Bill Parker created BIT-1421:
--------------------------------
Summary: Lack of Sanity Check in file 'bro_type.c' in directory
aux/broccoli/src
Key: BIT-1421
URL: https://bro-tracker.atlassian.net/browse/BIT-1421
Project: Bro Issue Tracker
Issue Type: Patch
Components: bro-aux
Affects Versions: 2.3
Environment: Operating System (Linux/Unix/Windows/All)
Reporter: Bill Parker
Attachments: bro_type.c.patch
Hello,
In reviewing code in file 'bro_type.c' in directory 'aux/broccoli/src', I
found a(n) instance where calloc() is called without a corresponding test for
NULL, indicating failure. The patch file below addresses/corrects this issue:
--- bro_type.c.orig 2015-06-06 09:36:11.857384277 -0700
+++ bro_type.c 2015-06-06 09:37:58.675960368 -0700
@@ -1479,6 +1479,9 @@
while (len--) {
BroString name;
uint64 *val = (uint64*) calloc(1, sizeof(uint64));
+ if (val == NULL) { /* Unable to allocate memory... */
+ D_RETURN_(FALSE);
+ }
if (! __bro_buf_read_string(bc->rx_buf, &name) ||
! __bro_buf_read_int64(bc->rx_buf, val))
I am attaching the patch file to this bug report.
Bill Parker (wp02855 at gmail dot com)
--
This message was sent by Atlassian JIRA
(v6.5-OD-05-041#65001)
_______________________________________________
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
