cppcheck cleanup

diff --git a/ChangeLog b/ChangeLog
index 7d721213392d3134cc3a376158e2d4ae1d3b9d4d..57988fc1d7c123f44ce32b429a39df6edc482b62 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,7 +14,7 @@
 -- add alternate fast patterns for dce_udp endianness
 -- removed underscores from all peg counts
 -- document sensitive data use
--- user manual refactoring and updages
+-- user manual refactoring and updates
 
 16/11/21 - build 219
 

diff --git a/extra/src/inspectors/http_server/hi_server.cc b/extra/src/inspectors/http_server/hi_server.cc
index 7f540a538ef08ab9efffb2cf9bb7ab9022b789fc..ecbe6a91a03a6831bfebacc6fb875ff4145a619c 100644 (file)
--- a/extra/src/inspectors/http_server/hi_server.cc
+++ b/extra/src/inspectors/http_server/hi_server.cc
@@ -256,13 +256,13 @@ static inline int hi_server_extract_status_msg(const u_char* start, const u_char
     {
         const u_char* crlf = (u_char*)SnortStrnStr((const char*)ptr, end - ptr, "\n");
         result->uri = ptr;
+
         if (crlf)
         {
             if (crlf[-1] == '\r')
                 result->uri_end = crlf - 1;
             else
                 result->uri_end = crlf;
-            ptr = crlf;
         }
         else
         {

diff --git a/extra/src/inspectors/http_server/ips_http_header.cc b/extra/src/inspectors/http_server/ips_http_header.cc
index 35d01479eeb2c9d1fc1991192e91f79a0108d307..4c93d4e830177e83d12e125ab1af73b967f9dd5c 100644 (file)
--- a/extra/src/inspectors/http_server/ips_http_header.cc
+++ b/extra/src/inspectors/http_server/ips_http_header.cc
@@ -130,7 +130,7 @@ bool HttpHeaderOption::operator==(const IpsOption& ips) const
     return ( hdr_name == rhs.hdr_name );
 }
 
-static bool find(
+static bool find_hdr(
     const string& s, const InspectionBuffer& b, Cursor& c)
 {
     const char* h = s.c_str();
@@ -201,7 +201,7 @@ int HttpHeaderOption::eval(Cursor& c, Packet* p)
         return DETECTION_OPTION_MATCH;
     }
 
-    if ( find(hdr_name, hb, c) )
+    if ( find_hdr(hdr_name, hb, c) )
         return DETECTION_OPTION_MATCH;
 
     return DETECTION_OPTION_NO_MATCH;

diff --git a/extra/src/search_engines/lowmem/sfksearch.cc b/extra/src/search_engines/lowmem/sfksearch.cc
index 8fe692b1efbe560adb2d5e748e3630a5cf797dd5..b2d7591620dec137f986259cbf405733177a7bc4 100644 (file)
--- a/extra/src/search_engines/lowmem/sfksearch.cc
+++ b/extra/src/search_engines/lowmem/sfksearch.cc
@@ -705,7 +705,7 @@ int match(unsigned id, int index, void* context)
 {
     trie_nmatches++;
     data = context;
-    printf("id=%d found at index=%d, %s\n",id,index,gargv[id]);
+    printf("id=%u found at index=%d, %s\n", id, index, gargv[id]);
     return 0;
 }
 

diff --git a/src/framework/lua_api.h b/src/framework/lua_api.h
index 32cd56a1492c925f2bc912eb8a18909e8d7547a7..541e39fe0718cc485b781e4e3aff862cb0a53554 100644 (file)
--- a/src/framework/lua_api.h
+++ b/src/framework/lua_api.h
@@ -35,8 +35,6 @@ public:
     std::string name;
     std::string chunk;
 
-    static const char* type;
-
 protected:
     LuaApi(std::string& s, std::string& c)
     {

diff --git a/src/hash/sfxhash.cc b/src/hash/sfxhash.cc
index 5c82f488afd4d094b3d489eba639b34e3b8e5143..c692885ac3d1e782ae001fd2c8d744e5105e0b16 100644 (file)
--- a/src/hash/sfxhash.cc
+++ b/src/hash/sfxhash.cc
@@ -1281,7 +1281,7 @@ int main(int argc, char** argv)
         n != 0;
         n  = sfxhash_findnext(t) )
     {
-        printf("hash-findfirst/next: n=%x, key=%s, data=%s\n", n, n->key, n->data);
+        printf("hash-findfirst/next: n=%p, key=%s, data=%s\n", n, n->key, n->data);
 
         /*
           remove node we are looking at, this is first/next safe.

diff --git a/src/ips_options/ips_hash.cc b/src/ips_options/ips_hash.cc
index 8145b24c944aaf0cabe4af65d3641b5f74203657..adcc25b8a188aa784a85a3bf0568bf9e533abb83 100644 (file)
--- a/src/ips_options/ips_hash.cc
+++ b/src/ips_options/ips_hash.cc
@@ -311,6 +311,7 @@ HashMatchData* HashModule::get_data()
 
 bool HashModule::begin(const char*, int, SnortConfig*)
 {
+    assert(!hmd);
     hmd = new HashMatchData;
     return true;
 }

diff --git a/src/managers/module_manager.cc b/src/managers/module_manager.cc
index e6c8cadd21badf9cd02bd3a5fda63092883b6749..05909815fc11c349defa8139b3dba20ceeea74f1 100644 (file)
--- a/src/managers/module_manager.cc
+++ b/src/managers/module_manager.cc
@@ -662,7 +662,7 @@ SO_PUBLIC bool open_table(const char* s, int idx)
         return false;
 
     // FIXIT-M only basic modules and inspectors can be reloaded at present
-    if ( Snort::is_reloading() && h && h->api && h->api->type != PT_INSPECTOR )
+    if ( Snort::is_reloading() and h->api and h->api->type != PT_INSPECTOR )
         return false;
 
     Module* m = h->mod;

diff --git a/src/network_inspectors/appid/appid_inspector.cc b/src/network_inspectors/appid/appid_inspector.cc
index c774f083d9d21152c87bf44b31eb7db8674b2c1c..3cc93775a08bde1a252169c7f2636ca4e4b750aa 100644 (file)
--- a/src/network_inspectors/appid/appid_inspector.cc
+++ b/src/network_inspectors/appid/appid_inspector.cc
@@ -82,6 +82,7 @@ AppIdInspector::~AppIdInspector()
 
 bool AppIdInspector::configure(SnortConfig*)
 {
+    assert(!active_config);
     active_config = new AppIdConfig( ( AppIdModuleConfig* )config);
 
     get_data_bus().subscribe(HTTP_REQUEST_HEADER_EVENT_KEY, new HttpEventHandler(HttpEventHandler::REQUEST_EVENT));

diff --git a/src/network_inspectors/appid/appid_session.cc b/src/network_inspectors/appid/appid_session.cc
index 836045f10bd8c84c6a5dbb65f763ec2140e13a05..d8ba53114733390fe36b9d3871d6f2331199e5af 100644 (file)
--- a/src/network_inspectors/appid/appid_session.cc
+++ b/src/network_inspectors/appid/appid_session.cc
@@ -247,9 +247,9 @@ AppIdSession* AppIdSession::create_future_session(const Packet* ctrlPkt, const S
         {
             sfip_ntop(cliIp, src_ip, sizeof(src_ip));
             sfip_ntop(srvIp, dst_ip, sizeof(dst_ip));
-            LogMessage("AppIdDbg %s related flow %s for %s-%u -> %s-%u %u\n",
-                asd->session_logging_id, asd ? "created" : "creation failed",
-                                src_ip, (unsigned)cliPort, dst_ip, (unsigned)srvPort, (unsigned)proto);
+            LogMessage("AppIdDbg %s related flow created for %s-%u -> %s-%u %u\n",
+                asd->session_logging_id,
+                src_ip, (unsigned)cliPort, dst_ip, (unsigned)srvPort, (unsigned)proto);
         }
 
         asd->in_expected_cache = true;

diff --git a/src/network_inspectors/appid/detector_plugins/detector_http.cc b/src/network_inspectors/appid/detector_plugins/detector_http.cc
index 39dd392a382a6c9e64d688004f3da930711203d3..35bb199b61e0169f759c5a09b2dc69385970ebf0 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_http.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_http.cc
@@ -1939,19 +1939,18 @@ AppId get_appid_from_url(char* host, char* url, char** version, char* referer, A
     snort_free(temp_host);
 
     /* if referred_id feature id disabled, referer will be null */
-    if (referer && (!payload_found || AppInfoManager::get_instance().get_app_info_flags(data->payload_id, APPINFO_FLAG_REFERRED)))
+    if (referer && (!payload_found ||
+        AppInfoManager::get_instance().get_app_info_flags(data->payload_id, APPINFO_FLAG_REFERRED)))
     {
         referer_start = referer;
 
         char* referer_offset = (char*)service_strstr((uint8_t*)referer_start, URL_SCHEME_MAX_LEN,
             (uint8_t*)URL_SCHEME_END_PATTERN, sizeof(URL_SCHEME_END_PATTERN)-1);
-        if (referer_offset)
-        {
-            referer_offset += sizeof(URL_SCHEME_END_PATTERN)-1;
-        }
-        else
+
+        if ( !referer_offset )
             return 0;
 
+        referer_offset += sizeof(URL_SCHEME_END_PATTERN)-1;
         referer_start = referer_offset;
         referer_len = strlen(referer_start);
         referer_path = strchr(referer_start, '/');
@@ -1967,7 +1966,7 @@ AppId get_appid_from_url(char* host, char* url, char** version, char* referer, A
             referer_path_len = 1;
         }
 
-        if (referer_start && referer_len > 0)
+        if ( referer_len > 0 )
         {
             data = nullptr;
             patterns[0].pattern = (uint8_t*)referer_start;

diff --git a/src/network_inspectors/port_scan/ps_module.cc b/src/network_inspectors/port_scan/ps_module.cc
index 745e18f7f5c421d58ad6e25e5ccdc8b2b550947a..5814ebbedf55dad5f01d5af17a66241b76018e47 100644 (file)
--- a/src/network_inspectors/port_scan/ps_module.cc
+++ b/src/network_inspectors/port_scan/ps_module.cc
@@ -186,6 +186,7 @@ bool PortScanModule::set(const char*, Value& v, SnortConfig*)
 
 bool PortScanModule::begin(const char*, int, SnortConfig*)
 {
+    assert(!config);
     config = new PortscanConfig;
     return true;
 }
@@ -226,6 +227,7 @@ ProfileStats* PortScanGlobalModule::get_profile() const
 
 bool PortScanGlobalModule::begin(const char*, int, SnortConfig*)
 {
+    assert(!common);
     common = new PsCommon;
     common->memcap = 1048576;
     return true;

diff --git a/src/network_inspectors/reputation/reputation_module.cc b/src/network_inspectors/reputation/reputation_module.cc
index 403f2c6bf808f30d3aae4cd2cf9cd8be8aa1a25b..85273204953eee3b3d1b09f1b410cf2c3db07947 100644 (file)
--- a/src/network_inspectors/reputation/reputation_module.cc
+++ b/src/network_inspectors/reputation/reputation_module.cc
@@ -84,9 +84,7 @@ ReputationModule::ReputationModule() : Module(REPUTATION_NAME, REPUTATION_HELP,
 ReputationModule::~ReputationModule()
 {
     if ( conf )
-    {
         delete conf;
-    }
 }
 
 const RuleMap* ReputationModule::get_rules() const
@@ -139,8 +137,8 @@ ReputationConfig* ReputationModule::get_data()
 
 bool ReputationModule::begin(const char*, int, SnortConfig*)
 {
+    assert(!conf);
     conf = new ReputationConfig;
-
     return true;
 }
 

diff --git a/src/ports/port_object2.cc b/src/ports/port_object2.cc
index 6b2fe60049f955a6033a38d773c497521c41c8c1..511383051d6fa2a0684114db42bf354d536d2bff 100644 (file)
--- a/src/ports/port_object2.cc
+++ b/src/ports/port_object2.cc
@@ -54,12 +54,13 @@
  * swap on big endian hardware */
 #ifdef WORDS_BIGENDIAN
 #define SWAP_BYTES(a) \
+    a = \
     ((((uint32_t)(a) & 0xFF000000) >> 24) | \
     (((uint32_t)(a) & 0x00FF0000) >> 8) | \
     (((uint32_t)(a) & 0x0000FF00) << 8) | \
     (((uint32_t)(a) & 0x000000FF) << 24))
 #else
-#define SWAP_BYTES(a) (a)
+#define SWAP_BYTES(a)
 #endif
 
 static unsigned po_rule_hash_func(SFHASHFCN* p, unsigned char* k, int n)
@@ -70,7 +71,7 @@ static unsigned po_rule_hash_func(SFHASHFCN* p, unsigned char* k, int n)
     /* Since the input is really an int, put the bytes into a normalized
      * order so that the hash function returns consistent results across
      * on BE & LE hardware. */
-    ikey = SWAP_BYTES(ikey);
+    SWAP_BYTES(ikey);
 
     /* Set a pointer to the key to pass to the hashing function */
     key = (unsigned char*)&ikey;

diff --git a/src/service_inspectors/dce_rpc/dce_smb2.cc b/src/service_inspectors/dce_rpc/dce_smb2.cc
index 93a10f528f447bcc332b041c29356223051ea83b..4d79d44cb070327c6f658bfbbe68efef91bcc325 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb2.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb2.cc
@@ -836,13 +836,15 @@ DCE2_Ret DCE2_Smb2InitFileTracker(DCE2_SmbFileTracker* ftracker,
 DCE2_SmbVersion DCE2_Smb2Version(const Packet* p)
 {
     /* Only check reassembled SMB2 packet*/
-    if (p->has_paf_payload() &&
-        (p->dsize > sizeof(NbssHdr) + sizeof(DCE2_SMB_ID)))
+    if ( p->has_paf_payload() and
+        (p->dsize > sizeof(NbssHdr) + 4) )  // DCE2_SMB_ID is u32
     {
         Smb2Hdr* smb_hdr = (Smb2Hdr*)(p->data + sizeof(NbssHdr));
         uint32_t smb_version_id = SmbId((SmbNtHdr*)smb_hdr);
+
         if (smb_version_id == DCE2_SMB_ID)
             return DCE2_SMB_VERISON_1;
+
         else if (smb_version_id == DCE2_SMB2_ID)
             return DCE2_SMB_VERISON_2;
     }

diff --git a/src/service_inspectors/dce_rpc/dce_utils.h b/src/service_inspectors/dce_rpc/dce_utils.h
index 13b698c9a7b0e05b491ad46a002ce45618bca21d..86b550fca417cd79761cd7e8d489a8f1151ce425 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_utils.h
+++ b/src/service_inspectors/dce_rpc/dce_utils.h
@@ -392,5 +392,5 @@ inline void DCE2_BufferEmpty(DCE2_Buffer* buf)
 #define DCE2_MOVE(data_ptr, data_len, amount) \
     { data_len -= (amount); data_ptr = (uint8_t*)data_ptr + (amount); }
 
-#endif  /* _DCE2_UTILS_H_ */
+#endif
 

diff --git a/src/service_inspectors/dce_rpc/smb_message.cc b/src/service_inspectors/dce_rpc/smb_message.cc
index 915787636d12e4dd773a77962aeb7caa2c540d9a..04a2f7d1c10367ae24171a85a3e36540ba6345da 100644 (file)
--- a/src/service_inspectors/dce_rpc/smb_message.cc
+++ b/src/service_inspectors/dce_rpc/smb_message.cc
@@ -695,7 +695,7 @@ static void DCE2_SmbCheckCommand(DCE2_SmbSsnData* ssd,
     }
 
     // Move just past byte count field which is the end of the command
-    DCE2_MOVE(nb_ptr, nb_len, com_info.cmd_size);
+    nb_len -= com_info.cmd_size;
 
     // Validate that there is enough data to be able to process the command
     if (nb_len < DCE2_SmbGetMinByteCount(smb_com, (uint8_t)com_info.smb_type))

diff --git a/src/service_inspectors/dnp3/ips_dnp3_obj.cc b/src/service_inspectors/dnp3/ips_dnp3_obj.cc
index 910315a7362e772f0176fb7d7e5aa5e56b690536..6143148e9531ccaa0c56ddaa71999c165e033467 100644 (file)
--- a/src/service_inspectors/dnp3/ips_dnp3_obj.cc
+++ b/src/service_inspectors/dnp3/ips_dnp3_obj.cc
@@ -42,7 +42,8 @@
 
 static THREAD_LOCAL ProfileStats dnp3_obj_perf_stats;
 
-static int dnp3_decode_object(uint8_t* buf, uint16_t buflen, uint8_t rule_group, uint8_t rule_var)
+static int dnp3_decode_object(
+    uint8_t* buf, uint16_t buflen, uint8_t rule_group, uint8_t rule_var)
 {
     uint8_t group, var;
 
@@ -56,8 +57,6 @@ static int dnp3_decode_object(uint8_t* buf, uint16_t buflen, uint8_t rule_group,
 
     /* Decode var */
     var = *buf;
-    buf++;
-    buflen--;
 
     /* Match the rule option here, quit decoding if we found the right header. */
     if ((group == rule_group) && (var == rule_var))

diff --git a/src/service_inspectors/dns/dns.cc b/src/service_inspectors/dns/dns.cc
index 734eb396d9ac7083e40d944d267299f74b49bb03..14dc1cd88d1e00182ac76312bac8ef9053940b7d 100644 (file)
--- a/src/service_inspectors/dns/dns.cc
+++ b/src/service_inspectors/dns/dns.cc
@@ -112,14 +112,10 @@ static DNSData* get_dns_session_data(Packet* p, bool from_server)
 }
 
 static uint16_t ParseDNSHeader(
-    const unsigned char* data,
-    uint16_t bytes_unused,
-    DNSData* dnsSessionData)
+    const unsigned char* data, uint16_t bytes_unused, DNSData* dnsSessionData)
 {
-    if (bytes_unused == 0)
-    {
-        return bytes_unused;
-    }
+    if ( !bytes_unused )
+        return 0;
 
     switch (dnsSessionData->state)
     {
@@ -128,144 +124,123 @@ static uint16_t ParseDNSHeader(
         dnsSessionData->length = ((uint8_t)*data) << 8;
         dnsSessionData->state = DNS_RESP_STATE_LENGTH_PART;
         data++;
-        bytes_unused--;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_LENGTH_PART:
         dnsSessionData->length |= ((uint8_t)*data);
         dnsSessionData->state = DNS_RESP_STATE_HDR_ID;
         data++;
-        bytes_unused--;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_ID:
         dnsSessionData->hdr.id = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_ID_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_ID_PART:
         dnsSessionData->hdr.id |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_FLAGS;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_FLAGS:
         dnsSessionData->hdr.flags = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_FLAGS_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_FLAGS_PART:
         dnsSessionData->hdr.flags |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_QS;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_QS:
         dnsSessionData->hdr.questions = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_QS_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_QS_PART:
         dnsSessionData->hdr.questions |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_ANSS;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_ANSS:
         dnsSessionData->hdr.answers = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_ANSS_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_ANSS_PART:
         dnsSessionData->hdr.answers |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_AUTHS;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_AUTHS:
         dnsSessionData->hdr.authorities = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_AUTHS_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_AUTHS_PART:
         dnsSessionData->hdr.authorities |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_ADDS;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_ADDS:
         dnsSessionData->hdr.additionals = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_HDR_ADDS_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_HDR_ADDS_PART:
         dnsSessionData->hdr.additionals |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->state = DNS_RESP_STATE_QUESTION;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
-    default:
-        /* Continue -- we're beyond the header */
+        bytes_unused--;
         break;
     }
 
@@ -273,9 +248,7 @@ static uint16_t ParseDNSHeader(
 }
 
 static uint16_t ParseDNSName(
-    const unsigned char* data,
-    uint16_t bytes_unused,
-    DNSData* dnsSessionData)
+    const unsigned char* data, uint16_t bytes_unused, DNSData* dnsSessionData)
 {
     uint16_t bytes_required = dnsSessionData->curr_txt.txt_len -
         dnsSessionData->curr_txt.txt_bytes_seen;
@@ -366,17 +339,13 @@ static uint16_t ParseDNSName(
 }
 
 static uint16_t ParseDNSQuestion(
-    const unsigned char* data,
-    uint16_t bytes_unused,
-    DNSData* dnsSessionData)
+    const unsigned char* data, uint16_t bytes_unused, DNSData* dnsSessionData)
 {
     uint16_t bytes_used = 0;
     uint16_t new_bytes_unused = 0;
 
-    if (bytes_unused == 0)
-    {
-        return bytes_unused;
-    }
+    if ( !bytes_unused )
+        return 0;
 
     if (dnsSessionData->curr_rec_state < DNS_RESP_STATE_Q_NAME_COMPLETE)
     {
@@ -390,11 +359,8 @@ static uint16_t ParseDNSQuestion(
             data = data + bytes_used;
             bytes_unused = new_bytes_unused;
 
-            if (bytes_unused == 0)
-            {
-                /* ran out of data */
-                return bytes_unused;
-            }
+            if ( !bytes_unused )
+                return 0;  /* ran out of data */
         }
         else
         {
@@ -407,46 +373,35 @@ static uint16_t ParseDNSQuestion(
     {
     case DNS_RESP_STATE_Q_TYPE:
         dnsSessionData->curr_q.type = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_TYPE_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_Q_TYPE_PART:
         dnsSessionData->curr_q.type |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_CLASS;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_Q_CLASS:
         dnsSessionData->curr_q.dns_class = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_CLASS_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_Q_CLASS_PART:
         dnsSessionData->curr_q.dns_class |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_COMPLETE;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
-    default:
-        /* Continue -- we're beyond this question */
+        bytes_unused--;
         break;
     }
 
@@ -454,17 +409,13 @@ static uint16_t ParseDNSQuestion(
 }
 
 static uint16_t ParseDNSAnswer(
-    const unsigned char* data,
-    uint16_t bytes_unused,
-    DNSData* dnsSessionData)
+    const unsigned char* data, uint16_t bytes_unused, DNSData* dnsSessionData)
 {
     uint16_t bytes_used = 0;
     uint16_t new_bytes_unused = 0;
 
-    if (bytes_unused == 0)
-    {
-        return bytes_unused;
-    }
+    if ( !bytes_unused )
+        return 0;
 
     if (dnsSessionData->curr_rec_state < DNS_RESP_STATE_RR_NAME_COMPLETE)
     {
@@ -479,66 +430,58 @@ static uint16_t ParseDNSAnswer(
         }
         bytes_unused = new_bytes_unused;
 
-        if (bytes_unused == 0)
-        {
-            /* ran out of data */
-            return bytes_unused;
-        }
+        if ( !bytes_unused )
+            return 0;  /* ran out of data */
     }
 
     switch (dnsSessionData->curr_rec_state)
     {
     case DNS_RESP_STATE_RR_TYPE:
         dnsSessionData->curr_rr.type = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_TYPE_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_RR_TYPE_PART:
         dnsSessionData->curr_rr.type |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_CLASS;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_RR_CLASS:
         dnsSessionData->curr_rr.dns_class = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_CLASS_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_RR_CLASS_PART:
         dnsSessionData->curr_rr.dns_class |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_TTL;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_RR_TTL:
         dnsSessionData->curr_rr.ttl = (uint8_t)*data << 24;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_TTL_PART;
         dnsSessionData->bytes_seen_curr_rec = 1;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_RR_TTL_PART:
         while (dnsSessionData->bytes_seen_curr_rec < 4)
         {
@@ -546,36 +489,26 @@ static uint16_t ParseDNSAnswer(
             dnsSessionData->curr_rr.ttl |=
                 (uint8_t)*data << (4-dnsSessionData->bytes_seen_curr_rec)*8;
             data++;
-            bytes_unused--;
-            if (bytes_unused == 0)
-            {
-                return bytes_unused;
-            }
+
+            if ( !--bytes_unused )
+                return 0;
         }
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_RDLENGTH;
-    /* Fall through */
+        // Fall through
+
     case DNS_RESP_STATE_RR_RDLENGTH:
         dnsSessionData->curr_rr.length = (uint8_t)*data << 8;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_RDLENGTH_PART;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
+        data++;
+
+        if ( !--bytes_unused )
+            return 0;
+        // Fall through
+
     case DNS_RESP_STATE_RR_RDLENGTH_PART:
         dnsSessionData->curr_rr.length |= (uint8_t)*data;
-        data++;
-        bytes_unused--;
         dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_RDATA_START;
-        if (bytes_unused == 0)
-        {
-            return bytes_unused;
-        }
-    /* Fall through */
-    default:
-        /* Continue -- we're beyond this answer */
+        bytes_unused--;
         break;
     }
 

diff --git a/src/service_inspectors/ftp_telnet/telnet_module.cc b/src/service_inspectors/ftp_telnet/telnet_module.cc
index bba8cf592d466a6f7a71d701e43b34028515abc8..68f6440cdb42837c624f11c1a22e001bd763d0c4 100644 (file)
--- a/src/service_inspectors/ftp_telnet/telnet_module.cc
+++ b/src/service_inspectors/ftp_telnet/telnet_module.cc
@@ -106,6 +106,7 @@ TELNET_PROTO_CONF* TelnetModule::get_data()
 
 bool TelnetModule::begin(const char*, int, SnortConfig*)
 {
+    assert(!conf);
     conf = new TELNET_PROTO_CONF;
     return true;
 }

diff --git a/src/service_inspectors/imap/imap_module.cc b/src/service_inspectors/imap/imap_module.cc
index 5c5a3d86bc6cccff01370f8eb82326aa103d7c3d..e3b3e0c1cde3677b336c36bd3a51241cd4e2f739 100644 (file)
--- a/src/service_inspectors/imap/imap_module.cc
+++ b/src/service_inspectors/imap/imap_module.cc
@@ -132,8 +132,8 @@ IMAP_PROTO_CONF* ImapModule::get_data()
 
 bool ImapModule::begin(const char*, int, SnortConfig*)
 {
+    assert(!config);
     config = new IMAP_PROTO_CONF;
-
     return true;
 }
 

diff --git a/src/service_inspectors/pop/pop_module.cc b/src/service_inspectors/pop/pop_module.cc
index 9cc434dbfef397a9c2e79ae4ce65197994c1c71a..4b2362babd5762753730102ce2138fbd3cd875c9 100644 (file)
--- a/src/service_inspectors/pop/pop_module.cc
+++ b/src/service_inspectors/pop/pop_module.cc
@@ -134,8 +134,8 @@ POP_PROTO_CONF* PopModule::get_data()
 
 bool PopModule::begin(const char*, int, SnortConfig*)
 {
+    assert(!config);
     config = new POP_PROTO_CONF;
-
     return true;
 }
 

diff --git a/src/service_inspectors/sip/sip_config.h b/src/service_inspectors/sip/sip_config.h
index d6054ae25f69c8ec9e8921045d737de201301aac..52f45da5cfbdab7aacb0ae86222a67d6ae2d53b6 100644 (file)
--- a/src/service_inspectors/sip/sip_config.h
+++ b/src/service_inspectors/sip/sip_config.h
@@ -104,7 +104,7 @@ struct SIP_PROTO_CONF
     uint16_t maxViaLen;      // Maximum Via field size
     uint16_t maxContactLen;  // Maximum Contact field size
     uint16_t maxContentLen;  // Maximum Content length
-    uint8_t ignoreChannel;   // Whether to ignore media channels found by SIP PP
+    bool ignoreChannel;   // Whether to ignore media channels found by SIP PP
 };
 
 // API to parse method list

diff --git a/src/service_inspectors/sip/sip_module.cc b/src/service_inspectors/sip/sip_module.cc
index 93eda9918bd469ca5c76ba104bb45af342559e63..bb8e1e69d940787d94ad4428cf5a3f5abbae6c40 100644 (file)
--- a/src/service_inspectors/sip/sip_module.cc
+++ b/src/service_inspectors/sip/sip_module.cc
@@ -199,7 +199,7 @@ ProfileStats* SipModule::get_profile() const
 bool SipModule::set(const char*, Value& v, SnortConfig*)
 {
     if ( v.is("ignore_call_channel") )
-        conf->ignoreChannel  = 1;
+        conf->ignoreChannel = v.get_bool();
 
     else if ( v.is("max_call_id_len") )
         conf->maxCallIdLen = v.get_long();
@@ -249,23 +249,13 @@ SIP_PROTO_CONF* SipModule::get_data()
 
 bool SipModule::begin(const char*, int, SnortConfig*)
 {
+    assert(!conf);
     conf = new SIP_PROTO_CONF;
-    conf->ignoreChannel  = 0;
-    conf->maxNumSessions = 10000;
-    conf->maxNumDialogsInSession = 4;
-    conf->maxUriLen = 256;
-    conf->maxCallIdLen = 256;
-    conf->maxRequestNameLen = 20;
-    conf->maxFromLen = 256;
-    conf->maxToLen = 256;
-
-    conf->maxViaLen = 1024;
-    conf->maxContactLen = 256;
-    conf->maxContentLen = 1024;
 
     conf->methodsConfig = SIP_METHOD_NULL;
     conf->methods = NULL;
     sip_methods = default_methods;
+
     return true;
 }
 

diff --git a/src/service_inspectors/ssh/ssh.cc b/src/service_inspectors/ssh/ssh.cc
index 2bd8fdfe7102cf8724aa2079e750fb25f09abf89..d6eacd297e06f124bf562bf83bb8aca77a074fe3 100644 (file)
--- a/src/service_inspectors/ssh/ssh.cc
+++ b/src/service_inspectors/ssh/ssh.cc
@@ -75,26 +75,14 @@ static SSHData* get_session_data(Flow* flow)
 
 static void PrintSshConf(SSH_PROTO_CONF* config)
 {
-    if (config == NULL)
+    if ( !config )
         return;
 
     LogMessage("SSH config: \n");
-    LogMessage("    Max Encrypted Packets: %d %s \n",
-        config->MaxEncryptedPackets,
-        config->MaxEncryptedPackets
-        == SSH_DEFAULT_MAX_ENC_PKTS ?
-        "(Default)" : "");
-    LogMessage("    Max Server Version String Length: %d %s \n",
-        config->MaxServerVersionLen,
-        config->MaxServerVersionLen
-        == SSH_DEFAULT_MAX_SERVER_VERSION_LEN ?
-        "(Default)" : "");
-
-    LogMessage("    MaxClientBytes: %d %s \n",
-        config->MaxClientBytes,
-        config->MaxClientBytes
-        == SSH_DEFAULT_MAX_CLIENT_BYTES ?
-        "(Default)" : "");
+
+    LogMessage("    Max Encrypted Packets: %d\n", config->MaxEncryptedPackets);
+    LogMessage("    Max Server Version String Length: %d\n", config->MaxServerVersionLen);
+    LogMessage("    MaxClientBytes: %d\n", config->MaxClientBytes);
 
     LogMessage("\n");
 }

diff --git a/src/service_inspectors/ssh/ssh_config.h b/src/service_inspectors/ssh/ssh_config.h
index 8f7252f6a017079e91d8555faebb5bd8404abc82..903b32fc2601274c2f8180b500172101b6e3aaaa 100644 (file)
--- a/src/service_inspectors/ssh/ssh_config.h
+++ b/src/service_inspectors/ssh/ssh_config.h
@@ -31,8 +31,4 @@ struct SSH_PROTO_CONF
     uint16_t MaxServerVersionLen;
 };
 
-#define SSH_DEFAULT_MAX_ENC_PKTS    25
-#define SSH_DEFAULT_MAX_CLIENT_BYTES    19600
-#define SSH_DEFAULT_MAX_SERVER_VERSION_LEN 80
-
 #endif

diff --git a/src/service_inspectors/ssh/ssh_module.cc b/src/service_inspectors/ssh/ssh_module.cc
index b1f1bc69b64b1831e2b13e10b699dc6050f45801..2d9bcb66fd48a00339c2c6fc8a00a169077bb6eb 100644 (file)
--- a/src/service_inspectors/ssh/ssh_module.cc
+++ b/src/service_inspectors/ssh/ssh_module.cc
@@ -116,15 +116,8 @@ SSH_PROTO_CONF* SshModule::get_data()
 
 bool SshModule::begin(const char*, int, SnortConfig*)
 {
+    assert(!conf);
     conf = new SSH_PROTO_CONF;
-    conf->MaxClientBytes = SSH_DEFAULT_MAX_CLIENT_BYTES;
-    conf->MaxEncryptedPackets = SSH_DEFAULT_MAX_ENC_PKTS;
-    conf->MaxServerVersionLen = SSH_DEFAULT_MAX_SERVER_VERSION_LEN;
-    return true;
-}
-
-bool SshModule::end(const char*, int, SnortConfig*)
-{
     return true;
 }
 

diff --git a/src/service_inspectors/ssh/ssh_module.h b/src/service_inspectors/ssh/ssh_module.h
index 5e8aca895b2e31ac476b0098d8e57accabc88951..a7b7394da5bff7638d90da1d1069bc57d5ac8279 100644 (file)
--- a/src/service_inspectors/ssh/ssh_module.h
+++ b/src/service_inspectors/ssh/ssh_module.h
@@ -54,7 +54,6 @@ public:
 
     bool set(const char*, Value&, SnortConfig*) override;
     bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_SSH; }

diff --git a/src/service_inspectors/ssl/ssl_module.cc b/src/service_inspectors/ssl/ssl_module.cc
index c952dd33d6e9faa9c34c510649aec69070fb3ef8..d6806b495b085b582d814dc2f148bc79e37b855a 100644 (file)
--- a/src/service_inspectors/ssl/ssl_module.cc
+++ b/src/service_inspectors/ssl/ssl_module.cc
@@ -84,10 +84,8 @@ ProfileStats* SslModule::get_profile() const
 bool SslModule::set(const char*, Value& v, SnortConfig*)
 {
     if ( v.is("trust_servers") )
-    {
-        if (v.get_bool())
-            conf->trustservers = true;
-    }
+        conf->trustservers = v.get_bool();
+
     else if ( v.is("max_heartbeat_length") )
         conf->max_heartbeat_len = v.get_long();
 
@@ -106,9 +104,8 @@ SSL_PROTO_CONF* SslModule::get_data()
 
 bool SslModule::begin(const char*, int, SnortConfig*)
 {
+    assert(!conf);
     conf = new SSL_PROTO_CONF;
-    conf->max_heartbeat_len = 0;
-    conf->trustservers = false;
     return true;
 }