Project

General

Profile

Actions

Bug #309

closed

Mitigate dangerous macros: util-mem.h, decode.h, suricata.h, stream-tcp.c

Added by Mike Pomraning about 13 years ago. Updated about 13 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:

Description

The attached patches address several unsafe or broken macros in 1.1beta2 (rev 2f2eb72)

  1. SCStrdup with -DDBG_MEM_ALLOC broken/unsafe: references a "len" variable not in private scope
  2. Several macro replacement lists are not parenthesized
  3. Many, many macro parameters are not parenthesized when referenced
  4. Some statement-style macros were not do/while(0) idioms, and so could not be used anywhere a statement could

No. 2 is of course a problem when we

#define FOO  default_packet_size - 1
and later compute
FOO * 5
.

No. 3 are especially dangerous breakages waiting to happen, and are what the CERT C Secure Coding Standard calls PRE01-C. Example:

#define SCCalloc(nm, a) \
  ... \
  global_mem += a*nm \   <-- wrong for SCCalloc(1024, 2 + 0)
  ... \ 

And similarly for pointer dereferences in macros, etc. In all, these patches bring some macros in line with the better-written macros in Suricata.


Files

Actions

Also available in: Atom PDF