From: Victor Julien Date: Thu, 8 Sep 2016 08:39:51 +0000 (+0200) Subject: bpf: fix file parsing memory handling X-Git-Tag: suricata-3.1.3~22 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=71c8d1f46c6adeafa31f46f105f875a96e94b938;p=thirdparty%2Fsuricata.git bpf: fix file parsing memory handling Fix improper fread string handling. Improve error handling. Skip trailing spaces for slightly more pretty printing. Coverity CID 400763. Thanks to Steve Grubb for helping address this issue. --- diff --git a/src/suricata.c b/src/suricata.c index 99611cb4de..708d1640c1 100644 --- a/src/suricata.c +++ b/src/suricata.c @@ -484,11 +484,15 @@ static void SetBpfStringFromFile(char *filename) } memset(bpf_filter, 0x00, bpf_len); - nm = fread(bpf_filter, bpf_len - 1, 1, fp); - if((ferror(fp) != 0)||( nm != 1)) { - *bpf_filter='\0'; + nm = fread(bpf_filter, 1, bpf_len - 1, fp); + if ((ferror(fp) != 0) || (nm != (bpf_len - 1))) { + SCLogError(SC_ERR_BPF, "Failed to read complete BPF file %s", filename); + SCFree(bpf_filter); + fclose(fp); + exit(EXIT_FAILURE); } fclose(fp); + bpf_filter[nm] = '\0'; if(strlen(bpf_filter) > 0) { /*replace comments with space*/ @@ -508,10 +512,18 @@ static void SetBpfStringFromFile(char *filename) while((bpf_comment_tmp = strchr(bpf_filter, '\n')) != NULL) { *bpf_comment_tmp = ' '; } - if(ConfSetFinal("bpf-filter", bpf_filter) != 1) { - SCLogError(SC_ERR_FOPEN, "ERROR: Failed to set bpf filter!"); - SCFree(bpf_filter); - exit(EXIT_FAILURE); + /* cut trailing spaces */ + while (strlen(bpf_filter) > 0 && + bpf_filter[strlen(bpf_filter)-1] == ' ') + { + bpf_filter[strlen(bpf_filter)-1] = '\0'; + } + if (strlen(bpf_filter) > 0) { + if(ConfSetFinal("bpf-filter", bpf_filter) != 1) { + SCLogError(SC_ERR_FOPEN, "ERROR: Failed to set bpf filter!"); + SCFree(bpf_filter); + exit(EXIT_FAILURE); + } } } SCFree(bpf_filter);