Merge pull request #1641 in SNORT/snort3 from ~MASHASAN/snort3:inspector_null_check...

Squashed commit of the following:

commit 7104df70e6370eb212c787186011ebd6148594d8
Author: Masud Hasan <mashasan@cisco.com>
Date:   Mon Jun 10 22:41:19 2019 -0400

    stream_ip: Checking null inspector while updating session

diff --git a/src/network_inspectors/binder/binder.cc b/src/network_inspectors/binder/binder.cc
index df0e150dd83eedcf8d5671dc75ae4951fbcca9eb..aa56124934dc00683b988c645502ebe52f3a858c 100644 (file)
--- a/src/network_inspectors/binder/binder.cc
+++ b/src/network_inspectors/binder/binder.cc
@@ -617,8 +617,6 @@ public:
     void handle_new_standby_flow(Flow*);
 
 private:
-    void apply(const Stuff&, Flow*);
-
     void set_binding(SnortConfig*, Binding*);
     void get_bindings(Flow*, Stuff&, Packet* = nullptr); // may be null when dealing with HA flows
     void apply(Flow*, Stuff&);

diff --git a/src/stream/ip/ip_session.cc b/src/stream/ip/ip_session.cc
index 0a79c34b20d33892f4381e35c58e2d612faf9d40..dc5092885c9011c522b2a57d26f2ebdb7353a7f8 100644 (file)
--- a/src/stream/ip/ip_session.cc
+++ b/src/stream/ip/ip_session.cc
@@ -31,6 +31,10 @@
 #include "ip_ha.h"
 #include "stream_ip.h"
 
+#ifdef UNIT_TEST
+#include "catch/snort_catch.h"
+#endif
+
 using namespace snort;
 
 const PegInfo ip_pegs[] =
@@ -80,7 +84,7 @@ static void IpSessionCleanup(Flow* lws, FragTracker* tracker)
 // private packet processing methods
 //-------------------------------------------------------------------------
 
-static inline void UpdateSession(Packet* p, Flow* lws)
+static inline void update_session(Packet* p, Flow* lws)
 {
     lws->markup_packet_flags(p);
 
@@ -105,6 +109,7 @@ static inline void UpdateSession(Packet* p, Flow* lws)
     }
 
     // Reset the session timeout.
+    if ( lws->ssn_server )
     {
         StreamIpConfig* pc = get_ip_cfg(lws->ssn_server);
         lws->set_expire(p, pc->session_timeout);
@@ -180,7 +185,7 @@ int IpSession::process(Packet* p)
         d->process(p, &tracker);
     }
 
-    UpdateSession(p, flow);
+    update_session(p, flow);
 
     return 0;
 }
@@ -222,3 +227,46 @@ bool IpSession::check_alerted(Packet* p, uint32_t gid, uint32_t sid)
     return false;
 }
 
+#ifdef UNIT_TEST
+
+// dummy
+class StreamIp : public Inspector
+{
+public:
+    StreamIp(StreamIpConfig*);
+    ~StreamIp() override;
+
+    bool configure(SnortConfig*) override;
+    void show(SnortConfig*) override;
+    NORETURN_ASSERT void eval(Packet*) override;
+    StreamIpConfig* config;
+    Defrag* defrag;
+};
+
+TEST_CASE("IP Session", "[ip_session]")
+{
+    Flow lws;
+    Packet p(false);
+    DAQ_PktHdr_t dh = {};
+    p.pkth = &dh;
+
+    SECTION("update_session without inspector")
+    {
+        lws.ssn_server = nullptr;
+
+        update_session(&p, &lws);
+        CHECK(lws.expire_time == 0);
+    }
+
+    SECTION("update_session with inspector")
+    {
+        StreamIpConfig* sic = new StreamIpConfig;
+        sic->session_timeout = 360;
+        StreamIp si(sic);
+        lws.ssn_server = &si;
+
+        update_session(&p, &lws);
+        CHECK(lws.expire_time == 360);
+    }
+}
+#endif