Changeset 1506
- Timestamp:
- 01/13/08 22:02:05 (9 months ago)
- Files:
-
- honeytrap/trunk/ChangeLog (modified) (1 diff)
- honeytrap/trunk/src/modules/htm_ClamAV.c (modified) (3 diffs)
- honeytrap/trunk/src/modules/htm_SaveFile.c (modified) (3 diffs)
- honeytrap/trunk/src/modules/htm_ftpDownload.c (modified) (5 diffs)
- honeytrap/trunk/src/modules/htm_httpDownload.c (modified) (2 diffs)
- honeytrap/trunk/src/modules/htm_submitMWserv.c (modified) (16 diffs)
- honeytrap/trunk/src/pcapmon.c (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
honeytrap/trunk/ChangeLog
r1440 r1506 1 1 Version 1.0.1 2 - Code cleanup: asprintf() 3 - Error handling for failed malloc()'s where it was missing 2 4 - Fix: Improper logging of IP address pairs 3 5 Version 1.0.0 honeytrap/trunk/src/modules/htm_ClamAV.c
r1281 r1506 142 142 unsigned long int size; 143 143 struct s_download *sample; 144 char tmpfile[256];144 char *tmpfile; 145 145 const char *virusname; 146 146 … … 165 165 166 166 /* libclamav can only scan files, so dump data to a secure temp file */ 167 memset(tmpfile, 0, 256); 168 if ((size = snprintf(tmpfile, 256, "%s/honeytrap-clamav-XXXXXX", temp_dir)) > 255) { 169 logmsg(LOG_ERR, 1, "ClamAV error - Unable to create temporary file: filename too long.\n"); 170 return(-1); 171 } 172 if (!size) { 173 logmsg(LOG_ERR, 1, "ClamAV error - Unable to create temporary file: %s.\n", strerror(errno)); 167 if (asprintf(&tmpfile, "%s/honeytrap-clamav-XXXXXX", temp_dir) == -1) { 168 logmsg(LOG_ERR, 1, "ClamAV error - Unable to create temporary file: %m.\n"); 174 169 return(-1); 175 170 } … … 192 187 break; 193 188 case CL_VIRUS: 194 // snprintf(outstring, sizeof(outstring), "%s %s", CLAMAV_VIRUSFOUND_STR, virusname);195 189 logmsg(LOG_INFO, 1, "ClamAV - Sample %u is infected with '%s'.\n", num_scanned+1, virusname); 196 190 break; honeytrap/trunk/src/modules/htm_SaveFile.c
r1281 r1506 17 17 * are dumped into a download directory. 18 18 */ 19 20 #define _GNU_SOURCE 1 19 21 20 22 #include <stdio.h> … … 126 128 } 127 129 128 if ((filename = (char *) malloc(strlen(attacks_dir) + strlen(proto_str) + 34)) == NULL) {129 logmsg(LOG_ERR, 1, "SaveFile error - Unable to allocate memory: %s\n", strerror(errno));130 return(-1);131 }132 bzero(filename, strlen(attacks_dir)+34);133 134 130 /* assemble filename */ 135 131 loc_time = time(NULL); 136 132 if((file_time = localtime(&loc_time)) == NULL) { 137 133 logmsg(LOG_WARN, 1, "SaveFile warning - Unable to get local time for filename.\n"); 138 sprintf(filename, "%s/from_port_%u-%s_%u", attacks_dir, attack->a_conn.l_port, proto_str, getpid()); 134 if (asprintf(&filename, "%s/from_port_%u-%s_%u", attacks_dir, attack->a_conn.l_port, proto_str, getpid()) == -1) { 135 logmsg(LOG_ERR, 1, "SaveFile error - Unable to create filename: %m.\n"); 136 return(-1); 137 } 139 138 } else { 140 sprintf(filename, "%s/from_port_%u-%s_%u_%04d-%02d-%02d", attacks_dir, attack->a_conn.l_port, proto_str, 141 getpid(), file_time->tm_year+1900, file_time->tm_mon+1, file_time->tm_mday); 139 if (asprintf(&filename, "%s/from_port_%u-%s_%u_%04d-%02d-%02d", attacks_dir, attack->a_conn.l_port, proto_str, 140 getpid(), file_time->tm_year+1900, file_time->tm_mon+1, file_time->tm_mday) == -1) { 141 logmsg(LOG_ERR, 1, "SaveFile error - Unable to create filename: %m.\n"); 142 return(-1); 143 } 142 144 } 143 145 … … 164 166 /* save file */ 165 167 /* we need the length of directory + "/" + filename plus md5 checksum */ 166 mwfilename = (char *) malloc(strlen(downloads_dir)+strlen(attack->download[i].filename)+35);167 snprintf(mwfilename, strlen(downloads_dir)+strlen(attack->download[i].filename)+35, "%s/%s-%s",168 downloads_dir,169 mem_md5sum(attack->download[i].dl_payload.data, attack->download[i].dl_payload.size),170 attack->download[i].filename);168 if (asprintf(&mwfilename, "%s/%s-%s", downloads_dir, mem_md5sum(attack->download[i].dl_payload.data, 169 attack->download[i].dl_payload.size), attack->download[i].filename) == -1) { 170 logmsg(LOG_ERR, 1, "SaveFile error - Unable to create filename: %m.\n"); 171 return(-1); 172 } 171 173 logmsg(LOG_DEBUG, 1, "SaveFile - Malware sample dumpfile name is %s\n", mwfilename); 172 174 if (((dumpfile_fd = open(mwfilename, O_WRONLY | O_CREAT | O_EXCL)) < 0) || honeytrap/trunk/src/modules/htm_ftpDownload.c
r1408 r1506 15 15 * It performs the downloads with an own ftp implementation. 16 16 */ 17 18 #define _GNU_SOURCE 1 17 19 18 20 #include <arpa/inet.h> … … 393 395 394 396 logmsg(LOG_NOISY, 1, "FTP download - Sending 'USER %s'.\n", user); 395 if ((ftp_command = (char *) realloc(ftp_command, 5 + strlen(user) + 3)) == NULL) { 396 logmsg(LOG_ERR, 1, "FTP download error - Unable to allocate memory: %s.\n", strerror(errno)); 397 shutdown(control_sock_fd, 1); 398 return(-1); 399 } 400 401 snprintf(ftp_command, 5 + strlen(user) + 3, "USER %s\r\n", user); 397 if (asprintf(&ftp_command, "USER %s\r\n", user) == -1) { 398 logmsg(LOG_ERR, 1, "FTP download error - Unable to create USER command: %m.\n"); 399 return(-1); 400 } 401 402 402 if (write(control_sock_fd, ftp_command, strlen(ftp_command))) { 403 403 logmsg(LOG_DEBUG, 1, "FTP download - USER sent.\n"); … … 414 414 /* send PASS */ 415 415 while ((strstr(rline, "331") == rline) && (strstr(rline, "230") != rline)) { 416 logmsg(LOG_NOISY, 1, "FTP download - Sending 'PASS %s'.\n", pass); 417 if ((ftp_command = (char *) realloc(ftp_command, 5 + strlen(pass) + 3)) == NULL) { 418 logmsg(LOG_ERR, 1, "FTP download error - Unable to allocate memory: %s.\n", strerror(errno)); 419 shutdown(control_sock_fd, 1); 420 return(-1); 421 } 422 snprintf(ftp_command, 5 + strlen(pass) + 3, "PASS %s\r\n", pass); 416 free(ftp_command); 417 if (asprintf(&ftp_command, "PASS %s\r\n", pass) == -1) { 418 logmsg(LOG_ERR, 1, "FTP download error - Unable to create PASS command: %m.\n"); 419 return(-1); 420 } 423 421 if (write(control_sock_fd, ftp_command, strlen(ftp_command))) { 424 422 logmsg(LOG_DEBUG, 1, "FTP download - PASS sent.\n"); … … 556 554 ip_octet[0], ip_octet[1], ip_octet[2], ip_octet[3], 557 555 ftp_port.first_half, ftp_port.second_half); 558 if ((ftp_command = (char *) realloc(ftp_command, 30)) == NULL) { 559 logmsg(LOG_ERR, 1, "FTP download error - Unable to allocate memory: %s\n.", strerror(errno)); 560 close(data_sock_listen_fd); 561 shutdown(control_sock_fd, 1); 562 return(-1); 563 } 564 snprintf(ftp_command, 30, "PORT %u,%u,%u,%u,%u,%u\r\n", ip_octet[0], ip_octet[1], 565 ip_octet[2], ip_octet[3], ftp_port.first_half, ftp_port.second_half); 556 free(ftp_command); 557 if (asprintf(&ftp_command, "PORT %u,%u,%u,%u,%u,%u\r\n", ip_octet[0], ip_octet[1], 558 ip_octet[2], ip_octet[3], ftp_port.first_half, ftp_port.second_half) == -1) { 559 logmsg(LOG_ERR, 1, "FTP download error - Unable to create PORT command: %m.\n"); 560 return(-1); 561 } 566 562 if (write(control_sock_fd, ftp_command, strlen(ftp_command)) == strlen(ftp_command)) { 567 563 logmsg(LOG_DEBUG, 1, "FTP download - PORT sent.\n"); … … 580 576 /* send RETR to retrieve file */ 581 577 logmsg(LOG_NOISY, 1, "FTP download - Sending 'RETR %s'.\n", save_file); 582 if ((ftp_command = (char *) realloc(ftp_command, 5 + strlen(save_file) + 3)) == NULL) { 583 logmsg(LOG_ERR, 1, "FTP download error - Unable to allocate memory: %s.\n", strerror(errno)); 584 close(data_sock_listen_fd); 585 shutdown(control_sock_fd, 1); 586 return(-1); 587 } 588 snprintf(ftp_command, 5 + strlen(save_file) + 3, "RETR %s\r\n", save_file); 578 free(ftp_command); 579 if (asprintf(&ftp_command, "RETR %s\r\n", save_file) == -1) { 580 logmsg(LOG_ERR, 1, "FTP download error - Unable to create RETR command: %m.\n"); 581 return(-1); 582 } 589 583 if (write(control_sock_fd, ftp_command, strlen(ftp_command))) { 590 584 logmsg(LOG_DEBUG, 1, "FTP download - RETR sent.\n"); 585 free(ftp_command); 591 586 } else { 592 587 logmsg(LOG_ERR, 1, "FTP download error - Unable to write to control socket: %s.\n", strerror(errno)); 588 free(ftp_command); 593 589 close(data_sock_fd); 594 590 shutdown(control_sock_fd, 1); honeytrap/trunk/src/modules/htm_httpDownload.c
r1427 r1506 15 15 * Matches are passed to an external program, i.e. wget. 16 16 */ 17 18 #define _GNU_SOURCE 1 17 19 18 20 #include <arpa/inet.h> … … 187 189 188 190 /* assemble wget download command and execute it */ 189 if ((cmd = malloc(strlen(http_program)+strlen(http_options)+strlen(start)+3)) == NULL) { 190 logmsg(LOG_ERR, 1, "HTTP download error - Unable to allocate memory: %m.\n"); 191 return(0); 192 } 193 snprintf(cmd, 194 strlen(http_program)+strlen(http_options)+strlen(start)+3, 195 "%s %s %s", http_program, http_options, start); 191 asprintf(&cmd, "%s %s %s", http_program, http_options, start); 196 192 logmsg(LOG_DEBUG, 1, "HTTP download - Calling '%s'.\n", cmd); 197 193 if ((f = popen(cmd, "r")) == NULL) { honeytrap/trunk/src/modules/htm_submitMWserv.c
r1489 r1506 12 12 * 13 13 * Description: 14 * s ubmit sampels to a central repository14 * still to come... 15 15 */ 16 16 … … 33 33 #include <arpa/inet.h> 34 34 35 #include <curl .h>35 #include <curl/curl.h> 36 36 37 37 #include <conftree.h> … … 51 51 #define TSS_OK 2 52 52 #define TSS_HEARTBEAT 3 53 #define TSS_INCOMPLETE 454 53 55 54 #define ST_SUBMIT 1 … … 62 61 63 62 static const char *config_keywords[] = { 64 "mwserv -url",63 "mwserv_url", 65 64 "guid", 66 65 "maintainer", … … 68 67 }; 69 68 70 c har *mwserv_url;69 const char *mwserv_url; 71 70 72 71 const char *guid; … … 114 113 node->val = node->val->next; 115 114 116 if OPT_IS("mwserv -url") {115 if OPT_IS("mwserv_url") { 117 116 mwserv_url = value; 118 117 } else if OPT_IS("guid") { … … 140 139 141 140 logmsg(LOG_DEBUG, 1, "SavePostgres - Building generic malware resource URI.\n"); 141 142 142 return(asprintf(uri, "%s://%s:%s@%s:%d/%s:%s", 143 143 download.dl_type, … … 166 166 167 167 int response_code(const bstr *response) { 168 if (response->len >= 9 && memcmp(response->data, "UNKNOWN", 7) == 0) return(TSS_UNKNOWN); 169 if (response->len >= 4 && memcmp(response->data, "OK", 2) == 0) return(TSS_OK); 170 // if (response->len >= 7 && memcmp(response->data, "ERROR: ", 7) == 0) return(TSS_ERROR); 171 // if (response->len >= 11 && memcmp(response->data, "HEARTBEAT: ", 4) == 0) return(TSS_HEARTBEAT); 172 return(TSS_ERROR); 173 } 174 168 if (response->len >= 7 && memcmp(response->data, "ERROR: ", 7) == 0) return(TSS_ERROR); 169 if (response->len >= 9 && memcmp(response->data, "UNKNOWN: ", 9) == 0) return(TSS_UNKNOWN); 170 if (response->len >= 4 && memcmp(response->data, "OK: ", 4) == 0) return(TSS_OK); 171 if (response->len >= 11 && memcmp(response->data, "HEARTBEAT: ", 4) == 0) return(TSS_HEARTBEAT); 172 return(-1); 173 } 174 175 176 int check_response(const bstr *response) { 177 switch(response_code(response)) { 178 case TSS_OK: 179 logmsg(LOG_NOISY, 1, "SubmitMWServ - Server returned transfer status OK.\n"); 180 return(TSS_OK); 181 case TSS_HEARTBEAT: 182 logmsg(LOG_NOISY, 1, "SubmitMWServ - Server returned transfer status HEARTBEAT.\n"); 183 return(TSS_HEARTBEAT); 184 case TSS_ERROR: 185 logmsg(LOG_ERR, 1, "SubmitMWServ - Server returned transfer status ERROR.\n"); 186 return(TSS_ERROR); 187 case TSS_UNKNOWN: 188 logmsg(LOG_ERR, 1, "SubmitMWServ - Server returned status UNKNOWN.\n"); 189 return(TSS_UNKNOWN); 190 default: 191 return(0); 192 } 193 194 } 175 195 176 196 int transfer_data(CURLM *mhandle, const bstr *response) { 177 int max_fd, rv, handles ;197 int max_fd, rv, handles, resp; 178 198 fd_set rfds, wfds, efds; 179 199 struct timeval select_timeout; … … 208 228 case 0: 209 229 logmsg(LOG_WARN, 1, "SubmitMWServ Warning - Select timed out.\n"); 210 211 switch(response_code(response)) { 212 case TSS_ERROR: 213 return(TSS_ERROR); 214 case TSS_UNKNOWN: 215 return(TSS_UNKNOWN); 216 case TSS_OK: 217 return(TSS_OK); 218 case TSS_INCOMPLETE: 219 default: 220 return(TSS_ERROR); 221 } 222 230 if ((resp = check_response(response)) == -1) return(-1); 231 else if (resp == 1) return(1); 223 232 break; 224 233 default: … … 229 238 while(curl_multi_perform(mhandle, &handles) == CURLM_CALL_MULTI_PERFORM && handles); 230 239 231 switch(response_code(response)) { 232 case TSS_ERROR: 233 return(TSS_ERROR); 234 case TSS_UNKNOWN: 235 return(TSS_UNKNOWN); 236 case TSS_OK: 237 return(TSS_OK); 238 case TSS_INCOMPLETE: 239 default: 240 continue; 241 } 242 break; 240 if ((resp = check_response(response)) == -1) return(-1); 241 else if (resp == 1) return(1); 243 242 } 244 243 } … … 247 246 248 247 249 struct curl_httppost *init_handle(CURLM **multihandle, CURL **curlhandle, const Attack *a, const int dlnum, 248 struct curl_httppost *init_handle(CURLM **multihandle, CURL **curlhandle, 249 const u_char *data, const u_int32_t len, 250 250 const char* uri, const bstr *response, const u_char type) { 251 251 … … 253 253 struct curl_httppost *pinfo; 254 254 struct curl_httppost *pinfo_last; 255 char *saddr_str, *daddr_str; 256 257 pinfo = pinfo_last = NULL; 258 259 if (((daddr_str = strdup(inet_ntoa(*(struct in_addr *)&(a->download[dlnum].l_addr)))) == NULL) || 260 ((saddr_str = strdup(inet_ntoa(*(struct in_addr *)&(a->download[dlnum].r_addr)))) == NULL)) { 261 logmsg(LOG_ERR, 1, "SubmitMWServ Error - Unable to allocate memory: %m.\n"); 262 return(NULL); 263 } 255 256 pinfo = pinfo_last = NULL; 264 257 265 258 logmsg(LOG_DEBUG, 1, "SubmitMWServ - Creating easy handle.\n"); … … 278 271 curl_formadd(&pinfo, &pinfo_last, CURLFORM_PTRNAME, "uri", 279 272 CURLFORM_PTRCONTENTS, uri, CURLFORM_CONTENTSLENGTH, strlen(uri), CURLFORM_END); 280 curl_formadd(&pinfo, &pinfo_last, CURLFORM_PTRNAME, "sha512",281 CURLFORM_PTRCONTENTS, a->download[dlnum].dl_payload.sha512sum, CURLFORM_END);282 curl_formadd(&pinfo, &pinfo_last, CURLFORM_PTRNAME, "saddr",283 CURLFORM_COPYCONTENTS, saddr_str, CURLFORM_END);284 curl_formadd(&pinfo, &pinfo_last, CURLFORM_PTRNAME, "daddr",285 CURLFORM_COPYCONTENTS, daddr_str, CURLFORM_END);286 287 free(saddr_str);288 free(daddr_str);289 290 switch(type) {291 case ST_HASHTEST:292 break;293 294 case ST_SUBMIT:295 296 curl_formadd(&pinfo, &pinfo_last, CURLFORM_PTRNAME, "data",297 CURLFORM_PTRCONTENTS, a->download[dlnum].dl_payload.data,298 CURLFORM_CONTENTSLENGTH, a->download[dlnum].dl_payload.size, CURLFORM_END);299 300 // attack: cli:port->srv:port, mode301 break;302 273 303 default: 304 logmsg(LOG_ERR, 1, "SubmitMWServ Error - Unknown message tyoe: %d.\n", type); 305 return(NULL); 306 } 274 curl_formadd(&pinfo, &pinfo_last, CURLFORM_PTRNAME, "data", 275 CURLFORM_PTRCONTENTS, data, 276 CURLFORM_CONTENTSLENGTH, len, 277 CURLFORM_END); 278 279 // attack: cli:port->srv:port, mode 307 280 308 281 curl_easy_setopt(*curlhandle, CURLOPT_HTTPPOST, pinfo); … … 338 311 bstr response; 339 312 313 340 314 /* no data - nothing todo */ 341 315 if (!attack->download) { … … 348 322 /* save malware */ 349 323 for (i=0; i<attack->dl_count; i++) { 350 if (build_uri(&uri, attack->download[i]) == -1) {351 logmsg(LOG_ERR, 1, "SubmitMWServ Error - Unable to create URI: %m.\n");352 return(0);353 }354 logmsg(LOG_DEBUG, 1, "SubmitMWServ - Sampel URI is '%s'\n", uri);355 356 357 324 // test hash 358 325 logmsg(LOG_INFO, 1, "SubmitMWServ - Checking SHA512 hash at %s.\n", mwserv_url); 359 326 memset(&response, 0, sizeof(bstr)); 360 327 361 if ((pinfo = init_handle(&multihandle, &curlhandle, attack, i, uri, &response, ST_HASHTEST)) == NULL) { 328 if ((pinfo = init_handle(&multihandle, &curlhandle, 329 attack->download[i].dl_payload.data, attack->download[i].dl_payload.size, 330 uri, &response, ST_HASHTEST)) == NULL) { 362 331 free(response.data); 363 332 return(0); 364 333 } 365 334 366 367 // check transfer status 368 switch(transfer_data(multihandle, &response)) { 369 case TSS_OK: 370 logmsg(LOG_NOTICE, 1, "SubmitMWServ - Sample is already present, skipping submission.\n"); 371 return(1); 372 case TSS_UNKNOWN: 373 logmsg(LOG_NOTICE, 1, "SubmitMWServ - Sample is unknown, preparing submission.\n"); 374 break; 375 case TSS_ERROR: 335 if (transfer_data(multihandle, &response) == TSS_OK) 336 logmsg(LOG_NOTICE, 1, "SubmitMWServ - Sample is already present at %s, skipping submission.\n", mwserv_url); 337 elseif ( 338 else 376 339 logmsg(LOG_ERR, 1, "SubmitMWServ Error - Hash test failed.\n"); 340 341 free(response.data); 342 343 344 // submit sample 345 logmsg(LOG_INFO, 1, "SubmitMWServ - Submitting sample to %s.\n", mwserv_url); 346 347 if (build_uri(&uri, attack->download[i]) == -1) { 348 logmsg(LOG_ERR, 1, "SubmitMWServ Error - Unable to create URI: %m.\n"); 377 349 return(0); 378 default: 379 logmsg(LOG_ERR, 1, "SubmitMWServ Error - Unknown server response.\n"); 350 } 351 352 memset(&response, 0, sizeof(bstr)); 353 354 if ((pinfo = init_handle(&multihandle, &curlhandle, 355 attack->download[i].dl_payload.data, attack->download[i].dl_payload.size, 356 uri, &response, ST_SUBMIT)) == NULL) { 357 free(uri); 358 free(response.data); 380 359 return(0); 381 360 } 382 361 383 384 // prepare sample submission form 362 if (transfer_data(multihandle, &response) == TSS_OK) 363 logmsg(LOG_NOTICE, 1, "SubmitMWServ - Sample successfully submitted to %s.\n", mwserv_url); 364 else 365 logmsg(LOG_ERR, 1, "SubmitMWServ Error - Sample submission failed.\n"); 366 367 free(uri); 385 368 free(response.data); 369 386 370 if (multihandle) { 387 371 curl_multi_remove_handle(multihandle, curlhandle); … … 391 375 if (pinfo) curl_formfree(pinfo); 392 376 if (curlhandle) curl_easy_cleanup(curlhandle); 393 394 395 // submit sample396 logmsg(LOG_INFO, 1, "SubmitMWServ - Submitting sample to %s.\n", mwserv_url);397 memset(&response, 0, sizeof(bstr));398 399 if ((pinfo = init_handle(&multihandle, &curlhandle, attack, i, uri, &response, ST_SUBMIT)) == NULL) {400 free(uri);401 free(response.data);402 return(0);403 }404 405 if (transfer_data(multihandle, &response) == TSS_OK)406 logmsg(LOG_NOTICE, 1, "SubmitMWServ - Sample successfully submitted to %s.\n", mwserv_url);407 else408 logmsg(LOG_ERR, 1, "SubmitMWServ Error - Sample submission failed.\n");409 410 free(uri);411 free(response.data);412 413 if (multihandle) {414 curl_multi_remove_handle(multihandle, curlhandle);415 curl_multi_cleanup(multihandle);416 multihandle = NULL;417 }418 if (pinfo) curl_formfree(pinfo);419 if (curlhandle) curl_easy_cleanup(curlhandle);420 377 } 421 378 honeytrap/trunk/src/pcapmon.c
r1361 r1506 1 /* pcapmon.c1 * pcapmon.c 2 2 * Copyright (C) 2006-2007 Tillmann Werner <tillmann.werner@gmx.de> 3 3 * … … 319 319 /* determine ip address of device */ 320 320 if (dev == NULL) { 321 dev = (char *) malloc(4); 322 dev = "any"; 321 if ((dev = strdup("any")) == NULL) { 322 fprintf(stderr, "Error - Unable to allocate memory: %m.\n"); 323 exit(EXIT_FAILURE); 324 } 323 325 } else if ((strcmp(dev, "any") != 0)) { 324 326 /* lookup net address and netmask for interface */ … … 351 353 &(((struct sockaddr_in *)curaddr->addr)->sin_addr))); 352 354 if (!bpf_ip_filter) { 353 bpf_ip_filter = (char *) malloc(newstrsize+1); 354 snprintf(bpf_ip_filter, newstrsize+1, "%s%c", 355 if ((bpf_ip_filter = (char *) malloc(newstrsize+1)) == NULL) { 356 fprintf(stderr, "Error - Unable to allocate memory: %m.\n"); 357 exit(EXIT_FAILURE); 358 } 359 snprintf(bpf_ip_filter, "%s%c", 355 360 inet_ntoa(*(struct in_addr*) 356 361 &(((struct sockaddr_in *)curaddr->addr)->sin_addr)), 0); 357 362 } else { 358 bpf_ip_filter = (char *) realloc(bpf_ip_filter, oldstrsize+21); 363 if ((bpf_ip_filter = (char *) realloc(bpf_ip_filter, oldstrsize+21)) == NULL) { 364 fprintf(stderr, "Error - Unable to allocate memory: %m.\n"); 365 exit(EXIT_FAILURE); 366 } 359 367 snprintf(bpf_ip_filter+oldstrsize, 21, " or %s%c", 360 368 inet_ntoa(*(struct in_addr*) … … 377 385 if (ip_cmd_opt) { 378 386 /* add ip address from -a command line option to filter string */ 379 bpf_filter_string = (char *) realloc(bpf_filter_string, strlen(bpf_filter_string)+37); 387 if ((bpf_filter_string = (char *) realloc(bpf_filter_string, strlen(bpf_filter_string)+37)) == NULL) { 388 fprintf(stderr, "Error - Unable to allocate memory: %m.\n"); 389 exit(EXIT_FAILURE); 390 } 380 391 snprintf(bpf_filter_string+strlen(bpf_filter_string), 381 392 strlen((char *) inet_ntoa(*(struct in_addr*)ip_cmd_opt->h_addr_list[0]))+17, … … 383 394 } else if (bpf_ip_filter) { 384 395 /* add addresses guessed from interfaces to bpf string */ 385 bpf_filter_string = (char *) realloc(bpf_filter_string, strlen(bpf_filter_string)+strlen(bpf_ip_filter)+19); 396 if ((bpf_filter_string = (char *) realloc(bpf_filter_string, strlen(bpf_filter_string)+strlen(bpf_ip_filter)+19)) == NULL) { 397 fprintf(stderr, "Error - Unable to allocate memory: %m.\n"); 398 exit(EXIT_FAILURE); 399 } 386 400 snprintf(bpf_filter_string + strlen(bpf_filter_string), strlen(bpf_ip_filter)+19, 387 401 " and (src host (%s))%c", bpf_ip_filter, 0); … … 390 404 /* add bpf expression from command line */ 391 405 if (bpf_cmd_ext) { 392 if ( !(bpf_filter_string = (char *)realloc(bpf_filter_string,393 strlen(bpf_filter_string)+strlen(bpf_cmd_ext)+8)) ) {406 if ((bpf_filter_string = (char *)realloc(bpf_filter_string, 407 strlen(bpf_filter_string)+strlen(bpf_cmd_ext)+8)) == NULL) { 394 408 fprintf(stderr, " Error - Unable to allocate memory: %m.\n"); 395 409 exit(EXIT_FAILURE);
