From a62e18d8c16ac71458e5f36750fe720d4021ca56 Mon Sep 17 00:00:00 2001 From: "Michael Altizer (mialtize)" Date: Tue, 30 Apr 2019 11:40:05 -0400 Subject: [PATCH] Merge pull request #1591 in SNORT/snort3 from ~MIALTIZE/snort3:static_analysis to master Squashed commit of the following: commit b1dd6db8cc79cc8b0881f508f1c1679165aa92b1 Author: Michael Altizer Date: Wed Apr 24 15:39:22 2019 -0400 piglet_plugins: Don't try to memset SigInfo commit 846cd74233e2e6de40528e364bb10b5be8421848 Author: Michael Altizer Date: Mon Apr 22 13:02:37 2019 -0400 tcp_connector: Fix memory leak in receive overrun scenario commit f168872f04abdc26d1ebcb7bc43977b0ecd8bc4e Author: Michael Altizer Date: Mon Apr 22 12:49:41 2019 -0400 appid: Add assertion to pop3 detector to quiet the static analyzer commit 7d190cd75022d2cc4e0400e10406c7a182504566 Author: Michael Altizer Date: Mon Apr 22 12:36:37 2019 -0400 module_manager: Fix potential null deref in module parameter dumping --- src/connectors/tcp_connector/tcp_connector.cc | 10 ++++++---- src/managers/module_manager.cc | 2 +- .../appid/detector_plugins/detector_pop3.cc | 1 + src/piglet_plugins/pp_event_iface.cc | 3 +-- 4 files changed, 9 insertions(+), 7 deletions(-) diff --git a/src/connectors/tcp_connector/tcp_connector.cc b/src/connectors/tcp_connector/tcp_connector.cc index affdd4f1d..4a61801d3 100644 --- a/src/connectors/tcp_connector/tcp_connector.cc +++ b/src/connectors/tcp_connector/tcp_connector.cc @@ -184,10 +184,12 @@ void TcpConnector::process_receive() } else if (rval > 0 && pfds[0].revents & POLLIN) { - TcpConnectorMsgHandle* handle; - if ( (handle = read_message(sock_fd)) != nullptr ) - if ( !receive_ring->put(handle) ) - ErrorMessage("TcpC Input Thread: overrun\n"); + TcpConnectorMsgHandle* handle = read_message(sock_fd); + if (handle && !receive_ring->put(handle)) + { + ErrorMessage("TcpC Input Thread: overrun\n"); + delete handle; + } } } diff --git a/src/managers/module_manager.cc b/src/managers/module_manager.cc index 60a9e9c71..dc37b2a94 100644 --- a/src/managers/module_manager.cc +++ b/src/managers/module_manager.cc @@ -1017,7 +1017,7 @@ void ModuleManager::show_module(const char* name) const Parameter* def_params = m->get_default_parameters(); if ( ( params and params->type < Parameter::PT_MAX ) || - ( def_params and params->type < Parameter::PT_MAX ) ) + ( def_params and def_params->type < Parameter::PT_MAX ) ) { cout << endl << "Configuration: " << endl << endl; show_configs(name, true); diff --git a/src/network_inspectors/appid/detector_plugins/detector_pop3.cc b/src/network_inspectors/appid/detector_plugins/detector_pop3.cc index 32ca4efa0..73ec4c231 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_pop3.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_pop3.cc @@ -288,6 +288,7 @@ static int pop3_server_validate(POP3DetectorData* dd, const uint8_t* data, uint1 ServicePOP3Data* pd = &dd->server; const uint8_t* begin = nullptr; + assert(data); const uint8_t* end = data + size; char* v_end = pd->version + MAX_VERSION_SIZE - 1; switch (pd->state) diff --git a/src/piglet_plugins/pp_event_iface.cc b/src/piglet_plugins/pp_event_iface.cc index 7d01dfed2..e1ce5a419 100644 --- a/src/piglet_plugins/pp_event_iface.cc +++ b/src/piglet_plugins/pp_event_iface.cc @@ -33,8 +33,7 @@ static struct SigInfo* create_sig_info() { - auto si = new SigInfo; - memset(si, 0, sizeof(SigInfo)); + auto si = new SigInfo(); return si; } -- 2.47.3