aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

coverity - logging system buffer overrun fix

Browse Source
remotes/origin/master-1.1.x
Anoop Saldanha 15 years ago committed by Victor Julien
parent 6dba98f277
commit b819643635
2 changed files with 31 additions and 22 deletions
Show Stats Download Patch File Download Diff File

42
src/util-debug.c
Unescape Escape View File

@ -277,44 +277,35 @@ SCError SCLogMessage(SCLogLevel log_level, char **msg, const char *file,
/* no of characters_written(cw) by snprintf */ /* no of characters_written(cw) by snprintf */
int cw = 0; int cw = 0;
char *temp_fmt = strdup(sc_log_config->log_format);
char *temp_fmt_h = temp_fmt;
char *substr = temp_fmt;
if (temp_fmt == NULL) {
goto error;
}
if (sc_log_module_initialized != 1) { if (sc_log_module_initialized != 1) {
#ifdef DEBUG #ifdef DEBUG
printf("Logging module not initialized. Call SCLogInitLogModule(), " printf("Logging module not initialized. Call SCLogInitLogModule(), "
"before using the logging API\n"); "before using the logging API\n");
#endif #endif
if (temp_fmt != NULL)
free(temp_fmt);
return SC_ERR_LOG_MODULE_NOT_INIT; return SC_ERR_LOG_MODULE_NOT_INIT;
} }
if (sc_log_fg_filters_present == 1) { if (sc_log_fg_filters_present == 1) {
if (SCLogMatchFGFilterWL(file, function, line) != 1) { if (SCLogMatchFGFilterWL(file, function, line) != 1) {
if (temp_fmt != NULL)
free(temp_fmt);
return SC_ERR_LOG_FG_FILTER_MATCH; return SC_ERR_LOG_FG_FILTER_MATCH;
} }
if (SCLogMatchFGFilterBL(file, function, line) != 1) { if (SCLogMatchFGFilterBL(file, function, line) != 1) {
if (temp_fmt != NULL)
free(temp_fmt);
return SC_ERR_LOG_FG_FILTER_MATCH; return SC_ERR_LOG_FG_FILTER_MATCH;
} }
} }
if (sc_log_fd_filters_present == 1 && SCLogMatchFDFilter(function) != 1) { if (sc_log_fd_filters_present == 1 && SCLogMatchFDFilter(function) != 1) {
if (temp_fmt != NULL)
free(temp_fmt);
return SC_ERR_LOG_FG_FILTER_MATCH; return SC_ERR_LOG_FG_FILTER_MATCH;
} }
char *temp_fmt = SCStrdup(sc_log_config->log_format);
if (temp_fmt == NULL) {
return SC_ERR_MEM_ALLOC;
}
char *temp_fmt_h = temp_fmt;
char *substr = temp_fmt;
while ( (temp_fmt = index(temp_fmt, SC_LOG_FMT_PREFIX)) ) { while ( (temp_fmt = index(temp_fmt, SC_LOG_FMT_PREFIX)) ) {
if ((temp - *msg) > SC_LOG_MAX_LOG_MSG_LEN) { if ((temp - *msg) > SC_LOG_MAX_LOG_MSG_LEN) {
printf("Warning: Log message exceeded message length limit of %d\n", printf("Warning: Log message exceeded message length limit of %d\n",
@ -438,11 +429,28 @@ SCError SCLogMessage(SCLogLevel log_level, char **msg, const char *file,
} }
temp_fmt++; temp_fmt++;
} }
if ((temp - *msg) > SC_LOG_MAX_LOG_MSG_LEN) {
printf("Warning: Log message exceeded message length limit of %d\n",
SC_LOG_MAX_LOG_MSG_LEN);
*msg = *msg + SC_LOG_MAX_LOG_MSG_LEN;
if (temp_fmt_h != NULL)
free(temp_fmt_h);
return SC_OK;
}
cw = snprintf(temp, SC_LOG_MAX_LOG_MSG_LEN - (temp - *msg), "%s", substr); cw = snprintf(temp, SC_LOG_MAX_LOG_MSG_LEN - (temp - *msg), "%s", substr);
if (cw < 0) if (cw < 0)
goto error; goto error;
temp += cw;
if ((temp - *msg) > SC_LOG_MAX_LOG_MSG_LEN) {
printf("Warning: Log message exceeded message length limit of %d\n",
SC_LOG_MAX_LOG_MSG_LEN);
*msg = *msg + SC_LOG_MAX_LOG_MSG_LEN;
if (temp_fmt_h != NULL)
free(temp_fmt_h);
return SC_OK;
}
*msg = temp + cw; *msg = temp;
free(temp_fmt_h); free(temp_fmt_h);

11
src/util-debug.h
Unescape Escape View File

@ -230,11 +230,12 @@ extern int sc_log_module_cleaned;
SC_LOG_MAX_LOG_MSG_LEN); \ SC_LOG_MAX_LOG_MSG_LEN); \
_sc_log_err_temp = _sc_log_err_msg + \ _sc_log_err_temp = _sc_log_err_msg + \
SC_LOG_MAX_LOG_MSG_LEN; \ SC_LOG_MAX_LOG_MSG_LEN; \
} \ } else { \
snprintf(_sc_log_err_temp, \ snprintf(_sc_log_err_temp, \
(SC_LOG_MAX_LOG_MSG_LEN - \ (SC_LOG_MAX_LOG_MSG_LEN - \
(_sc_log_err_temp - _sc_log_err_msg)), \ (_sc_log_err_temp - _sc_log_err_msg)), \
__VA_ARGS__); \ __VA_ARGS__); \
} \
SCLogOutputBuffer(x, _sc_log_err_msg); \ SCLogOutputBuffer(x, _sc_log_err_msg); \
} \ } \
} while(0) } while(0)

Write Preview
Loading…
Cancel
Save