[ https://bro-tracker.atlassian.net/browse/BIT-1423?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robin Sommer updated BIT-1423: ------------------------------ Fix Version/s: 2.5 > Add power of 2 test to file 'cq.c', test for overflow in 'nb_dns.c' > -------------------------------------------------------------------- > > Key: BIT-1423 > URL: https://bro-tracker.atlassian.net/browse/BIT-1423 > Project: Bro Issue Tracker > Issue Type: New Feature > Components: Bro > Affects Versions: 2.3 > Environment: Source Code Requested Fixes > Reporter: Bill Parker > Labels: Enhancement > Fix For: 2.5 > > Attachments: nb_dns.c.patch > > > Hello All, > Here is a hunk of code which is a FIXME to the following statement: > /* XXX could check that nbuckets is a power of 2 */ > In directory 'src', file 'cq.c' > The patch file which adds this test is below: > --- cq.c.orig 2015-06-06 19:01:58.220926680 -0700 > +++ cq.c 2015-06-06 19:13:03.233446352 -0700 > @@ -444,6 +444,9 @@ > > /* XXX could check that nbuckets is a power of 2 */ > > + if ((nbuckets % 2) != 0) { /* modulus of nbuckets and 2 isn't zero, > not a power of 2 */ > + return (-1); /* should we send error message to > stderr? */ > + } > size = sizeof(*buckets) * nbuckets; > buckets = (struct cq_bucket *)malloc(size); > memory_allocation += size; > > If the modulus returned is zero, then nbuckets is some power of 2... > Upon further review, this is actually incorrect, and should be implemented as > a lookup table for actual powers of 2, since any even value will return a > modulus of zero. Here is a link which will implement the request properly > (my bad): > http://www.exploringbinary.com/ten-ways-to-check-if-an-integer-is-a-power-of-two-in-c/ > ==================================================================== > In directory 'src', file 'nb_dns.c', there is a XXX comment/request > to check for overflow in function 'nb_dns_activity', the patch file > below implements the test for overflow (which should be correct > from review of T_TXT code above this): > --- nb_dns.c.orig 2015-06-06 19:29:49.447330962 -0700 > +++ nb_dns.c 2015-06-06 19:32:14.693791040 -0700 > @@ -614,6 +614,12 @@ > } > he->h_name = bp; > /* XXX check for overflow */ > + if (bp + n >= ep) { > + snprintf(errstr, NB_DNS_ERRSIZE, > + "nb dns activity(): overflow 1 for ptr"); > + nr->host_errno = NO_RECOVERY; > + return (-1); > + } > bp += n; /* returned len includes EOS > */ > > /* "Find first satisfactory answer" */ > > I am attaching the patch file(s) to this bug report > Bill Parker (wp02855 at gmail dot com) -- This message was sent by Atlassian JIRA (v6.5-OD-05-041#65001) _______________________________________________ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev