detect-state: minor cleanups

diff --git a/src/detect-engine-state.c b/src/detect-engine-state.c
index b9a79e9347188997cfd73eed01bfd90e8e6634c5..51ace587727017e796b0becd5e4abd7d155d0930 100644 (file)
--- a/src/detect-engine-state.c
+++ b/src/detect-engine-state.c
@@ -353,10 +353,12 @@ static void StoreStateTx(DetectEngineThreadCtx *det_ctx,
     SCLogDebug("Stored for TX %"PRIu64, tx_id);
 }
 
-int DeStateDetectStartDetection(ThreadVars *tv, DetectEngineCtx *de_ctx,
+int DeStateDetectStartDetection(ThreadVars *tv,
+                                DetectEngineCtx *de_ctx,
                                 DetectEngineThreadCtx *det_ctx,
-                                const Signature *s, Packet *p, Flow *f, uint8_t flags,
-                                AppProto alproto)
+                                const Signature *s, Packet *p, Flow *f,
+                                const uint8_t flags, // direction
+                                const AppProto alproto)
 {
     SCLogDebug("rule %u/%u", s->id, s->num);
 
@@ -404,13 +406,13 @@ int DeStateDetectStartDetection(ThreadVars *tv, DetectEngineCtx *de_ctx,
 
         /* see if we need to consider the next tx in our decision to add
          * a sig to the 'no inspect array'. */
-        int next_tx_no_progress = 0;
+        bool next_tx_no_progress = false;
         if (!TxIsLast(tx_id, total_txs)) {
             void *next_tx = AppLayerParserGetTx(f->proto, alproto, alstate, tx_id+1);
             if (next_tx != NULL) {
                 int c = AppLayerParserGetStateProgress(f->proto, alproto, next_tx, flags);
                 if (c == 0) {
-                    next_tx_no_progress = 1;
+                    next_tx_no_progress = true;
                 }
             }
         }
@@ -483,9 +485,11 @@ int DeStateDetectStartDetection(ThreadVars *tv, DetectEngineCtx *de_ctx,
         int tx_is_done = (tx_progress >=
                 AppLayerParserGetStateProgressCompletionStatus(alproto, flags));
 
-        SCLogDebug("tx %"PRIu64", packet %"PRIu64", rule %u, alert_cnt %u, last tx %d, tx_is_done %d, next_tx_no_progress %d",
+        SCLogDebug("tx %"PRIu64", packet %"PRIu64", rule %u, alert_cnt %u, "
+                "last tx %d, tx_is_done %d, next_tx_no_progress %s",
                 tx_id, p->pcap_cnt, s->num, alert_cnt,
-                TxIsLast(tx_id, total_txs), tx_is_done, next_tx_no_progress);
+                TxIsLast(tx_id, total_txs), tx_is_done,
+                next_tx_no_progress ? "true" : "false");
 
         /* store our state */
         if (!(TxIsLast(tx_id, total_txs)) || !tx_is_done) {
@@ -515,9 +519,9 @@ static int DoInspectItem(ThreadVars *tv,
     DeStateStoreItem *item, const uint8_t dir_state_flags,
     Packet *p, Flow *f, AppProto alproto, uint8_t flags,
     const uint64_t inspect_tx_id, const uint64_t total_txs,
-
-    uint16_t *file_no_match, int inprogress, // is current tx in progress?
-    const int next_tx_no_progress)                // tx after current is still dormant
+    uint16_t *file_no_match,
+    const bool inprogress,          // is current tx in progress?
+    const bool next_tx_no_progress) // tx after current is still dormant
 {
     Signature *s = de_ctx->sig_array[item->sid];
     det_ctx->stream_already_inspected = false;
@@ -726,35 +730,30 @@ static int DoInspectItem(ThreadVars *tv,
 
 void DeStateDetectContinueDetection(ThreadVars *tv, DetectEngineCtx *de_ctx,
                                     DetectEngineThreadCtx *det_ctx,
-                                    Packet *p, Flow *f, uint8_t flags,
+                                    Packet *p, Flow *f, const uint8_t flags,
                                     AppProto alproto)
 {
-    uint16_t file_no_match = 0;
-    SigIntId store_cnt = 0;
-    SigIntId state_cnt = 0;
-    uint64_t inspect_tx_id = 0;
-    uint64_t total_txs = 0;
-    uint8_t direction = (flags & STREAM_TOSERVER) ? 0 : 1;
-
     SCLogDebug("starting continue detection for packet %"PRIu64, p->pcap_cnt);
 
     void *alstate = FlowGetAppState(f);
-    if (!StateIsValid(alproto, alstate)) {
+    if (unlikely(!StateIsValid(alproto, alstate))) {
         return;
     }
 
-    inspect_tx_id = AppLayerParserGetTransactionInspectId(f->alparser, flags);
-    total_txs = AppLayerParserGetTxCnt(f, alstate);
+    const uint8_t direction = (flags & STREAM_TOSERVER) ? 0 : 1;
+    uint64_t inspect_tx_id = AppLayerParserGetTransactionInspectId(f->alparser, flags);
+    const uint64_t total_txs = AppLayerParserGetTxCnt(f, alstate);
+    const int end_progress = AppLayerParserGetStateProgressCompletionStatus(alproto, flags);
 
     for ( ; inspect_tx_id < total_txs; inspect_tx_id++) {
-        int inspect_tx_inprogress = 0;
-        int next_tx_no_progress = 0;
+        bool inspect_tx_inprogress = false;
         void *inspect_tx = AppLayerParserGetTx(f->proto, alproto, alstate, inspect_tx_id);
         if (inspect_tx != NULL) {
-            int a = AppLayerParserGetStateProgress(f->proto, alproto, inspect_tx, flags);
-            int b = AppLayerParserGetStateProgressCompletionStatus(alproto, flags);
-            if (a < b) {
-                inspect_tx_inprogress = 1;
+            bool next_tx_no_progress = false;
+
+            const int tx_progress = AppLayerParserGetStateProgress(f->proto, alproto, inspect_tx, flags);
+            if (end_progress < tx_progress) {
+                inspect_tx_inprogress = true;
             }
             SCLogDebug("tx %"PRIu64" (%"PRIu64") => %s", inspect_tx_id, total_txs,
                     inspect_tx_inprogress ? "in progress" : "done");
@@ -776,19 +775,22 @@ void DeStateDetectContinueDetection(ThreadVars *tv, DetectEngineCtx *de_ctx,
                 if (next_inspect_tx != NULL) {
                     int c = AppLayerParserGetStateProgress(f->proto, alproto, next_inspect_tx, flags);
                     if (c == 0) {
-                        next_tx_no_progress = 1;
+                        next_tx_no_progress = true;
                     }
                 }
             }
 
             /* Loop through stored 'items' (stateful rules) and inspect them */
-            state_cnt = 0;
+            SigIntId state_cnt = 0;
             for (; tx_store != NULL; tx_store = tx_store->next) {
                 SCLogDebug("tx_store %p", tx_store);
+
+                SigIntId store_cnt = 0;
                 for (store_cnt = 0;
                         store_cnt < DE_STATE_CHUNK_SIZE && state_cnt < tx_dir_state->cnt;
                         store_cnt++, state_cnt++)
                 {
+                    uint16_t file_no_match = 0; // TODO looks like we're just ignoring this
                     DeStateStoreItem *item = &tx_store->store[store_cnt];
                     int r = DoInspectItem(tv, de_ctx, det_ctx,
                             item, tx_dir_state->flags,

diff --git a/src/detect-engine-state.h b/src/detect-engine-state.h
index 224160caf92c48c92c9b0a4655ee385f4c0208cb..9497c80e91717422f1819d623435f42bb80a69ce 100644 (file)
--- a/src/detect-engine-state.h
+++ b/src/detect-engine-state.h
@@ -101,6 +101,7 @@ typedef struct DetectEngineStateDirection_ {
     SigIntId cnt;
     uint16_t filestore_cnt;
     uint8_t flags;
+    /* coccinelle: DetectEngineStateDirection:flags:DETECT_ENGINE_STATE_FLAG_ */
 } DetectEngineStateDirection;
 
 typedef struct DetectEngineState_ {
@@ -149,7 +150,7 @@ int DeStateFlowHasInspectableState(const Flow *f, const uint8_t flags);
 int DeStateDetectStartDetection(ThreadVars *tv, DetectEngineCtx *de_ctx,
                                 DetectEngineThreadCtx *det_ctx,
                                 const Signature *s, Packet *p, Flow *f,
-                                uint8_t flags, AppProto alproto);
+                                const uint8_t flags, const AppProto alproto);
 
 /**
  * \brief Continue DeState detection of the signatures stored in the state.