From 7236e65d64ee32de5a19cbff632dc4765c3e4b7a Mon Sep 17 00:00:00 2001
From: Wolfgang Hotwagner <code@feedyourhead.at>
Date: Sat, 9 Dec 2017 13:18:49 +0000
Subject: [PATCH] conf: multiple NULL-pointer dereferences in FlowInitConfig

This commit fixes multiple NULL-pointer dereferences in FlowInitConfig after reading in config-values(flow.hash-size, flow.prealloc and flow.memcap) for flow. Here is a sample ASAN-output:

=================================================================
ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fea73456646 bp 0x7fffd70e1ba0 sp 0x7fffd70e1328 T0)
0 0x7fea73456645 in strlen (/lib/x86_64-linux-gnu/libc.so.6+0x80645)
1 0x7fea76c98eec (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x3beec)
2 0x5643efb4c205 in FlowInitConfig /root/suricata-1/src/flow.c:455
3 0x5643efcd1751 in PreRunInit /root/suricata-1/src/suricata.c:2247
4 0x5643efcd49f4 in PostConfLoadedSetup /root/suricata-1/src/suricata.c:2748
5 0x5643efcd5402 in main /root/suricata-1/src/suricata.c:2884
6 0x7fea733f62b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
7 0x5643ef8761a9 in _start (/usr/local/bin/suricata+0xc51a9)

Ticketno: Bug #2349
---
 src/flow.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/flow.c b/src/flow.c
index 4764aeb4fb..ac8541f11f 100644
--- a/src/flow.c
+++ b/src/flow.c
@@ -436,6 +436,11 @@ void FlowInitConfig(char quiet)
     /** set config values for memcap, prealloc and hash_size */
     if ((ConfGet("flow.memcap", &conf_val)) == 1)
     {
+        if (conf_val == NULL) {
+            SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY,"Invalid value for flow.memcap: NULL");
+	    exit(EXIT_FAILURE);
+        }
+
         if (ParseSizeStringU64(conf_val, &flow_config.memcap) < 0) {
             SCLogError(SC_ERR_SIZE_PARSE, "Error parsing flow.memcap "
                        "from conf file - %s.  Killing engine",
@@ -445,6 +450,11 @@ void FlowInitConfig(char quiet)
     }
     if ((ConfGet("flow.hash-size", &conf_val)) == 1)
     {
+        if (conf_val == NULL) {
+            SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY,"Invalid value for flow.hash-size: NULL");
+	    exit(EXIT_FAILURE);
+        }
+
         if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
                                     conf_val) > 0) {
             flow_config.hash_size = configval;
@@ -452,6 +462,11 @@ void FlowInitConfig(char quiet)
     }
     if ((ConfGet("flow.prealloc", &conf_val)) == 1)
     {
+        if (conf_val == NULL) {
+            SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY,"Invalid value for flow.prealloc: NULL");
+	    exit(EXIT_FAILURE);
+        }
+
         if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
                                     conf_val) > 0) {
             flow_config.prealloc = configval;