argus fixes
David Brumley
dbrumley at rtfm.stanford.edu
Wed Jan 24 14:30:57 EST 2001
I've attached some minor fixes...
First, I've changed the sprintf() to snprintf() in argus_parse.c since
this may be using environment variables and user-screwupable config
files. I didn't fix the other files as I'm not sure what the length
of the buffers are......
Also, fixed these warnings from -Wall in gencode.c:
./gencode.c:578: warning: `Argusgen_FarAttrtype' defined but not used
./gencode.c: In function `Argusgen_tcode':
./gencode.c:1168: warning: unused variable `alist'
./gencode.c:1167: warning: unused variable `addr'
./gencode.c:1167: warning: unused variable `mask'
./gencode.c:1166: warning: unused variable `eaddr'
Compiled for test with -pedantic, fixed a few of those warnings,
esp. with regard to signededness of char strings (which may cause
problems on AIX...had similar problems with ldap in the past). I
randomly chose to make everything unsigned char's, as the signedness
was about half and half.
I did not fix the "ANSI C does not support" errors, cuz IMHO they're
bogus.
Also, I tested argus's large file support on solaris. Seems to work
like a champ. BTW, I found one bug in libpcap that may have bitten
people in the past: they use int instead of ssize_t for some stat()'s
in the various pcap-{dlpi,snoop,etc} files. I submitted a bug report
to tcpdump-workers at tcpdump.org but I got a lackluster response.
Next, I fixed a problem where the -S option segfaulted if the server
wasn't in .rarc. Specifically, in argus_parse.c around 1895
addr->hostname = str; was causing the problem. I added a malloc and
strcpy() and everything seems to work now. I think the problem was
the addr->hostname pointer was referencing a string that no longer existed.
Last, the longjump problem I was sporadically having in 1.8 for long
filter expressions has gone away. thanks carter :)
All diffs are on version T and made by:
diff <newfile> <oldfile>
cheers,
david
---
#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#
David Brumley - Stanford Computer Security - dbrumley at Stanford.EDU
Phone: +1-650-723-2445 WWW: http://www.stanford.edu/~dbrumley
Fax: +1-650-725-9121 PGP: finger dbrumley-pgp at sunset.Stanford.EDU
#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#
Fact: you can burn 150 caloria per hour banging your head against a wall
-------------- next part --------------
1165a1166,1168
> u_char *eaddr;
> u_int mask, addr;
> u_int **alist;
-------------- next part --------------
125c125
< u_char *ArgusRemoteFilter = NULL;
---
> char *ArgusRemoteFilter = NULL;
257c257
< snprintf (path, MAXPATHNAMELEN-1, "/etc/ra.conf");
---
> sprintf (path, "/etc/ra.conf");
262c262
< snprintf (path, MAXPATHNAMELEN-1, "%s/ra.conf", homepath);
---
> sprintf (path, "%s/ra.conf", homepath);
270c270
< snprintf (path, MAXPATHNAMELEN-1, "%s/.rarc", homepath);
---
> sprintf (path, "%s/.rarc", homepath);
281c281
< snprintf (path, MAXPATHNAMELEN-1,"%s/.rarc", homepath);
---
> sprintf (path, "%s/.rarc", homepath);
446c446
< ArgusRemoteFilter = (u_char *) strdup(cmdbuf);
---
> ArgusRemoteFilter = strdup(cmdbuf);
1095c1095
< snprintf (buf, MAXSTRLEN-1, "FILTER: %s", ArgusRemoteFilter);
---
> sprintf (buf, "FILTER: %s", ArgusRemoteFilter);
1890,1895c1890
< addr->hostname = malloc(strlen(str) * sizeof(char) +1);
< if(addr->hostname == NULL){
< perror("malloc\n");
< }
< strcpy(addr->hostname, str);
< /* addr->hostname = str; */
---
> addr->hostname = str;
-------------- next part --------------
122,123c122,123
< u_char *ArgusReadBuffer, *ArgusConvBuffer;
< u_char *ArgusReadPtr, *ArgusConvPtr, *ArgusReadBlockPtr;
---
> char *ArgusReadBuffer, *ArgusConvBuffer;
> char *ArgusReadPtr, *ArgusConvPtr, *ArgusReadBlockPtr;
More information about the argus
mailing list