Date: Fri, 7 Oct 2011 21:10:13 GMT From: Michael Scheidell <scheidell@secnap.net> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/161383: security/snortsam version 2.7.0 returns bad code from system() Message-ID: <201110072110.p97LADpl064497@red.freebsd.org> Resent-Message-ID: <201110072120.p97LK2sK026126@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 161383 >Category: ports >Synopsis: security/snortsam version 2.7.0 returns bad code from system() >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Oct 07 21:20:01 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Michael Scheidell >Release: 7.4 amd >Organization: SECNAP Network Security Corp >Environment: >Description: not sure if its amd64, 7.4, or what. other system() calls seem fine, but this one seem to fail when it should not. (i checked, manually injecting ip's, taking them out, etc) where the cli would return a 0x00 from a certain system() call, this one seems to return a 0x4700 (when it should be 0) attached patch against 2.7.0 masks all but last 0xff. >How-To-Repeat: tail the log. look for this: 2011/10/07, 15:09:07, -, 2, snortsam, Removing 86400 sec complete block for host 221.231.140.206. 2011/10/07, 15:09:07, -, 1, ipfw2, Error: Command "/sbin/ipfw table 3 delete 221.231.140.206/32;/sbin/ipfw table 4 delete 221.231.140.206/32" Failed added debug code and verified that its returning 0x4700, when command actually succeeded. >Fix: change this: if (system(ipfw2cmd) ) to this if ((system(ipfw2cmd) && 0xff) ) see attached patch. portversion bumped. Patch attached with submission follows: diff -bBru /tmp/snortsam/Makefile snortsam/Makefile --- /tmp/snortsam/Makefile 2011-06-15 09:52:50.000000000 -0400 +++ snortsam/Makefile 2011-10-07 17:00:07.000000000 -0400 @@ -7,6 +7,7 @@ PORTNAME= snortsam PORTVERSION= 2.70 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://www.snortsam.net/files/snortsam/ DISTNAME= ${PORTNAME}-src-${PORTVERSION} diff -bBru /tmp/snortsam/files/patch-ssp_ipfw2.c snortsam/files/patch-ssp_ipfw2.c --- /tmp/snortsam/files/patch-ssp_ipfw2.c 2011-10-07 16:59:53.000000000 -0400 +++ snortsam/files/patch-ssp_ipfw2.c 2011-10-07 16:55:50.000000000 -0400 @@ -0,0 +1,13 @@ +--- src/ssp_ipfw2.c 2008-04-26 15:53:21.000000000 -0400 ++++ src/ssp_ipfw2.c 2011-10-07 15:47:50.000000000 -0400 +@@ -167,8 +167,8 @@ + printf("Debug: [ipfw2][%lx] command \"%s\"\n", (unsigned long)threadid, ipfw2cmd); + #endif + /* Run the command */ +- if (system(ipfw2cmd) ) ++ if ((system(ipfw2cmd) && 0xff) ) + { snprintf(msg,sizeof(msg)-1,"Error: Command \"%s\" Failed", ipfw2cmd); + logmessage(1,msg,"ipfw2",0); + } + else + >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201110072110.p97LADpl064497>