67c453b797
The Sourcefire Vulnerability Research Team has learned of an integer overflow in the Snort stream4 preprocessor used by the Sourcefire Network Sensor product line. The Snort stream4 preprocessor (spp_stream4) incorrectly calculates segment size parameters during stream reassembly for certain sequence number ranges which can lead to an integer overflow that can be expanded to a heap overflow. PR: 51106 Submitted by: Sergey A. Osokin <osa@FreeBSD.org.ru>
11 lines
366 B
C
11 lines
366 B
C
--- src/snort.c.orig Thu Apr 17 14:39:59 2003
|
|
+++ src/snort.c Thu Apr 17 14:40:09 2003
|
|
@@ -1729,7 +1729,7 @@
|
|
{
|
|
struct stat st;
|
|
int i;
|
|
- char *conf_files[]={"/etc/snort.conf", "./snort.conf", NULL};
|
|
+ char *conf_files[]={"%%PREFIX%%/etc/snort.conf", "./snort.conf", NULL};
|
|
char *fname = NULL;
|
|
char *home_dir = NULL;
|
|
char *rval = NULL;
|