Hello,
attached is an update of snort to recent version 2.9.5.6.
Please test, comment and eventually commit.
Special thanks to Bhagya Bantwal from Sourcefire for a patch to fix
crashes on sparc64 on first alert.
Regards,
Markus
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.82
diff -u -p -r1.82 Makefile
--- Makefile 24 Sep 2013 02:35:23 -0000 1.82
+++ Makefile 11 Dec 2013 20:16:33 -0000
@@ -4,7 +4,7 @@ SHARED_ONLY = Yes
COMMENT = highly flexible sniffer/NIDS
-VERSION = 2.9.5.5
+VERSION = 2.9.5.6
DISTNAME = snort-${VERSION}
CATEGORIES = net security
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/snort/distinfo,v
retrieving revision 1.27
diff -u -p -r1.27 distinfo
--- distinfo 24 Sep 2013 02:35:23 -0000 1.27
+++ distinfo 11 Dec 2013 20:16:33 -0000
@@ -1,2 +1,2 @@
-SHA256 (snort-2.9.5.5.tar.gz) = AsjMYGC9qgsAU3ynD20nKFU3WUiuzlJT3Rjw12x/U54=
-SIZE (snort-2.9.5.5.tar.gz) = 5048740
+SHA256 (snort-2.9.5.6.tar.gz) = ae0JB3wfoiaPgUyO/25hO3/oh2oTjfHNZXnP+7dH21U=
+SIZE (snort-2.9.5.6.tar.gz) = 5049188
Index: patches/patch-src_preprocessors_Stream5_snort_stream5_tcp_c
===================================================================
RCS file:
/cvs/ports/net/snort/patches/patch-src_preprocessors_Stream5_snort_stream5_tcp_c,v
retrieving revision 1.10
diff -u -p -r1.10 patch-src_preprocessors_Stream5_snort_stream5_tcp_c
--- patches/patch-src_preprocessors_Stream5_snort_stream5_tcp_c 21 Aug 2013
02:28:45 -0000 1.10
+++ patches/patch-src_preprocessors_Stream5_snort_stream5_tcp_c 11 Dec 2013
20:16:33 -0000
@@ -1,7 +1,7 @@
$OpenBSD: patch-src_preprocessors_Stream5_snort_stream5_tcp_c,v 1.10
2013/08/21 02:28:45 lteo Exp $
---- src/preprocessors/Stream5/snort_stream5_tcp.c.orig Tue Jul 9 17:33:09 2013
-+++ src/preprocessors/Stream5/snort_stream5_tcp.c Mon Aug 5 14:37:49 2013
-@@ -7495,7 +7495,7 @@ static int ProcessTcp(Stream5LWSession *lwssn, Packet
+--- src/preprocessors/Stream5/snort_stream5_tcp.c.orig Fri Sep 27 17:37:54 2013
++++ src/preprocessors/Stream5/snort_stream5_tcp.c Wed Nov 20 20:07:03 2013
+@@ -7505,7 +7505,7 @@ static int ProcessTcp(Stream5LWSession *lwssn, Packet
char src_addr[17];
char dst_addr[17];
bzero((char *)timestamp, TIMEBUF_SIZE);
Index: patches/patch-src_sfutil_sfxhash_c
===================================================================
RCS file: patches/patch-src_sfutil_sfxhash_c
diff -N patches/patch-src_sfutil_sfxhash_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_sfutil_sfxhash_c 11 Dec 2013 20:16:33 -0000
@@ -0,0 +1,49 @@
+$OpenBSD$
+
+fix crashes on archs with strict memory alignment, at least sparc64
+
+patch from Bhagya Bantwal from Sourcefire, Thanks!
+
+--- src/sfutil/sfxhash.c.orig Tue Jun 4 23:19:53 2013
++++ src/sfutil/sfxhash.c Tue Dec 3 22:27:24 2013
+@@ -235,6 +235,13 @@ SFXHASH * sfxhash_new( int nrows, int keysize, int dat
+ h->anrfree = anrfree;
+ h->usrfree = usrfree;
+ h->keysize = keysize;
++
++#ifdef WORDS_MUSTALIGN
++ if ((h->keysize) & 7)
++ h->pad = (8 - ((h->keysize) & 7));
++#else
++ h->pad = 0;
++#endif
+ h->datasize = datasize;
+ h->nrows = nrows;
+ h->max_nodes = 0;
+@@ -579,7 +586,7 @@ SFXHASH_NODE * sfxhash_newnode( SFXHASH * t )
+ {
+ if ((t->max_nodes == 0) || (t->count < t->max_nodes))
+ {
+- hnode = (SFXHASH_NODE*)s_alloc( t, sizeof(SFXHASH_NODE) +
++ hnode = (SFXHASH_NODE*)s_alloc( t, sizeof(SFXHASH_NODE) + t->pad +
+ t->keysize + t->datasize );
+ }
+ }
+@@ -727,7 +734,7 @@ int sfxhash_add( SFXHASH * t, void * key, void * data
+ if( t->datasize )
+ {
+ /* Set up the new data pointer */
+- hnode->data= (char*)hnode + sizeof(SFXHASH_NODE) + t->keysize;
++ hnode->data= (char*)hnode + sizeof(SFXHASH_NODE) + t->pad +
t->keysize;
+
+ if(data)
+ {
+@@ -806,7 +813,7 @@ SFXHASH_NODE * sfxhash_get_node( SFXHASH * t, const vo
+ if( t->datasize )
+ {
+ /* Set up the new data pointer */
+- hnode->data= (char*)hnode + sizeof(SFXHASH_NODE) + t->keysize;
++ hnode->data= (char*)hnode + sizeof(SFXHASH_NODE) + t->pad +
t->keysize;
+ }
+ else
+ {
Index: patches/patch-src_sfutil_sfxhash_h
===================================================================
RCS file: patches/patch-src_sfutil_sfxhash_h
diff -N patches/patch-src_sfutil_sfxhash_h
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_sfutil_sfxhash_h 11 Dec 2013 20:16:33 -0000
@@ -0,0 +1,16 @@
+$OpenBSD$
+
+fix crashes on archs with strict memory alignment, at least sparc64
+
+patch from Bhagya Bantwal from Sourcefire, Thanks!
+
+--- src/sfutil/sfxhash.h.orig Tue Dec 3 22:27:32 2013
++++ src/sfutil/sfxhash.h Tue Dec 3 22:27:59 2013
+@@ -75,6 +75,7 @@ typedef struct _sfxhash
+ unsigned count; /// total # nodes in table
+
+ unsigned crow; /// findfirst/next row in table
++ unsigned pad;
+ SFXHASH_NODE * cnode; /// findfirst/next node ptr
+ int splay; /// whether to splay nodes with same hash bucket
+
