summaryrefslogtreecommitdiffstats
path: root/src/plugins/snort
diff options
context:
space:
mode:
authorKlement Sekera <ksekera@cisco.com>2021-11-19 11:49:48 +0100
committerDamjan Marion <dmarion@me.com>2021-11-22 10:07:38 +0000
commitc2810b32cde694a8e245a4f10aa5ce839ad866c7 (patch)
tree2f42ca8d66317d694d2c6041512103d1721c56da /src/plugins/snort
parent70f14ab4875ee078dafe0a038d423983017ec56f (diff)
snort: fix coverity warning
Add error handling for incomplete read. Type: fix Fixes: 839b1473e9 Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ibf1b2f633793510244ea1aa6af0902021aeb67ad
Diffstat (limited to 'src/plugins/snort')
-rw-r--r--src/plugins/snort/main.c13
1 files changed, 11 insertions, 2 deletions
diff --git a/src/plugins/snort/main.c b/src/plugins/snort/main.c
index d05b6310891..6b7e49a23ad 100644
--- a/src/plugins/snort/main.c
+++ b/src/plugins/snort/main.c
@@ -195,9 +195,18 @@ snort_deq_ready (clib_file_t *uf)
snort_per_thread_data_t *ptd =
vec_elt_at_index (sm->per_thread_data, vm->thread_index);
u64 counter;
+ ssize_t bytes_read;
- if (read (uf->file_descriptor, &counter, sizeof (counter)) < 0)
- return clib_error_return (0, "client closed socket");
+ bytes_read = read (uf->file_descriptor, &counter, sizeof (counter));
+ if (bytes_read < 0)
+ {
+ return clib_error_return (0, "client closed socket");
+ }
+
+ if (bytes_read < sizeof (counter))
+ {
+ return clib_error_return (0, "unexpected truncated read");
+ }
clib_interrupt_set (ptd->interrupts, uf->private_data);
vlib_node_set_interrupt_pending (vm, snort_deq_node.index);