From 1a0fdbd293a5551a5886ea8ac55c916f3ea4fdd9 Mon Sep 17 00:00:00 2001
From: "Russ Combs (rucombs)" <rucombs@cisco.com>
Date: Wed, 17 Apr 2019 15:30:27 -0400
Subject: [PATCH] Merge pull request #1580 in SNORT/snort3 from
 ~RUCOMBS/snort3:build_253 to master

Squashed commit of the following:

commit 9aaeea54ba6a8d1d0f43ba62fd8d5b5b38301ee3
Author: russ <rucombs@cisco.com>
Date:   Wed Apr 17 15:01:30 2019 -0400

    build: generate and tag build 253

commit ea566c80783dd1f43b4dbee6a08c142a26d5aa3b
Author: russ <rucombs@cisco.com>
Date:   Wed Apr 17 15:02:14 2019 -0400

    cppcheck: remove unused code and related cruft
---
 ChangeLog                       |  15 +++
 src/filters/detection_filter.cc |   3 -
 src/filters/detection_filter.h  |   2 -
 src/filters/rate_filter.cc      | 102 ------------------
 src/filters/rate_filter.h       |   2 -
 src/filters/sfthreshold.cc      | 177 --------------------------------
 src/filters/sfthreshold.h       |   4 +-
 src/log/messages.cc             |  13 ---
 src/log/messages.h              |   1 -
 src/main/build.h                |   2 +-
 src/main/snort_config.cc        |   6 --
 src/managers/module_manager.cc  |   3 -
 src/managers/module_manager.h   |   1 -
 src/parser/parser.cc            |  23 -----
 src/parser/parser.h             |   4 +-
 src/utils/stats.cc              |  19 ++--
 16 files changed, 26 insertions(+), 351 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 0307e4c0f..d487770ee 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+19/04/17 - build 253
+
+-- build: delete unused code called out by cppcheck
+-- doc: remove mention of obsolete LUA_PATH, SNORT_LUA_PATH, and required snort_config library
+-- flow_cache: Pruning one stream when excess pruning skips even if max_sessions is reached
+-- ftp_server: fix normalization and PDU parsing issues
+-- helpers: directory: use readdir instead of readdir_r
+-- Lua: apply the necessary builtin defaults from one place
+-- Lua: internalize snort_config.lua dependency
+-- Lua: build-time stringify Lua files for use as C++ variables
+-- Lua: remove dependency on SNORT_LUA_PATH
+-- mime: fix decompression for multiple files
+-- parser: update include file handling
+-- parser: fix defaults for alerts.order and network.checksum_eval
+
 19/04/10 - build 252
 
 -- appid: Fix NetworkSet compilation on big-endian systems
diff --git a/src/filters/detection_filter.cc b/src/filters/detection_filter.cc
index e5e57d44d..2f3886c24 100644
--- a/src/filters/detection_filter.cc
+++ b/src/filters/detection_filter.cc
@@ -53,9 +53,6 @@ void DetectionFilterConfigFree(DetectionFilterConfig* config)
     snort_free(config);
 }
 
-void detection_filter_print_config(DetectionFilterConfig*)
-{ }
-
 int detection_filter_test(void* pv, const snort::SfIp* sip, const snort::SfIp* dip, long curtime)
 {
     if (pv == nullptr)
diff --git a/src/filters/detection_filter.h b/src/filters/detection_filter.h
index 377b851a0..60f6b8015 100644
--- a/src/filters/detection_filter.h
+++ b/src/filters/detection_filter.h
@@ -47,8 +47,6 @@ void DetectionFilterConfigFree(DetectionFilterConfig*);
 void detection_filter_init(DetectionFilterConfig*);
 void detection_filter_term();
 
-void detection_filter_print_config(DetectionFilterConfig*);
-
 int detection_filter_test(void*, const snort::SfIp* sip, const snort::SfIp* dip, long curtime);
 struct THD_NODE* detection_filter_create(DetectionFilterConfig*, struct THDX_STRUCT*);
 
diff --git a/src/filters/rate_filter.cc b/src/filters/rate_filter.cc
index 75c2dd4cd..cdeb2e975 100644
--- a/src/filters/rate_filter.cc
+++ b/src/filters/rate_filter.cc
@@ -37,8 +37,6 @@
 
 using namespace snort;
 
-//static int _printThresholdContext(RateFilterConfig*);
-
 RateFilterConfig* RateFilter_ConfigNew()
 {
     RateFilterConfig* rf_config = (RateFilterConfig*)snort_calloc(sizeof(*rf_config));
@@ -46,7 +44,6 @@ RateFilterConfig* RateFilter_ConfigNew()
     return rf_config;
 }
 
-/* Free threshold context */
 void RateFilter_ConfigFree(RateFilterConfig* config)
 {
     int i;
@@ -149,102 +146,3 @@ int RateFilter_Test(const OptTreeNode* otn, snort::Packet* p)
         sip, dip, p->pkth->ts.tv_sec, SFRF_COUNT_INCREMENT);
 }
 
-void RateFilter_PrintConfig(RateFilterConfig*)
-{
-    // FIXIT-L print from module
-    //_printThresholdContext(config);
-}
-
-#if 0
-static int _logConfigNode(tSFRFConfigNode* p)
-{
-    const char* trackBy = "?";
-    char buf[STD_BUF+1];
-    *buf = '\0';
-
-    // SnortSnprintfAppend(buf, STD_BUF, "| thd-id=%d", p->thd_id );
-
-    if ( p->gid == 0 )
-    {
-        SnortSnprintfAppend(buf, STD_BUF, "| gen-id=global");
-    }
-    else
-    {
-        SnortSnprintfAppend(buf, STD_BUF, "| gen-id=%-6d", p->gid);
-    }
-    if ( p->sid == 0 )
-    {
-        SnortSnprintfAppend(buf, STD_BUF, " sig-id=global");
-    }
-    else
-    {
-        SnortSnprintfAppend(buf, STD_BUF, " sig-id=%-10d", p->sid);
-    }
-
-    SnortSnprintfAppend(buf, STD_BUF, " policyId=%-10d", p->policyId);
-
-    switch ( p->tracking )
-    {
-    case SFRF_TRACK_BY_SRC: trackBy = "src"; break;
-    case SFRF_TRACK_BY_DST: trackBy = "dst"; break;
-    case SFRF_TRACK_BY_RULE: trackBy = "rule"; break;
-    default: break;
-    }
-    SnortSnprintfAppend(buf, STD_BUF, " tracking=%s", trackBy);
-    SnortSnprintfAppend(buf, STD_BUF, " count=%-3d", p->count);
-    SnortSnprintfAppend(buf, STD_BUF, " seconds=%-3d", p->seconds);
-
-    LogMessage("%s\n", buf);
-
-    return 1;
-}
-
-static int _printThresholdContext(RateFilterConfig* config)
-{
-    int gid;
-    int lcnt=0;
-
-    if (config == NULL)
-        return 0;
-
-    for ( gid=0; gid < SFRF_MAX_GENID; gid++ )
-    {
-        GHashNode* item_hash_node;
-        GHash* sfrf_hash = config->genHash [ gid ];
-
-        if ( !sfrf_hash )
-        {
-            continue;
-        }
-
-        for ( item_hash_node  = ghash_findfirst(sfrf_hash);
-            item_hash_node != 0;
-            item_hash_node  = ghash_findnext(sfrf_hash) )
-        {
-            tSFRFSidNode* sfrf_item;
-            tSFRFConfigNode* sfrf_node;
-
-            /* Check for any Permanent sid objects for this gid */
-            sfrf_item = (tSFRFSidNode*)item_hash_node->data;
-            SF_LNODE* cursor;
-
-            for ( sfrf_node  =
-                (tSFRFConfigNode*)sflist_first(sfrf_item->configNodeList, &cursor);
-                sfrf_node != 0;
-                sfrf_node =
-                (tSFRFConfigNode*)sflist_next(&cursor) )
-            {
-                if ( _logConfigNode(sfrf_node) != 0 )
-                    lcnt++;
-            }
-        }
-    }
-
-    if ( !lcnt )
-        LogMessage("| none\n");
-
-    return 0;
-}
-
-#endif
-
diff --git a/src/filters/rate_filter.h b/src/filters/rate_filter.h
index 314f1aa78..4890d3e94 100644
--- a/src/filters/rate_filter.h
+++ b/src/filters/rate_filter.h
@@ -37,8 +37,6 @@ void RateFilter_ConfigFree(RateFilterConfig*);
 void RateFilter_Cleanup();
 
 int RateFilter_Create(snort::SnortConfig* sc, RateFilterConfig*, tSFRFConfigNode*);
-void RateFilter_PrintConfig(RateFilterConfig*);
-
 int RateFilter_Test(const OptTreeNode*, snort::Packet*);
 
 #endif
diff --git a/src/filters/sfthreshold.cc b/src/filters/sfthreshold.cc
index a0deda291..0c8b0258a 100644
--- a/src/filters/sfthreshold.cc
+++ b/src/filters/sfthreshold.cc
@@ -84,178 +84,6 @@ void ThresholdConfigFree(ThresholdConfig* tc)
     snort_free(tc);
 }
 
-// prnMode = 0: init output format
-// prnMode = 1: term output format (with header and count of filtered events)
-// prnMode = 2: term output format (count only)
-#if 0
-static int print_thd_node(THD_NODE* p, PrintFormat type, unsigned* prnMode)
-{
-    char buf[STD_BUF+1];
-    memset(buf, 0, STD_BUF+1);
-
-    switch ( type )
-    {
-    case PRINT_GLOBAL:
-        if (p->type == THD_TYPE_SUPPRESS )
-            return 0;
-        if (p->sig_id != 0 )
-            return 0;
-        break;
-
-    case PRINT_LOCAL:
-        if (p->type == THD_TYPE_SUPPRESS )
-            return 0;
-        if (p->sig_id == 0 || p->gen_id == 0 )
-            return 0;
-        break;
-
-    case PRINT_SUPPRESS:
-        if (p->type != THD_TYPE_SUPPRESS )
-            return 0;
-        break;
-    }
-
-    /* SnortSnprintfAppend(buf, STD_BUF, "| thd-id=%d", p->thd_id ); */
-
-    if ( *prnMode && !p->filtered )
-        return 1;
-
-    if ( p->gen_id == 0 )
-    {
-        SnortSnprintfAppend(buf, STD_BUF, "| gen-id=global");
-    }
-    else
-    {
-        SnortSnprintfAppend(buf, STD_BUF, "| gen-id=%-6d", p->gen_id);
-    }
-    if ( p->sig_id == 0 )
-    {
-        SnortSnprintfAppend(buf, STD_BUF, " sig-id=global");
-    }
-    else
-    {
-        SnortSnprintfAppend(buf, STD_BUF, " sig-id=%-10d", p->sig_id);
-    }
-
-    switch ( p->type )
-    {
-    case THD_TYPE_LIMIT:
-        SnortSnprintfAppend(buf, STD_BUF, " type=Limit    ");
-        break;
-
-    case THD_TYPE_THRESHOLD:
-        SnortSnprintfAppend(buf, STD_BUF, " type=Threshold");
-        break;
-
-    case THD_TYPE_BOTH:
-        SnortSnprintfAppend(buf, STD_BUF, " type=Both     ");
-        break;
-
-    case THD_TYPE_SUPPRESS:
-        if ( *prnMode )
-            SnortSnprintfAppend(buf, STD_BUF, " type=Suppress ");
-        break;
-    }
-
-    switch ( p->tracking )
-    {
-    case THD_TRK_NONE:
-        SnortSnprintfAppend(buf, STD_BUF, " tracking=none");
-        break;
-
-    case THD_TRK_SRC:
-        SnortSnprintfAppend(buf, STD_BUF, " tracking=src");
-        break;
-
-    case THD_TRK_DST:
-        SnortSnprintfAppend(buf, STD_BUF, " tracking=dst");
-        break;
-    }
-
-    if ( p->type == THD_TYPE_SUPPRESS )
-    {
-        if ( p->tracking != THD_TRK_NONE )
-        {
-            // TBD output suppress node ip addr set
-            SnortSnprintfAppend(buf, STD_BUF, "-ip=%-16s", "<list>");
-        }
-    }
-    else
-    {
-        SnortSnprintfAppend(buf, STD_BUF, " count=%-3d", p->count);
-        SnortSnprintfAppend(buf, STD_BUF, " seconds=%-3d", p->seconds);
-    }
-
-    if ( *prnMode )
-    {
-        if ( *prnMode == 1 )
-        {
-            LogMessage(
-                "+-----------------------[filtered events]--------------------------------------\n");
-            *prnMode = 2;
-        }
-        SnortSnprintfAppend(buf, STD_BUF, " filtered=" STDu64, p->filtered);
-    }
-    LogMessage("%s\n", buf);
-
-    return 1;
-}
-
-static int print_thd_local(ThresholdObjects* thd_objs, PrintFormat type, unsigned* prnMode)
-{
-    GHash* sfthd_hash;
-    THD_ITEM* sfthd_item;
-    THD_NODE* sfthd_node;
-    int gen_id;
-    GHashNode* item_hash_node;
-    int lcnt=0;
-    PolicyId policyId;
-
-    for (policyId = 0; policyId < thd_objs->numPoliciesAllocated; policyId++)
-    {
-        for (gen_id=0; gen_id < THD_MAX_GENID; gen_id++ )
-        {
-            sfthd_hash = thd_objs->sfthd_array[gen_id];
-            if ( !sfthd_hash )
-            {
-                continue;
-            }
-
-            for (item_hash_node  = ghash_findfirst(sfthd_hash);
-                item_hash_node != 0;
-                item_hash_node  = ghash_findnext(sfthd_hash) )
-            {
-                /* Check for any Permanent sig_id objects for this gen_id */
-                sfthd_item = (THD_ITEM*)item_hash_node->data;
-
-                if (sfthd_item->policyId != policyId)
-                {
-                    continue;
-                }
-                SF_LNODE* cursor;
-
-                for ( sfthd_node  = (THD_NODE*)sflist_first(sfthd_item->sfthd_node_list, &cursor);
-                    sfthd_node != 0;
-                    sfthd_node = (THD_NODE*)sflist_next(&cursor) )
-                {
-                    if (print_thd_node(sfthd_node, type, prnMode) != 0)
-                        lcnt++;
-                }
-            }
-        }
-    }
-
-    if ( !lcnt && !*prnMode )
-        LogMessage("| none\n");
-
-    return 0;
-}
-
-#endif
-
-void print_thresholding(ThresholdConfig*, unsigned)
-{ }
-
 void sfthreshold_free()
 {
     if (thd_runtime != nullptr)
@@ -264,11 +92,6 @@ void sfthreshold_free()
     thd_runtime = nullptr;
 }
 
-/*
-
-    Create and Add a Thresholding Event Object
-
-*/
 int sfthreshold_create(
     snort::SnortConfig* sc, ThresholdConfig* thd_config, THDX_STRUCT* thdx)
 {
diff --git a/src/filters/sfthreshold.h b/src/filters/sfthreshold.h
index 9fdbbb81f..1acd26044 100644
--- a/src/filters/sfthreshold.h
+++ b/src/filters/sfthreshold.h
@@ -39,8 +39,8 @@ ThresholdConfig* ThresholdConfigNew();
 void ThresholdConfigFree(ThresholdConfig*);
 void sfthreshold_reset();
 int sfthreshold_create(snort::SnortConfig*, ThresholdConfig*, THDX_STRUCT*);
-int sfthreshold_test(unsigned int, unsigned int, const snort::SfIp*, const snort::SfIp*, long curtime);
-void print_thresholding(ThresholdConfig*, unsigned shutdown);
+int sfthreshold_test(
+    unsigned int, unsigned int, const snort::SfIp*, const snort::SfIp*, long curtime);
 void sfthreshold_free();
 
 #endif
diff --git a/src/log/messages.cc b/src/log/messages.cc
index e1fda5baf..dded5601f 100644
--- a/src/log/messages.cc
+++ b/src/log/messages.cc
@@ -84,19 +84,6 @@ static void log_message(FILE* file, const char* type, const char* msg)
 
 namespace snort
 {
-void ParseMessage(const char* format, ...)
-{
-    char buf[STD_BUF+1];
-    va_list ap;
-
-    va_start(ap, format);
-    vsnprintf(buf, STD_BUF, format, ap);
-    va_end(ap);
-
-    buf[STD_BUF] = '\0';
-    log_message(stderr, "INFO", buf);
-}
-
 void ParseWarning(WarningGroup wg, const char* format, ...)
 {
     if ( !(snort::SnortConfig::get_conf()->warning_flags & (1 << wg)) )
diff --git a/src/log/messages.h b/src/log/messages.h
index 8eea78181..376352622 100644
--- a/src/log/messages.h
+++ b/src/log/messages.h
@@ -52,7 +52,6 @@ unsigned get_reload_errors();
 
 namespace snort
 {
-SO_PUBLIC void ParseMessage(const char*, ...) __attribute__((format (printf, 1, 2)));
 SO_PUBLIC void ParseWarning(WarningGroup, const char*, ...) __attribute__((format (printf, 2, 3)));
 SO_PUBLIC void ParseError(const char*, ...) __attribute__((format (printf, 1, 2)));
 SO_PUBLIC void ReloadError(const char*, ...) __attribute__((format (printf, 1, 2)));
diff --git a/src/main/build.h b/src/main/build.h
index 88484ad3a..1117bfceb 100644
--- a/src/main/build.h
+++ b/src/main/build.h
@@ -12,7 +12,7 @@
 //                                               //
 //-----------------------------------------------//
 
-#define BUILD_NUMBER 252
+#define BUILD_NUMBER 253
 
 #ifndef EXTRABUILD
 #define BUILD STRINGIFY_MX(BUILD_NUMBER)
diff --git a/src/main/snort_config.cc b/src/main/snort_config.cc
index f1fd4a1e3..d55dc64a2 100644
--- a/src/main/snort_config.cc
+++ b/src/main/snort_config.cc
@@ -323,12 +323,6 @@ void SnortConfig::setup()
     ParseRules(this);
     OrderRuleLists(this);
 
-    // FIXIT-L see SnortInit() on config printing
-    //detection_filter_print_config(detection_filter_config);
-    //RateFilter_PrintConfig(rate_filter_config);
-    //print_thresholding(threshold_config, 0);
-    //PrintRuleOrder(rule_lists);
-
     for ( auto& state : rule_states )
         state->apply(this);
 
diff --git a/src/managers/module_manager.cc b/src/managers/module_manager.cc
index 890e2169c..4ac1f2d97 100644
--- a/src/managers/module_manager.cc
+++ b/src/managers/module_manager.cc
@@ -899,9 +899,6 @@ Module* ModuleManager::get_default_module(const char* s, SnortConfig* sc)
     return mod;
 }
 
-const char* ModuleManager::get_current_module()
-{ return s_current.c_str(); }
-
 list<Module*> ModuleManager::get_all_modules()
 {
     list<Module*> ret;
diff --git a/src/managers/module_manager.h b/src/managers/module_manager.h
index 0a4455d24..aebc83f17 100644
--- a/src/managers/module_manager.h
+++ b/src/managers/module_manager.h
@@ -48,7 +48,6 @@ public:
     static void add_module(Module*, const BaseApi* = nullptr);
     SO_PUBLIC static Module* get_module(const char*);
     static Module* get_default_module(const char*, SnortConfig*);
-    static const char* get_current_module();
     SO_PUBLIC static std::list<Module*> get_all_modules();
 
     static const char* get_lua_bootstrap();
diff --git a/src/parser/parser.cc b/src/parser/parser.cc
index 53031ea47..ad16c3434 100644
--- a/src/parser/parser.cc
+++ b/src/parser/parser.cc
@@ -217,24 +217,6 @@ static RuleListNode* addNodeToOrderedList(RuleListNode* ordered_list,
     return ordered_list;
 }
 
-static void printRuleListOrder(RuleListNode* node)
-{
-    char buf[STD_BUF];
-    RuleListNode* first_node = node;
-
-    SnortSnprintf(buf, STD_BUF, "Rule application order: ");
-
-    while ( node != nullptr )
-    {
-        SnortSnprintfAppend(buf, STD_BUF, "%s%s",
-            node == first_node ? "" : "->", node->name);
-
-        node = node->next;
-    }
-
-    LogMessage("%s\n", buf);
-}
-
 static bool parse_file(SnortConfig* sc, Shell* sh, bool is_fatal)
 {
     const char* fname = sh->get_file();
@@ -496,11 +478,6 @@ void FreeRuleLists(SnortConfig* sc)
     sc->rule_lists = nullptr;
 }
 
-void PrintRuleOrder(RuleListNode* rule_lists)
-{
-    printRuleListOrder(rule_lists);
-}
-
 void OrderRuleLists(SnortConfig* sc)
 {
     int evalIndex = 0;
diff --git a/src/parser/parser.h b/src/parser/parser.h
index f4dcba363..f0994fb59 100644
--- a/src/parser/parser.h
+++ b/src/parser/parser.h
@@ -46,12 +46,10 @@ snort::SnortConfig* ParseSnortConf(const snort::SnortConfig*, const char* fname
     bool is_fatal = true);
 void ParseRules(snort::SnortConfig*);
 
-void OrderRuleLists(snort::SnortConfig*);
-void PrintRuleOrder(RuleListNode*);
-
 char* ProcessFileOption(snort::SnortConfig*, const char*);
 void SetRuleStates(snort::SnortConfig*);
 
+void OrderRuleLists(snort::SnortConfig*);
 void FreeRuleLists(snort::SnortConfig*);
 void VarTablesFree(snort::SnortConfig*);
 
diff --git a/src/utils/stats.cc b/src/utils/stats.cc
index a0fcadb05..ca6a22ac1 100644
--- a/src/utils/stats.cc
+++ b/src/utils/stats.cc
@@ -235,21 +235,16 @@ void PrintStatistics()
     DropStats();
     timing_stats();
 
-    // FIXIT-L below stats need to be made consistent with above
-    print_thresholding(SnortConfig::get_conf()->threshold_config, 1);
+    // FIXIT-L can do flag saving with RAII (much cleaner)
+    int save_quiet_flag = SnortConfig::get_conf()->logging_flags & LOGGING_FLAG__QUIET;
 
-    {
-        // FIXIT-L can do flag saving with RAII (much cleaner)
-        int save_quiet_flag = SnortConfig::get_conf()->logging_flags & LOGGING_FLAG__QUIET;
-
-        SnortConfig::get_conf()->logging_flags &= ~LOGGING_FLAG__QUIET;
+    SnortConfig::get_conf()->logging_flags &= ~LOGGING_FLAG__QUIET;
 
-        // once more for the main thread
-        Profiler::consolidate_stats();
-        Profiler::show_stats();
+    // once more for the main thread
+    Profiler::consolidate_stats();
+    Profiler::show_stats();
 
-        SnortConfig::get_conf()->logging_flags |= save_quiet_flag;
-    }
+    SnortConfig::get_conf()->logging_flags |= save_quiet_flag;
 }
 
 //-------------------------------------------------------------------------
-- 
2.47.3