Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-14 12:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'dns_memleak' of https://github.com/MaxKellermann/zeek

Browse source 
* 'dns_memleak' of https://github.com/MaxKellermann/zeek:
  analyzer/protocol/dns: fix NSEC3 memory leak
  analyzer/protocol/dns: change runtime check to assert()
  analyzer/protocol/dns: fix memory leak
This commit is contained in:
Jon Siwek 2020-02-18 12:12:28 -08:00
commit b8497c8245
3 changed files with 26 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

13
CHANGES
View file

@ -1,4 +1,17 @@
3.2.0-dev.53 | 2020-02-18 12:12:28 -0800
* Make DNS NSEC3 parsing more resilient to introducing a memory leak
when no dns_NSEC3 handler exists (Max Kellermann)
* analyzer/protocol/dns: change runtime check to assert() (Max Kellermann)
If it were legal to call SendReplyOrRejectEvent() without an
EventHandlerPtr, then this would leak the `question_name` object. But
this method has just one caller, and it verifies the EventHandlerPtr.
* Fix memory leak when no dns_TSIG_addl event handler exists (Max Kellermann)
3.2.0-dev.46 | 2020-02-14 22:02:50 -0800
* Fix code format of various reporter btests (Jon Siwek, Corelight)

2
VERSION
View file

@ -1 +1 @@
3.2.0-dev.46
3.2.0-dev.53

21
src/analyzer/protocol/dns/DNS.cc
View file

@ -769,7 +769,7 @@ int DNS_Interpreter::ParseRR_TSIG(DNS_MsgInfo* msg,
unsigned int sign_time_msec = ExtractShort(data, len);
unsigned int fudge = ExtractShort(data, len);
BroString* request_MAC;
ExtractOctets(data, len, &request_MAC);
ExtractOctets(data, len, dns_TSIG_addl ? &request_MAC : nullptr);
unsigned int orig_id = ExtractShort(data, len);
unsigned int rr_error = ExtractShort(data, len);
ExtractOctets(data, len, 0); // Other Data
@ -1129,6 +1129,8 @@ int DNS_Interpreter::ParseRR_NSEC3(DNS_MsgInfo* msg,
msg->BuildNSEC3_Val(&nsec3),
});
}
else
Unref(char_strings);
return 1;
}
@ -1415,14 +1417,15 @@ void DNS_Interpreter::SendReplyOrRejectEvent(DNS_MsgInfo* msg,
RR_Type qtype = RR_Type(ExtractShort(data, len));
int qclass = ExtractShort(data, len);
if ( event )
analyzer->ConnectionEventFast(event, {
analyzer->BuildConnVal(),
msg->BuildHdrVal(),
new StringVal(question_name),
val_mgr->GetCount(qtype),
val_mgr->GetCount(qclass),
});
assert(event);
analyzer->ConnectionEventFast(event, {
analyzer->BuildConnVal(),
msg->BuildHdrVal(),
new StringVal(question_name),
val_mgr->GetCount(qtype),
val_mgr->GetCount(qclass),
});
}