This diff may work (it popped up on IRC):
diff -r 326e8d3d1d72 src/analysisd/lists_list.c
--- a/src/analysisd/lists_list.c Thu Sep 08 16:32:20 2011 -0300
+++ b/src/analysisd/lists_list.c Sat Oct 01 23:44:52 2011 -0400
@@ -147,6 +147,7 @@
OSMatch *matcher)
{
ListRule *new_rulelist_pt = NULL;
+ ListRule *current_list_rule;
new_rulelist_pt = (ListRule *)calloc(1,sizeof(ListRule));
new_rulelist_pt->field = field;
new_rulelist_pt->next = NULL;
@@ -167,15 +168,16 @@
}
else
{
- while(first_rule_list->next)
+ current_list_rule = first_rule_list;
+ while(current_list_rule->next)
{
- first_rule_list = first_rule_list->next;
+ current_list_rule = current_list_rule->next;
}
debug1("Adding rulelist item: filename: %s field: %d lookup_type: %d",
new_rulelist_pt->filename,
new_rulelist_pt->field,
new_rulelist_pt->lookup_type);
- first_rule_list->next = new_rulelist_pt;
+ current_list_rule->next = new_rulelist_pt;
}
return first_rule_list;
}
I'm adding it to my testing branch.
On Sat, Oct 1, 2011 at 1:49 PM, Steve Young <[email protected]> wrote:
> One more thing.
>
> I applied the "list_value_matches.patch" to v2.6 manually (it's
> intended for v2.5.1). And I discovered a bug in the patch. This will
> be a problem even if you apply the patch to v2.5.1. analysisd could
> crash if you have list that looks up address_match_key_value.
>
> In OS_DBSearchKeyAddressValue(), as I pasted below, the
> "free(tmpkey);" should be outside of the while loop, and the
> "tmpkey[strlen(tmpkey) - 1] = '\0';" should be outside of the outer-
> most if statement.
>
> Steve
>
>
> + while(strlen(tmpkey) > 0)
> + {
> + if(tmpkey[strlen(tmpkey) - 1] == '.')
> + {
> + if( cdb_find(&lrule->db->cdb, tmpkey, strlen(tmpkey))
>> 0 ) {
> + if(cdb_match_value(&lrule->db->cdb, lrule-
>>matcher)) {
> + free(tmpkey);
> + return 1;
> + }
> + }
> + tmpkey[strlen(tmpkey) - 1] = '\0';
> + }
> + free(tmpkey);
> + }
>
