Prevent possible segmentation violation/faults in Bro-2.3.2

Description

Hello All,

In reviewing calls to memset() in Bro-2.3.2, I came across a
pair of instances where memset could POSSIBLY be called with a
address area pointing to NULL, which would generate a segmentation
violation/fault during execution. The patch files below should
address these issues:

In directory 'bro-2.3.2/aux/broctl/aux/pysubnettree', file
'SubnetTree_wrap.cc':

— SubnetTree_wrap.cc.orig 2015-08-02 18:56:24.034212101 -0400
+++ SubnetTree_wrap.cc 2015-08-02 18:59:11.242212101 -0400
@@ -719,6 +719,8 @@
SWIG_UnpackDataName(const char *c, void *ptr, size_t sz, const char *name) {
if (*c != '_') {
if (strcmp(c,"NULL") == 0) {
+ if (ptr == NULL) /* on off chance that ptr is NULL, memset() */
+ return 0; /* will segment violation/fault, so return 0 */
memset(ptr,0,sz);
return name;
} else {

In directory 'bro-2.3.2/aux/broccoli/src', file 'bro.c':

— bro.c.orig 2015-08-02 19:04:00.161212101 -0400
+++ bro.c 2015-08-02 19:05:15.608212101 -0400
@@ -367,6 +367,9 @@
void
bro_ctx_init(BroCtx *ctx)
{
+ if (! ctx) /* paranoid, ctx must NOT be NULL */
+ return;
+
memset(ctx, 0, sizeof(BroCtx));
}

Comments, Questions, Suggestions, Complaints

I am attaching the patch file(s) to this bug report...

Bill Parker (wp02855 at gmail dot com)

Environment

Linux/Windows/BSD, etc

Activity

Show:
Johanna Amann
October 20, 2015, 4:47 PM

I took a look at this - the bro.c patch is for broccoli. Broccoli is deprecated and will go away - because this looks like a very small edge case it is probably not worth it at this time to put this kind of fixes in.

The second patch concerns the SWIG bindings of pysubnettree. This code is autogenerated by SWIG. On a first glance I am not sure if this case can ever occur (I suspect not), but if you think it might be a problem please report it to the upstream project (SWIG).

Invalid

Assignee

Unassigned

Reporter

Bill Parker

External issue ID

None

Components

Affects versions

Priority

Normal