Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix potential nullptr deref in Spicy plugin runtime

Browse source 
If we added a file but the other side of the connection had already run
into a protocol violation and shut down we could previously have
dereferenced a null cookie. This patch fixes the code so it now throws
in such scenarios.
This commit is contained in:
Benjamin Bannier 2024-11-04 16:15:09 +01:00
parent 0028ba320d
commit 93c201df57
1 changed files with 8 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/spicy/runtime-support.cc
View file

@ -285,12 +285,14 @@ void rt::debug(const Cookie& cookie, const std::string& msg) {
inline rt::cookie::FileStateStack* _file_state_stack(rt::Cookie* cookie) { inline rt::cookie::FileStateStack* _file_state_stack(rt::Cookie* cookie) {
auto _ = hilti::rt::profiler::start("zeek/rt/file_state_stack"); auto _ = hilti::rt::profiler::start("zeek/rt/file_state_stack");
if ( auto c = cookie->protocol ) if ( cookie ) {
return c->is_orig ? &c->fstate_orig : &c->fstate_resp; if ( auto c = cookie->protocol )
else if ( auto f = cookie->file ) return c->is_orig ? &c->fstate_orig : &c->fstate_resp;
return &f->fstate; else if ( auto f = cookie->file )
else return &f->fstate;
throw rt::ValueUnavailable("no current connection or file available"); }
throw rt::ValueUnavailable("no current connection or file available");
} }
inline const rt::cookie::FileState* _file_state(rt::Cookie* cookie, std::optional<std::string> fid) { inline const rt::cookie::FileState* _file_state(rt::Cookie* cookie, std::optional<std::string> fid) {