ips/drop-log: fix crash on logging drops

author Victor Julien <victor@inliniac.net>

Thu, 10 Dec 2015 08:58:52 +0000 (09:58 +0100)

committer Victor Julien <victor@inliniac.net>

Thu, 10 Dec 2015 09:27:38 +0000 (10:27 +0100)
author Victor Julien <victor@inliniac.net>
Thu, 10 Dec 2015 08:58:52 +0000 (09:58 +0100)
committer Victor Julien <victor@inliniac.net>
Thu, 10 Dec 2015 09:27:38 +0000 (10:27 +0100)
diff --git a/src/log-droplog.c b/src/log-droplog.c

index 6eafd9d5ef93b446fe3cb1a24efae8bb9da4a37c..67cbd1b1ad4ae8eac594913455b9551ba68f4cad 100644 (file)
--- a/src/log-droplog.c
+++ b/src/log-droplog.c
@@ -224,30 +224,34 @@ static int LogDropLogNetFilter (ThreadVars *tv, const Packet *p, void *data)
  
      switch (proto) {
          case IPPROTO_TCP:
-            fprintf(dlt->file_ctx->fp, " SPT=%"PRIu16" DPT=%"PRIu16" "
-                    "SEQ=%"PRIu32" ACK=%"PRIu32" WINDOW=%"PRIu32"",
-                    GET_TCP_SRC_PORT(p), GET_TCP_DST_PORT(p), TCP_GET_SEQ(p),
-                    TCP_GET_ACK(p), TCP_GET_WINDOW(p));
-            fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_SYN(p) ? " SYN" : "");
-            fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_ACK(p) ? " ACK" : "");
-            fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_PUSH(p) ? " PSH" : "");
-            fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_RST(p) ? " RST" : "");
-            fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_URG(p) ? " URG" : "");
-            fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_FIN(p) ? " FIN" : "");
-            fprintf(dlt->file_ctx->fp, " RES=0x%02"PRIu8" URGP=%"PRIu16"",
-                    TCP_GET_RAW_X2(p->tcph), TCP_GET_URG_POINTER(p));
+            if (PKT_IS_TCP(p)) {
+                fprintf(dlt->file_ctx->fp, " SPT=%"PRIu16" DPT=%"PRIu16" "
+                        "SEQ=%"PRIu32" ACK=%"PRIu32" WINDOW=%"PRIu32"",
+                        GET_TCP_SRC_PORT(p), GET_TCP_DST_PORT(p), TCP_GET_SEQ(p),
+                        TCP_GET_ACK(p), TCP_GET_WINDOW(p));
+                fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_SYN(p) ? " SYN" : "");
+                fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_ACK(p) ? " ACK" : "");
+                fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_PUSH(p) ? " PSH" : "");
+                fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_RST(p) ? " RST" : "");
+                fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_URG(p) ? " URG" : "");
+                fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_FIN(p) ? " FIN" : "");
+                fprintf(dlt->file_ctx->fp, " RES=0x%02"PRIu8" URGP=%"PRIu16"",
+                        TCP_GET_RAW_X2(p->tcph), TCP_GET_URG_POINTER(p));
+            }
              break;
          case IPPROTO_UDP:
-            fprintf(dlt->file_ctx->fp, " SPT=%"PRIu16" DPT=%"PRIu16""
-                    " LEN=%"PRIu16"", UDP_GET_SRC_PORT(p),
-                    UDP_GET_DST_PORT(p), UDP_GET_LEN(p));
+            if (PKT_IS_UDP(p)) {
+                fprintf(dlt->file_ctx->fp, " SPT=%"PRIu16" DPT=%"PRIu16""
+                        " LEN=%"PRIu16"", UDP_GET_SRC_PORT(p),
+                        UDP_GET_DST_PORT(p), UDP_GET_LEN(p));
+            }
              break;
          case IPPROTO_ICMP:
              if (PKT_IS_ICMPV4(p)) {
                  fprintf(dlt->file_ctx->fp, " TYPE=%"PRIu8" CODE=%"PRIu8""
                          " ID=%"PRIu16" SEQ=%"PRIu16"", ICMPV4_GET_TYPE(p),
                          ICMPV4_GET_CODE(p), ICMPV4_GET_ID(p), ICMPV4_GET_SEQ(p));
-            } else if(PKT_IS_ICMPV6(p)) {
+            } else if (PKT_IS_ICMPV6(p)) {
                  fprintf(dlt->file_ctx->fp, " TYPE=%"PRIu8" CODE=%"PRIu8""
                          " ID=%"PRIu16" SEQ=%"PRIu16"", ICMPV6_GET_TYPE(p),
                          ICMPV6_GET_CODE(p), ICMPV6_GET_ID(p), ICMPV6_GET_SEQ(p));
diff --git a/src/output-json-drop.c b/src/output-json-drop.c

index c9b01df834958e8cf47a26f3a2e077e3929f06ab..68c14d9b5d9881c277baf51c01fd5aebf60f8712 100644 (file)
--- a/src/output-json-drop.c
+++ b/src/output-json-drop.c
@@ -114,20 +114,24 @@ static int DropLogJSON (JsonDropLogThread *aft, const Packet *p)
      }
      switch (proto) {
          case IPPROTO_TCP:
-            json_object_set_new(djs, "tcpseq", json_integer(TCP_GET_SEQ(p)));
-            json_object_set_new(djs, "tcpack", json_integer(TCP_GET_ACK(p)));
-            json_object_set_new(djs, "tcpwin", json_integer(TCP_GET_WINDOW(p)));
-            json_object_set_new(djs, "syn", TCP_ISSET_FLAG_SYN(p) ? json_true() : json_false());
-            json_object_set_new(djs, "ack", TCP_ISSET_FLAG_ACK(p) ? json_true() : json_false());
-            json_object_set_new(djs, "psh", TCP_ISSET_FLAG_PUSH(p) ? json_true() : json_false());
-            json_object_set_new(djs, "rst", TCP_ISSET_FLAG_RST(p) ? json_true() : json_false());
-            json_object_set_new(djs, "urg", TCP_ISSET_FLAG_URG(p) ? json_true() : json_false());
-            json_object_set_new(djs, "fin", TCP_ISSET_FLAG_FIN(p) ? json_true() : json_false());
-            json_object_set_new(djs, "tcpres", json_integer(TCP_GET_RAW_X2(p->tcph)));
-            json_object_set_new(djs, "tcpurgp", json_integer(TCP_GET_URG_POINTER(p)));
+            if (PKT_IS_TCP(p)) {
+                json_object_set_new(djs, "tcpseq", json_integer(TCP_GET_SEQ(p)));
+                json_object_set_new(djs, "tcpack", json_integer(TCP_GET_ACK(p)));
+                json_object_set_new(djs, "tcpwin", json_integer(TCP_GET_WINDOW(p)));
+                json_object_set_new(djs, "syn", TCP_ISSET_FLAG_SYN(p) ? json_true() : json_false());
+                json_object_set_new(djs, "ack", TCP_ISSET_FLAG_ACK(p) ? json_true() : json_false());
+                json_object_set_new(djs, "psh", TCP_ISSET_FLAG_PUSH(p) ? json_true() : json_false());
+                json_object_set_new(djs, "rst", TCP_ISSET_FLAG_RST(p) ? json_true() : json_false());
+                json_object_set_new(djs, "urg", TCP_ISSET_FLAG_URG(p) ? json_true() : json_false());
+                json_object_set_new(djs, "fin", TCP_ISSET_FLAG_FIN(p) ? json_true() : json_false());
+                json_object_set_new(djs, "tcpres", json_integer(TCP_GET_RAW_X2(p->tcph)));
+                json_object_set_new(djs, "tcpurgp", json_integer(TCP_GET_URG_POINTER(p)));
+            }
              break;
          case IPPROTO_UDP:
-            json_object_set_new(djs, "udplen", json_integer(UDP_GET_LEN(p)));
+            if (PKT_IS_UDP(p)) {
+                json_object_set_new(djs, "udplen", json_integer(UDP_GET_LEN(p)));
+            }
              break;
          case IPPROTO_ICMP:
              if (PKT_IS_ICMPV4(p)) {
author	Victor Julien <victor@inliniac.net>
	Thu, 10 Dec 2015 08:58:52 +0000 (09:58 +0100)
committer	Victor Julien <victor@inliniac.net>
	Thu, 10 Dec 2015 09:27:38 +0000 (10:27 +0100)
src/log-droplog.c		patch \| blob \| blame \| history
src/output-json-drop.c		patch \| blob \| blame \| history