[ https://bro-tracker.atlassian.net/browse/BIT-1416?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robin Sommer updated BIT-1416: ------------------------------ Fix Version/s: 2.5 > Lack of Sanity Checking in file nfcollector.c in Bro-2.3.2 > ---------------------------------------------------------- > > Key: BIT-1416 > URL: https://bro-tracker.atlassian.net/browse/BIT-1416 > Project: Bro Issue Tracker > Issue Type: Patch > Components: bro-aux > Affects Versions: 2.3 > Environment: Unix/Linux/Windows/All (OS) > Reporter: Bill Parker > Labels: cleanup > Fix For: 2.5 > > Attachments: nfcollector.c.patch > > > Hello All, > In reviewing code in Bro-2.3.2, file 'nfcollector.c', in directory > 'aux/bro-aux/nftools', I found a call to malloc() without a check for a > return value of NULL, indicating failure. The patch file below should > correct/address this issue: > --- nfcollector.c.orig 2015-06-05 13:13:50.404241937 -0700 > +++ nfcollector.c 2015-06-05 13:16:10.305022607 -0700 > @@ -41,6 +41,10 @@ > switch (opt) { > case 'o': > outfile = malloc (strlen(optarg) + 1); > + if (outfile == NULL) { > + fprintf(stderr, " Unable to allocate memory for output file I/O, > exiting...\n"); > + pleave(1, "Out of Memory"); > + } > strcpy (outfile, optarg); > break; > case 'p': > I am attaching the patch file to this bug report > Bill Parker (wp02855 at gmail dot com) -- This message was sent by Atlassian JIRA (v6.5-OD-05-041#65001) _______________________________________________ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev