Project

General

Profile

Actions

Bug #5919

closed

flow/manager: fix unhandled division by 0 (prealloc: 0)

Added by Juliana Fajardini Reichow almost 2 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

If we set flow.prealloc to 0, this causes Suri to error out, as it's unhandled.


Subtasks 1 (0 open1 closed)

Bug #5946: flow/manager: fix unhandled division by 0 (prealloc: 0) (6.0.x backport)ClosedJuliana Fajardini ReichowActions

Related issues 1 (0 open1 closed)

Related to Suricata - Optimization #5920: investigate: check and fix unhandled divisions by 0ClosedPhilippe AntoineActions
Actions #1

Updated by Juliana Fajardini Reichow almost 2 years ago

  • Related to Optimization #5920: investigate: check and fix unhandled divisions by 0 added
Actions #2

Updated by Juliana Fajardini Reichow almost 2 years ago

  • Status changed from In Progress to In Review
Actions #3

Updated by Juliana Fajardini Reichow almost 2 years ago

  • Label Needs backport added
Actions #4

Updated by Juliana Fajardini Reichow almost 2 years ago

  • Label Needs backport to 6.0 added
  • Label deleted (Needs backport)
Actions #5

Updated by Victor Julien almost 2 years ago

Additional finding by coverity:

** CID 1524506:  Integer handling issues  (DIVIDE_BY_ZERO)
/src/flow-manager.c: 858 in FlowManager()

________________________________________________________________________________________________________
*** CID 1524506:  Integer handling issues  (DIVIDE_BY_ZERO)
/src/flow-manager.c: 858 in FlowManager()
852                                "flow_spare_q status: %" PRIu32 "%% flows at the queue",
853                             spare_pool_len, flow_config.prealloc,
854                             spare_pool_len * 100 / flow_config.prealloc);
855     
856                     /* only if we have pruned this "emergency_recovery" percentage
857                      * of flows, we will unset the emergency bit */
>>>     CID 1524506:  Integer handling issues  (DIVIDE_BY_ZERO)
>>>     In expression "spare_pool_len * 100U / flow_config.prealloc", division by expression "flow_config.prealloc" which may be zero has undefined behavior.
858                     if (spare_pool_len * 100 / flow_config.prealloc > flow_config.emergency_recovery) {
859                         emerg_over_cnt++;
860                     } else {
861                         emerg_over_cnt = 0;
862                     }
863     

Actions #8

Updated by Victor Julien almost 2 years ago

  • Status changed from In Review to Resolved
Actions #9

Updated by Juliana Fajardini Reichow almost 2 years ago

  • Subtask #5946 added
Actions #10

Updated by Victor Julien almost 2 years ago

  • Label deleted (Needs backport to 6.0)
Actions #11

Updated by Juliana Fajardini Reichow over 1 year ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF