host.hash-size", &conf_val)) == 1)
+    if ((ConfGetValue("host.hash-size", &conf_val)) == 1)
     {
         if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
                                     conf_val) > 0) {
@@ -169,7 +169,7 @@ void HostInitConfig(char quiet)
         }
     }
 
-    if ((ConfGet("host.prealloc", &conf_val)) == 1)
+    if ((ConfGetValue("host.prealloc", &conf_val)) == 1)
     {
         if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
                                     conf_val) > 0) {