{
public:
- ReactData(const std::string& page)
+ explicit ReactData(const std::string& page)
{
if ( page.empty())
{
class ReactActiveAction : public ActiveAction
{
public:
- ReactActiveAction(ReactData* c)
+ explicit ReactActiveAction(ReactData* c)
: ActiveAction( ActionPriority::AP_PROXY ), config(c)
{ }
void ReactActiveAction::delayed_exec(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(reactPerfStats);
if ( p->active->is_reset_candidate(p) )
uint32_t get_data();
private:
- uint32_t flags;
+ uint32_t flags = 0;
};
bool RejectModule::begin(const char*, int, SnortConfig*)
{
IpProtocol next;
uint8_t len;
+ // cppcheck-suppress unusedStructMember
uint16_t rsv; /* reserved */
+ // cppcheck-suppress unusedStructMember
uint32_t spi; /* Security Parameters Index */
+ // cppcheck-suppress unusedStructMember
uint32_t seq; /* Sequence Number */
+ // cppcheck-suppress unusedStructMember
uint32_t icv[1]; /* VARIABLE LENGTH!! -- specified by len field*/
};
Buffer buf(&t, size);
Flow *flow = nullptr;
- CHECK (grecodec.encode(&raw_in,raw_len,enc,buf,flow) == false);
+ CHECK (false == grecodec.encode(&raw_in,raw_len,enc,buf,flow));
}
#endif
{
struct IcmpHdr
{
+ // cppcheck-suppress unusedStructMember
uint8_t type;
+ // cppcheck-suppress unusedStructMember
uint8_t code;
uint16_t cksum;
+ // cppcheck-suppress unusedStructMember
uint32_t unused;
};
} // namespace
{
struct IcmpHdr
{
+ // cppcheck-suppress unusedStructMember
uint8_t type;
+ // cppcheck-suppress unusedStructMember
uint8_t code;
uint16_t cksum;
+ // cppcheck-suppress unusedStructMember
uint32_t unused;
};
} // namespace
{
IpProtocol payload_proto;
uint8_t header_len;
+ // cppcheck-suppress unusedStructMember
uint8_t mh_type;
+ // cppcheck-suppress unusedStructMember
uint8_t reserved;
+ // cppcheck-suppress unusedStructMember
uint16_t checksum;
};
} // namespace
{
uint8_t type; /* 02 = vuln */
uint8_t len;
+ // cppcheck-suppress unusedStructMember
uint8_t res[2];
+ // cppcheck-suppress unusedStructMember
uint32_t seq[1]; /* could be many many more, but 1 is sufficient */
};
struct PGM_NAK
{
+ // cppcheck-suppress unusedStructMember
uint32_t seqnum;
+ // cppcheck-suppress unusedStructMember
uint16_t afil1;
+ // cppcheck-suppress unusedStructMember
uint16_t res1;
+ // cppcheck-suppress unusedStructMember
uint32_t src;
+ // cppcheck-suppress unusedStructMember
uint16_t afi2;
+ // cppcheck-suppress unusedStructMember
uint16_t res2;
+ // cppcheck-suppress unusedStructMember
uint32_t multi;
PGM_NAK_OPT opt;
};
uint8_t fpath_dst[6];
uint8_t fpath_src[6];
uint16_t fpath_type;
+ // cppcheck-suppress unusedStructMember
uint16_t fptag_extra; /* 10-bit FTag + 6-bit TTL */
};
/* PPPoEHdr Header; eth::EtherHdr plus the PPPoE Header */
struct PPPoEHdr
{
+ // cppcheck-suppress unusedStructMember
uint8_t ver_type; /* pppoe version/type */
+ // cppcheck-suppress unusedStructMember
uint8_t code; /* pppoe code CODE_* */
+ // cppcheck-suppress unusedStructMember
uint16_t session; /* session id */
uint16_t length; /* payload length */
/* payload follows */
class VlanCodec : public Codec
{
public:
- VlanCodec(const char* s) : Codec(CD_VLAN_NAME)
- { tpids = s; }
+ VlanCodec(const char* s) : Codec(CD_VLAN_NAME), tpids(s)
+ { }
void get_protocol_ids(std::vector<ProtocolId>& v) override;
bool decode(const RawData&, CodecData&, DecodeData&) override;
struct VXLANHdr
{
uint8_t flags;
+ // cppcheck-suppress unusedStructMember
uint8_t reserved_1[3];
uint8_t vni[3]; //VXLAN network id
+ // cppcheck-suppress unusedStructMember
uint8_t reserved_2;
};
constexpr uint16_t VXLAN_MIN_HDR_LEN = 8;
FileConnectorModule::FileConnectorModule() :
Module(FILE_CONNECTOR_NAME, FILE_CONNECTOR_HELP, file_connector_params, true)
{
- config = nullptr;
config_set = new FileConnectorConfig::FileConnectorConfigSet;
}
FileConnectorModule::~FileConnectorModule()
{
- if ( config )
- delete config;
- if ( config_set )
- delete config_set;
+ delete config;
+ delete config_set;
}
ProfileStats* FileConnectorModule::get_profile() const
private:
FileConnectorConfig::FileConnectorConfigSet* config_set;
- FileConnectorConfig* config;
+ FileConnectorConfig* config = nullptr;
};
#endif
FileConnectorModule::FileConnectorModule() :
Module("FC", "FC Help", nullptr)
-{ }
+{ config_set = nullptr; }
FileConnectorConfig::FileConnectorConfigSet* FileConnectorModule::get_and_clear_config()
-{
- return new FileConnectorConfig::FileConnectorConfigSet;
-}
+{ return new FileConnectorConfig::FileConnectorConfigSet; }
FileConnectorModule::~FileConnectorModule() = default;
enum ReadDataOutcome { SUCCESS = 0, TRUNCATED, ERROR, CLOSED, PARTIAL, AGAIN };
-static ReadDataOutcome read_data(int sockfd, uint8_t *data, uint16_t length, ssize_t *read_offset)
+static ReadDataOutcome read_data(int sockfd, uint8_t *data, uint16_t length, ssize_t& read_offset)
{
ssize_t bytes_read, offset;
- offset = *read_offset;
+ offset = read_offset;
bytes_read = recv(sockfd, data + offset, length - offset, 0);
if (bytes_read == 0)
{
}
return ERROR;
}
- *read_offset = offset + bytes_read;
+ read_offset = offset + bytes_read;
if ((offset + bytes_read) < length)
return PARTIAL;
if ( length > 0 )
{
ReadDataOutcome rval;
- ssize_t offset = 0;
do
{
- rval = read_data(sockfd, data, length, &offset);
+ ssize_t offset = 0;
+ rval = read_data(sockfd, data, length, offset);
} while (rval == PARTIAL || rval == AGAIN);
if (rval != SUCCESS)
class __attribute__((__packed__)) TcpConnectorMsgHdr
{
public:
- TcpConnectorMsgHdr() = default;
+ TcpConnectorMsgHdr() : version(0), connector_msg_length(0)
+ { }
TcpConnectorMsgHdr(uint32_t length)
{ version = TCP_FORMAT_VERSION; connector_msg_length = length; }
TcpConnectorModule::TcpConnectorModule() :
Module(TCP_CONNECTOR_NAME, TCP_CONNECTOR_HELP, tcp_connector_params, true)
{
- config = nullptr;
config_set = new TcpConnectorConfig::TcpConnectorConfigSet;
}
private:
TcpConnectorConfig::TcpConnectorConfigSet* config_set;
- TcpConnectorConfig* config;
+ TcpConnectorConfig* config = nullptr;
};
#endif
TcpConnectorModule::TcpConnectorModule() :
Module("TCPC", "TCPC Help", nullptr)
-{ }
+{ config_set = nullptr; }
TcpConnectorConfig::TcpConnectorConfigSet* TcpConnectorModule::get_and_clear_config()
{
and handles other diversion such as nested Dict objects.
If the /Filter token doesn't exist then we don't fill the
Filter_Spec_Buf[]. If in skip mode, no need to look for token. */
- char Filter_Tok[] = TOK_DICT_FILT;
+ static const char Filter_Tok[] = TOK_DICT_FILT;
if ( (p->Sub_State == P_DICT_ACTIVE) && c == Filter_Tok[p->Elem_Index++] )
{
name_buf = new uint8_t[32];
// The filename is UTF16 encoded and will be of the size 64 bytes.
- dir_list->utf_state = new snort::UtfDecodeSession();
+ snort::UtfDecodeSession utf_state;
if (!header->get_byte_order())
- dir_list->utf_state->set_decode_utf_state_charset(CHARSET_UTF16LE);
+ utf_state.set_decode_utf_state_charset(CHARSET_UTF16LE);
else
- dir_list->utf_state->set_decode_utf_state_charset(CHARSET_UTF16BE);
- dir_list->utf_state->decode_utf(buf, OLE_MAX_FILENAME_LEN_UTF16, name_buf,
+ utf_state.set_decode_utf_state_charset(CHARSET_UTF16BE);
+ utf_state.decode_utf(buf, OLE_MAX_FILENAME_LEN_UTF16, name_buf,
OLE_MAX_FILENAME_ASCII, &bytes_copied);
node->set_name(name_buf);
else
dir_list->oleentry.insert({ file_name, node });
count++;
- delete dir_list->utf_state;
}
// Reading the next sector of current_sector by referring the FAT list array.
// A negative number suggests the end of directory entry array and there are
void OleFile :: decompression(const uint8_t* data, uint32_t& data_len, uint8_t*& local_vba_buffer,
uint32_t& vba_buffer_offset)
{
- int16_t header;
- bool flagCompressed;
- unsigned char buffer[VBA_COMPRESSION_WINDOW]={ };
- uint16_t token;
- unsigned int pos, shift, mask, distance;
- uint8_t flag;
- bool clean;
-
if (!data)
return;
return;
}
- header = LETOHS_UNALIGNED(data + 1);
+ int16_t data_header = LETOHS_UNALIGNED(data + 1);
- flagCompressed = header & 0x8000;
+ bool flagCompressed = 0 != (data_header & 0x8000);
- if (((header >> 12) & 0x07) != 0b011)
+ if (((data_header >> 12) & 0x07) != 0b011)
{
VBA_DEBUG(vba_data_trace, DEFAULT_TRACE_OPTION_ID, TRACE_INFO_LEVEL, CURRENT_PACKET,
"Invalid Chunk signature.\n");
data += 3;
data_len -= 3;
+ unsigned char buffer[VBA_COMPRESSION_WINDOW]={ };
if (flagCompressed == 0)
{
memcpy(&buffer, data, data_len);
return;
}
- pos = 0;
- clean = 1;
+ unsigned pos = 0;
+ bool clean = true;
uint32_t size = data_len;
+ uint8_t flag;
while (cli_readn(data, size, &flag, 1))
{
- for (mask = 1; mask < 0x100; mask <<= 1)
+ for (unsigned mask = 1; mask < 0x100; mask <<= 1)
{
unsigned int winpos = pos % VBA_COMPRESSION_WINDOW;
if (flag & mask)
{
- uint16_t len;
- uint32_t srcpos;
-
+ uint16_t token;
if (!cli_readn(data, size, &token, 2))
return;
- shift = 12 - (winpos > 0x10) - (winpos > 0x20) - (winpos > 0x40) - (winpos >
+ unsigned shift = 12 - (winpos > 0x10) - (winpos > 0x20) - (winpos > 0x40) - (winpos >
0x80) - (winpos > 0x100) - (winpos > 0x200) - (winpos > 0x400) - (winpos >
0x800);
- len = (uint16_t)((token & ((1 << shift) - 1)) + 3);
- distance = token >> shift;
+ uint16_t len = (uint16_t)((token & ((1 << shift) - 1)) + 3);
+ unsigned distance = token >> shift;
- srcpos = pos - distance - 1;
+ uint32_t srcpos = pos - distance - 1;
if ((((srcpos + len) % VBA_COMPRESSION_WINDOW) < winpos)and
((winpos + len) < VBA_COMPRESSION_WINDOW) and
(((srcpos % VBA_COMPRESSION_WINDOW) + len) < VBA_COMPRESSION_WINDOW) and
{
if ((pos != 0)and (winpos == 0) and clean)
{
+ uint16_t token;
if (cli_readn(data, size, &token, 2) != 2)
{
return;
}
- clean = 0;
+ clean = false;
break;
}
if (cli_readn(data, size, &buffer[winpos], 1) == 1)
pos++;
}
- clean = 1;
+ clean = true;
}
}
{
public:
std::unordered_map<char*, FileProperty*> oleentry;
- snort::UtfDecodeSession* utf_state;
+ snort::UtfDecodeSession* utf_state = nullptr;
bool is_file_exists(char* name);
FileProperty* get_file_node(char* name);
return mini_stream_sector;
}
- DirectoryList()
- {
- utf_state = nullptr;
- mini_stream_sector = -1;
- }
+ DirectoryList() = default;
~DirectoryList();
private:
- int32_t mini_stream_sector;
+ int32_t mini_stream_sector = -1;
};
class OleFile
void UtfDecodeSession::set_decode_utf_state_charset(CharsetCode, CharsetSrc) { }
bool UtfDecodeSession::decode_utf(unsigned char const*, unsigned int, unsigned char*, unsigned int,
int*) { return true; }
-UtfDecodeSession::UtfDecodeSession() { }
Packet* DetectionEngine::get_current_packet() { return nullptr; }
void trace_vprintf(char const*, unsigned char, char const*, snort::Packet const*, char const*, va_list) { }
uint8_t TraceApi::get_constraints_generation() { return 0; }
{
abort();
- for ( auto* p : contexts )
+ for ( const auto* p : contexts )
delete p;
}
for (uint8_t i = 0; i < NUM_IPS_OPTIONS_VARS; ++i)
snort::SetVarValueByIndex(byte_extract_vars[i], i);
- const detection_option_tree_node_t* node = root.children[0];
+ const detection_option_tree_node_t* root_node = root.children[0];
if (opt_parent)
{
- for (int i = 0; i < node->num_children; ++i)
- result += detection_option_node_evaluate(node->children[i], data, cursor);
+ for (int i = 0; i < root_node->num_children; ++i)
+ result += detection_option_node_evaluate(root_node->children[i], data, cursor);
}
else
{
- result = detection_option_node_evaluate(node, data, cursor);
+ result = detection_option_node_evaluate(root_node, data, cursor);
}
clear_trace_cursor_info();
delete offloader;
}
+// Not sure why cppcheck doesn't think context is initialized
+// cppcheck-suppress uninitMemberVar
DetectionEngine::DetectionEngine()
{
context = Analyzer::get_switcher()->interrupt();
if ( p->flow ? p->flow->context_chain.front() : sw->non_flow_chain.front() )
{
+ // cppcheck-suppress unreadVariable
Profile profile(mpsePerfStats);
p->context->searches.search_sync();
sw->suspend();
void DetectionEngine::onload()
{
+ // cppcheck-suppress unreadVariable
Profile profile(mpsePerfStats);
Packet* p;
p->clear_offloaded();
- IpsContextChain& chain = p->flow ? p->flow->context_chain :
+ const IpsContextChain& chain = p->flow ? p->flow->context_chain :
Analyzer::get_switcher()->non_flow_chain;
resume_ready_suspends(chain);
do
{
onload();
- } while ( !sw->idle_count() );
+ }
+ // cppcheck-suppress knownConditionTrueFalse
+ while ( !sw->idle_count() );
}
}
*/
int DetectionEngine::log_events(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(eventqPerfStats);
SF_EVENTQ* pq = p->context->equeue;
sfeventq_action(pq, ::log_events, (void*)p);
bool continue_loop = true;
int loop_count = 0;
- char tmp_noalert_flag = 0;
int result = 0;
uint32_t tmp_byte_extract_vars[NUM_IPS_OPTIONS_VARS];
IpsOption* buf_selector = eval_data.buf_selector;
{
const auto& sig_info = node->otn->sigInfo;
- for ( const auto& svc : sig_info.services )
- {
- if ( snort_protocol_id == svc.snort_protocol_id )
- {
- check_ports = 0;
- break; // out of for
- }
- }
+ if ( std::any_of(sig_info.services.cbegin(), sig_info.services.cend(),
+ [snort_protocol_id] (const SignatureServiceInfo& svc)
+ { return snort_protocol_id == svc.snort_protocol_id; }) )
+ check_ports = 0;
if ( !sig_info.services.empty() and check_ports )
{
Continuation::postpone<true>(cursor, *node, eval_data);
return result;
}
- else if ( rval == (int)IpsOption::FAILED_BIT )
+ if ( rval == (int)IpsOption::FAILED_BIT )
{
debug_log(detection_trace, TRACE_RULE_EVAL, p, "failed bit\n");
eval_data.flowbit_failed = 1;
state.last_check.result = result;
return 0;
}
- else if ( rval == (int)IpsOption::NO_ALERT )
+
+ // Cache the current flowbit_noalert flag, and set it
+ // so nodes below this don't alert.
+ char tmp_noalert_flag = eval_data.flowbit_noalert;
+ if ( rval == (int)IpsOption::NO_ALERT )
{
- // Cache the current flowbit_noalert flag, and set it
- // so nodes below this don't alert.
- tmp_noalert_flag = eval_data.flowbit_noalert;
eval_data.flowbit_noalert = 1;
debug_log(detection_trace, TRACE_RULE_EVAL, p, "flowbit no alert\n");
}
if ( PacketLatency::fastpath() )
{
+ // Reset the flowbit_noalert flag in eval data
+ eval_data.flowbit_noalert = tmp_noalert_flag;
profile.stop(result != (int)IpsOption::NO_MATCH);
state.last_check.result = result;
return result;
}
}
- if ( rval == (int)IpsOption::NO_ALERT )
- {
- // Reset the flowbit_noalert flag in eval data
- eval_data.flowbit_noalert = tmp_noalert_flag;
- }
+ // Reset the flowbit_noalert flag in eval data
+ eval_data.flowbit_noalert = tmp_noalert_flag;
if ( continue_loop && rval == (int)IpsOption::MATCH && node->relative_children )
{
return true;
}
-const char* FastPatternConfig::get_search_method()
+const char* FastPatternConfig::get_search_method() const
{
if ( !search_api )
return nullptr;
{ return rule_db_dir; }
bool set_search_method(const char*);
- const char* get_search_method();
+ const char* get_search_method() const;
bool set_offload_search_method(const char*);
void set_max_pattern_len(unsigned);
continue;
OptTreeNode* cotn = (OptTreeNode*)child->option_data;
- SigInfo& csi = cotn->sigInfo;
- SigInfo& osi = otn->sigInfo;
+ const SigInfo& csi = cotn->sigInfo;
+ const SigInfo& osi = otn->sigInfo;
if ( csi.gid == osi.gid and csi.sid == osi.sid and csi.rev == osi.rev )
return false;
fpPrintServiceRuleMapTable(sc->srmmTable->to_cli, "to client");
}
-static void fp_print_service_rules(SnortConfig* sc, GHash* cli, GHash* srv)
+static void fp_print_service_rules(SnortConfig* sc, GHash* to_srv, GHash* to_cli)
{
- if ( !cli->get_count() and !srv->get_count() )
+ if ( !to_srv->get_count() and !to_cli->get_count() )
return;
LogLabel("service rule counts to-srv to-cli");
while ( const char* svc = sc->proto_ref->get_name_sorted(idx++) )
{
- SF_LIST* clist = (SF_LIST*)cli->find(svc);
- SF_LIST* slist = (SF_LIST*)srv->find(svc);
+ SF_LIST* clist = (SF_LIST*)to_srv->find(svc);
+ SF_LIST* slist = (SF_LIST*)to_cli->find(svc);
if ( !clist and !slist )
continue;
class MpseStash
{
public:
+ // for some reason cppcheck does not understand that all members are used in MpseStash::process
struct MatchData
{
+ // cppcheck-suppress unusedStructMember
void* user;
void* tree;
+ // cppcheck-suppress unusedStructMember
void* list;
+ // cppcheck-suppress unusedStructMember
int index;
};
if ( !checker and qmax == queue.size() and is_packet_thread() )
{
+ // cppcheck-suppress unreadVariable
Profile rule_profile(rulePerfStats);
process((IpsContext*)context, queue);
}
void fp_partial(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile mpse_profile(mpsePerfStats);
IpsContext* c = p->context;
init_match_info(c);
if ( search )
{
+ // cppcheck-suppress unreadVariable
Profile mpse_profile(mpsePerfStats);
c->searches.search_sync();
}
{
+ // cppcheck-suppress unreadVariable
Profile rule_profile(rulePerfStats);
if (p->flow && p->flow->ips_cont)
IpsContext* c = p->context;
MpseStash* stash = c->stash;
{
+ // cppcheck-suppress unreadVariable
Profile mpse_profile(mpsePerfStats);
c->searches.search_sync();
}
{
+ // cppcheck-suppress unreadVariable
Profile rule_profile(rulePerfStats);
stash->process(c);
c->searches.items.clear();
{
MpseStash* stash = p->context->stash;
{
+ // cppcheck-suppress unreadVariable
Profile mpse_profile(mpsePerfStats);
int start_state = 0;
mpg->get_normal_mpse()->search(buf, len, rule_tree_queue, p->context, &start_state);
}
{
+ // cppcheck-suppress unreadVariable
Profile rule_profile(rulePerfStats);
stash->process(p->context);
}
void fp_eval_service_group(Packet* p, SnortProtocolId snort_protocol_id)
{
+ // cppcheck-suppress unreadVariable
Profile mpse_profile(mpsePerfStats);
RuleGroup* svc = p->context->conf->sopgTable->get_port_group(true, snort_protocol_id);
MpseStash* stash = c->stash;
c->searches.search_sync();
{
+ // cppcheck-suppress unreadVariable
Profile rule_profile(rulePerfStats);
stash->process(c);
{
PatternMatchData pmd = { };
set_pmd(pmd, 0x0, "foo");
- CHECK(pmd.can_be_fp());
+ CHECK(true == pmd.can_be_fp());
}
TEST_CASE("pmd_negated", "[PatternMatchData]")
{
PatternMatchData pmd = { };
set_pmd(pmd, 0x1, "foo");
- CHECK(!pmd.can_be_fp());
+ CHECK(false == pmd.can_be_fp());
}
TEST_CASE("pmd_no_case", "[PatternMatchData]")
{
PatternMatchData pmd = { };
set_pmd(pmd, 0x2, "foo");
- CHECK(pmd.can_be_fp());
+ CHECK(true == pmd.can_be_fp());
}
TEST_CASE("pmd_relative", "[PatternMatchData]")
{
PatternMatchData pmd = { };
set_pmd(pmd, 0x4, "foo");
- CHECK(pmd.can_be_fp());
+ CHECK(true == pmd.can_be_fp());
}
TEST_CASE("pmd_negated_no_case", "[PatternMatchData]")
{
PatternMatchData pmd = { };
set_pmd(pmd, 0x3, "foo");
- CHECK(pmd.can_be_fp());
+ CHECK(true == pmd.can_be_fp());
}
TEST_CASE("pmd_negated_relative", "[PatternMatchData]")
{
PatternMatchData pmd = { };
set_pmd(pmd, 0x5, "foo");
- CHECK(!pmd.can_be_fp());
+ CHECK(false == pmd.can_be_fp());
}
TEST_CASE("pmd_negated_no_case_offset", "[PatternMatchData]")
PatternMatchData pmd = { };
set_pmd(pmd, 0x1, "foo");
pmd.offset = 3;
- CHECK(!pmd.can_be_fp());
+ CHECK(false == pmd.can_be_fp());
}
TEST_CASE("pmd_negated_no_case_depth", "[PatternMatchData]")
PatternMatchData pmd = { };
set_pmd(pmd, 0x3, "foo");
pmd.depth = 1;
- CHECK(!pmd.can_be_fp());
+ CHECK(false == pmd.can_be_fp());
}
TEST_CASE("fp_simple", "[FastPatternSelect]")
PatternMatchData pmd = { };
set_pmd(pmd, 0x0, "foo");
FpSelector left(CAT_SET_RAW, nullptr, &pmd);
- CHECK(left.is_better_than(test, false, RULE_WO_DIR));
+ CHECK(true == left.is_better_than(test, false, RULE_WO_DIR));
test.size = 1;
- CHECK(left.is_better_than(test, false, RULE_WO_DIR));
+ CHECK(true == left.is_better_than(test, false, RULE_WO_DIR));
}
TEST_CASE("fp_negated", "[FastPatternSelect]")
set_pmd(p1, 0x1, "foo");
FpSelector s1(CAT_SET_RAW, nullptr, &p1);
- CHECK(s0.is_better_than(s1, false, RULE_WO_DIR));
- CHECK(!s1.is_better_than(s0, false, RULE_WO_DIR));
+ CHECK(true == s0.is_better_than(s1, false, RULE_WO_DIR));
+ CHECK(false == s1.is_better_than(s0, false, RULE_WO_DIR));
}
TEST_CASE("fp_cat1", "[FastPatternSelect]")
set_pmd(p1, 0x0, "short");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(s0.is_better_than(s1, true, RULE_WO_DIR));
+ CHECK(true == s0.is_better_than(s1, true, RULE_WO_DIR));
}
TEST_CASE("fp_cat2", "[FastPatternSelect]")
set_pmd(p1, 0x0, "foo");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(!s0.is_better_than(s1, false, RULE_WO_DIR));
- CHECK(!s1.is_better_than(s0, false, RULE_WO_DIR));
+ CHECK(false == s0.is_better_than(s1, false, RULE_WO_DIR));
+ CHECK(false == s1.is_better_than(s0, false, RULE_WO_DIR));
}
TEST_CASE("fp_cat3", "[FastPatternSelect]")
set_pmd(p1, 0x0, "foo");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(!s0.is_better_than(s1, true, RULE_WO_DIR));
+ CHECK(false == s0.is_better_than(s1, true, RULE_WO_DIR));
}
TEST_CASE("fp_size", "[FastPatternSelect]")
set_pmd(p1, 0x0, "short");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(s0.is_better_than(s1, false, RULE_WO_DIR));
+ CHECK(true == s0.is_better_than(s1, false, RULE_WO_DIR));
}
TEST_CASE("fp_pkt_key_port", "[FastPatternSelect]")
set_pmd(p1, 0x0, "longer");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(!s0.is_better_than(s1, false, RULE_WO_DIR));
+ CHECK(false == s0.is_better_than(s1, false, RULE_WO_DIR));
}
TEST_CASE("fp_pkt_key_port_user", "[FastPatternSelect]")
set_pmd(p1, 0x0, "longer");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(s0.is_better_than(s1, false, RULE_WO_DIR));
+ CHECK(true == s0.is_better_than(s1, false, RULE_WO_DIR));
}
TEST_CASE("fp_pkt_key_port_user_user", "[FastPatternSelect]")
set_pmd(p1, 0x10, "short");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(!s0.is_better_than(s1, false, RULE_WO_DIR));
+ CHECK(false == s0.is_better_than(s1, false, RULE_WO_DIR));
}
TEST_CASE("fp_pkt_key_port_user_user2", "[FastPatternSelect]")
set_pmd(p1, 0x10, "short");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(!s0.is_better_than(s1, false, RULE_WO_DIR));
+ CHECK(false == s0.is_better_than(s1, false, RULE_WO_DIR));
}
TEST_CASE("fp_pkt_key_srvc_1", "[FastPatternSelect]")
set_pmd(p1, 0x0, "longer");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(s1.is_better_than(s0, true, RULE_WO_DIR));
+ CHECK(true == s1.is_better_than(s0, true, RULE_WO_DIR));
}
TEST_CASE("fp_pkt_key_srvc_2", "[FastPatternSelect]")
set_pmd(p1, 0x0, "short");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(s0.is_better_than(s1, true, RULE_WO_DIR));
+ CHECK(true == s0.is_better_than(s1, true, RULE_WO_DIR));
}
TEST_CASE("fp_pkt_key_srvc_rsp", "[FastPatternSelect]")
set_pmd(p1, 0x0, "longer");
FpSelector s1(CAT_SET_FAST_PATTERN, nullptr, &p1);
- CHECK(!s0.is_better_than(s1, true, RULE_FROM_SERVER));
- CHECK(s1.is_better_than(s0, true, RULE_FROM_SERVER));
+ CHECK(false == s0.is_better_than(s1, true, RULE_FROM_SERVER));
+ CHECK(true == s1.is_better_than(s0, true, RULE_FROM_SERVER));
}
#endif
inline bool PatternMatchData::has_alpha() const
{
- unsigned offset = fp_offset ? fp_offset : 0;
- unsigned length = fp_length ? fp_length : pattern_size;
+ unsigned tmp_offset = static_cast<unsigned>(fp_offset);
+ unsigned tmp_length = fp_length ? fp_length : pattern_size;
- for ( unsigned idx = 0; idx < length; ++idx )
+ for ( unsigned idx = 0; idx < tmp_length; ++idx )
{
- if ( isalpha(pattern_buf[offset + idx]) )
+ if ( isalpha(pattern_buf[tmp_offset + idx]) )
return true;
}
return false;
{
assert(busy.empty());
- for ( auto* req : idle )
+ for ( const auto* req : idle )
delete req;
}
assert(busy.empty());
}
-bool RegexOffload::on_hold(Flow* f) const
+bool RegexOffload::on_hold(const Flow* f) const
{
- for ( auto* req : busy )
- {
- if ( req->packet->flow == f )
- return true;
- }
- return false;
+ return std::any_of(busy.cbegin(), busy.cend(), [f](const RegexRequest* req){ return req->packet->flow == f; });
}
//--------------------------------------------------------------------------
void MpseRegexOffload::put(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(mpsePerfStats);
assert(p);
bool MpseRegexOffload::get(Packet*& p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(mpsePerfStats);
assert(!busy.empty());
void ThreadRegexOffload::put(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(mpsePerfStats);
assert(p);
unsigned count() const
{ return busy.size(); }
- bool on_hold(snort::Flow*) const;
+ bool on_hold(const snort::Flow*) const;
protected:
RegexOffload(unsigned max);
RuleGroup* sopg_table_t::get_port_group(bool c2s, SnortProtocolId snort_protocol_id)
{
- RuleGroupVector& v = c2s ? to_srv : to_cli;
+ const RuleGroupVector& v = c2s ? to_srv : to_cli;
if ( snort_protocol_id >= v.size() )
return nullptr;
void add_reference(
SnortConfig* sc, OptTreeNode* otn, const std::string& system, const std::string& id)
{
+ assert(sc and otn and !system.empty() and !id.empty());
+
if ( !sc->alert_refs() )
return;
- assert(sc and otn and !system.empty() and !id.empty());
-
const ReferenceSystem* sys = reference_system_lookup(sc, system);
if ( !sys )
json.close_array();
}
-static void dump_bits(JsonStream& json, const char* key, std::vector<std::string>& bits)
+static void dump_bits(JsonStream& json, const char* key, const std::vector<std::string>& bits)
{
if ( bits.empty() )
return;
*
* @returns number of bytes needed
*/
-static inline unsigned int memory_per_node(XHash* hash)
+static inline unsigned int memory_per_node(const XHash* hash)
{
if ( hash == ssn_tag_cache )
return sizeof(tTagFlowKey) + sizeof(HashNode) + sizeof(TagNode);
SnortProtocolId snort_protocol_id = 0; // Added for integrity checks during rule parsing.
unsigned short proto_node_num = 0;
uint16_t longestPatternLen = 0;
- IpsPolicy::Enable enable;
+ IpsPolicy::Enable enable = IpsPolicy::Enable::DISABLED;
Flag flags = 0;
enum SectionDir { SECT_TO_SRV = 0, SECT_TO_CLIENT, SECT_DIR__MAX };
BaseConfigNode* TreeConfigNode::get_node(const std::string& name)
{
- for ( auto node : children )
- {
- if ( node->get_name() == name )
- return node;
- }
- return nullptr;
+ auto it = std::find_if(children.cbegin(), children.cend(),
+ [name](BaseConfigNode* node){ return node->get_name() == name; });
+ return it != children.cend() ? *it : nullptr;
}
ValueConfigNode::ValueConfigNode(BaseConfigNode* parent_node, const Value& val,
SECTION("get_value")
{
CHECK(value_node_str->get_value()->get_origin_string() == "test_str");
- CHECK(value_node_bool->get_value()->get_bool() == true);
+ CHECK(true == value_node_bool->get_value()->get_bool());
CHECK(value_node_multi->get_value()->get_origin_string() == "test2 test3");
CHECK(value_node_custom_name->get_value()->get_origin_string() == "test_str_custom");
}
SECTION("get_value_after_update")
{
CHECK(value_node_str->get_value()->get_origin_string() == "new_value");
- CHECK(value_node_bool->get_value()->get_bool() == false);
+ CHECK(false == value_node_bool->get_value()->get_bool());
CHECK(value_node_multi->get_value()->get_origin_string() == "test1 test2 test3");
CHECK(value_node_custom_name->get_value()->get_origin_string() == "new_custom_value");
}
uint64_t multi_file_processing_id, const uint8_t* url, uint32_t url_size)
{
FileContext* context;
- if (file_id) {
+ if (file_id)
+ {
bool is_new_context = false;
context = get_file_context(file_id, false, is_new_context, multi_file_processing_id);
}
pending_expire_time = other.pending_expire_time;
// only one copy of file capture
file_capture = nullptr;
+ policy_id = 0;
+ user_file_data = nullptr;
}
FileInfo::FileInfo(const FileInfo& other)
bool FileContext::process(Packet* p, const uint8_t* file_data, int data_size,
FilePosition position, FilePolicyBase* policy)
{
+ // cppcheck-suppress unreadVariable
Profile profile(file_perf_stats);
Flow* flow = p->flow;
* 3) file magics are exhausted in depth
*
*/
-void FileContext::find_file_type_from_ips(Packet* pkt, const uint8_t* file_data, int
- data_size,
+void FileContext::find_file_type_from_ips(Packet* pkt, const uint8_t* file_data, int data_size,
FilePosition position)
{
bool depth_exhausted = false;
- bool set_file_context = false;
if ((int64_t)processed_bytes + data_size >= config->file_type_depth)
{
p->packet_flags |= PKT_ALLOW_MULTIPLE_DETECT;
p->proto_bits |= PROTO_BIT__PDU;
+ bool set_file_context = false;
FileFlows* files = FileFlows::get_file_flows(p->flow, false);
- if (files and (!files->get_current_file_context() or files->get_current_file_context() != this))
+ if (files)
{
- files->set_current_file_context(this);
- set_file_context =true;
+ FileContext* context = files->get_current_file_context();
+ if (!context or context != this)
+ {
+ files->set_current_file_context(this);
+ set_file_context = true;
+ }
}
fp_eval_service_group(p, conf->snort_protocol_id);
if (set_file_context)
- {
files->set_current_file_context(nullptr);
- }
/* Check whether file transfer is done or type depth is reached */
if ((position == SNORT_FILE_END) || (position == SNORT_FILE_FULL) || depth_exhausted)
finalize_file_type();
class LogHandler : public DataHandler
{
public:
- LogHandler(const FileLogConfig& conf) : DataHandler(s_name)
- { config = conf; }
+ LogHandler(const FileLogConfig& conf) : DataHandler(s_name), config(conf)
+ { }
void handle(DataEvent&, Flow*) override;
class FileLog : public Inspector
{
public:
- FileLog(const FileLogConfig& conf) { config = conf; }
+ FileLog(const FileLogConfig& conf) : config(conf)
+ { }
void show(const SnortConfig*) const override;
void eval(Packet*) override { }
int detection_filter_test(void* pv, const SfIp* sip, const SfIp* dip, long curtime)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(detectionFilterPerfStats);
if (pv == nullptr)
switch (op)
{
case SFRF_COUNT_INCREMENT:
+ // cppcheck-suppress knownConditionTrueFalse
if ( (dynNode->count+1) != 0 )
{
dynNode->count++;
DeferredTrust() = default;
~DeferredTrust() = default;
SO_PUBLIC void set_deferred_trust(unsigned module_id, bool on);
- bool is_active()
+ bool is_active() const
{ return TRUST_DEFER_ON == deferred_trust || TRUST_DEFER_DEFERRING == deferred_trust; }
bool try_trust()
{
deferred_trust = TRUST_DEFER_DEFERRING;
return TRUST_DEFER_DEFERRING != deferred_trust;
}
- bool is_deferred()
+ bool is_deferred() const
{ return TRUST_DEFER_DEFERRING == deferred_trust; }
void clear()
{
PktType type = p->type();
IpProtocol ip_proto = p->get_ip_proto_next();
- bool reversed_key = key.init(p->context->conf, type, ip_proto, dstIP, p->ptrs.dp,
- srcIP, p->ptrs.sp, vlanId, mplsId, *p->pkth);
+ bool reversed_key = key.init(p->context->conf, type, ip_proto, srcIP, p->ptrs.sp, dstIP, p->ptrs.dp,
+ vlanId, mplsId, *p->pkth);
/*
Lookup order:
uint16_t port2;
if (reversed_key)
- {
- port1 = key.port_l;
- port2 = 0;
- key.port_l = 0;
- }
- else
{
port1 = 0;
port2 = key.port_h;
key.port_h = 0;
}
+ else
+ {
+ port1 = key.port_l;
+ port2 = 0;
+ key.port_l = 0;
+ }
node = static_cast<ExpectNode*> ( hash_table->get_user_data(&key) );
if (!node)
{
uint32_t mplsId = (ctrlPkt->proto_bits & PROTO_BIT__MPLS) ? ctrlPkt->ptrs.mplsHdr.label : 0;
FlowKey key;
- bool reversed_key = key.init(ctrlPkt->context->conf, type, ip_proto, cliIP, cliPort,
- srvIP, srvPort, vlanId, mplsId, *ctrlPkt->pkth);
+ // This code assumes that the expected session is in the opposite direction of the control session
+ // when groups are significant
+ bool reversed_key = (ctrlPkt->pkth->flags & DAQ_PKT_FLAG_SIGNIFICANT_GROUPS)
+ ? key.init(ctrlPkt->context->conf, type, ip_proto, cliIP, cliPort,
+ srvIP, srvPort, vlanId, mplsId, ctrlPkt->pkth->address_space_id, ctrlPkt->pkth->egress_group,
+ ctrlPkt->pkth->ingress_group)
+ : key.init(ctrlPkt->context->conf, type, ip_proto, cliIP, cliPort,
+ srvIP, srvPort, vlanId, mplsId, *ctrlPkt->pkth);
bool new_node = false;
ExpectNode* node = static_cast<ExpectNode*> ( hash_table->get_user_data(&key) );
expire_time = (uint64_t)p->pkth->ts.tv_sec + timeout;
}
-bool Flow::expired(const Packet* p)
+bool Flow::expired(const Packet* p) const
{
if ( !expire_time )
return false;
return mpls_server;
}
-bool Flow::is_pdu_inorder(uint8_t dir)
+bool Flow::is_pdu_inorder(uint8_t dir) const
{
return ( (session != nullptr) && session->is_sequenced(dir)
&& (session->missing_in_reassembled(dir) == SSN_MISSING_NONE)
void set_client_initiate(Packet*);
void set_direction(Packet*);
void set_expire(const Packet*, uint64_t timeout);
- bool expired(const Packet*);
+ bool expired(const Packet*) const;
void set_ttl(Packet*, bool client);
void set_mpls_layer_per_dir(Packet*);
Layer get_mpls_layer_per_dir(bool);
void swap_roles();
void set_service(Packet*, const char* new_service);
- bool get_attr(const std::string& key, int32_t& val);
- bool get_attr(const std::string& key, std::string& val);
+ bool get_attr(const std::string& key, int32_t& val) const;
+ bool get_attr(const std::string& key, std::string& val) const;
void set_attr(const std::string& key, const int32_t& val);
void set_attr(const std::string& key, const std::string& val);
// Use this API when the publisher of the attribute allocated memory for it and can give up its
}
template<typename T>
- bool get_attr(const std::string& key, T& val)
+ bool get_attr(const std::string& key, T& val) const
{
assert(stash);
return stash->get(key, val);
void set_to_client_detection(bool enable);
void set_to_server_detection(bool enable);
- int get_ignore_direction()
+ int get_ignore_direction() const
{ return ssn_state.ignore_direction; }
int set_ignore_direction(char ignore_direction)
return ssn_state.ignore_direction;
}
- bool two_way_traffic()
+ bool two_way_traffic() const
{ return (ssn_state.session_flags & SSNFLAG_SEEN_BOTH) == SSNFLAG_SEEN_BOTH; }
- bool is_pdu_inorder(uint8_t dir);
+ bool is_pdu_inorder(uint8_t dir) const;
bool is_direction_aborted(bool from_client) const;
void set_proxied()
{ ssn_state.session_flags |= SSNFLAG_PROXIED; }
- bool is_proxied()
+ bool is_proxied() const
{ return (ssn_state.session_flags & SSNFLAG_PROXIED) != 0; }
- bool is_stream()
+ bool is_stream() const
{ return pkt_type == PktType::TCP or pkt_type == PktType::USER; }
void block()
void set_hard_expiration()
{ ssn_state.session_flags |= SSNFLAG_HARD_EXPIRATION; }
- bool is_hard_expiration()
+ bool is_hard_expiration() const
{ return (ssn_state.session_flags & SSNFLAG_HARD_EXPIRATION) != 0; }
void set_deferred_trust(unsigned module_id, bool on)
{ deferred_trust.set_deferred_trust(module_id, on); }
- bool cannot_trust()
+ bool cannot_trust() const
{ return deferred_trust.is_active(); }
bool try_trust()
void trust();
- bool trust_is_deferred()
+ bool trust_is_deferred() const
{ return deferred_trust.is_deferred(); }
void set_idle_timeout(unsigned timeout)
if ( sc->max_aux_ip > 0 )
{
- for ( const auto& aip : aux_ip_fifo )
- if ( aip == ip )
- return false;
+ if ( std::any_of(aux_ip_fifo.cbegin(), aux_ip_fifo.cend(),
+ [ip](const snort::SfIp& aip){ return aip == ip; }) )
+ return false;
if ( aux_ip_fifo.size() == (unsigned)sc->max_aux_ip )
aux_ip_fifo.pop_back();
FlowHAState::FlowHAState()
{
- state = INITIAL_STATE;
- state |= (NEW | NEW_SESSION);
- pending = NONE_PENDING;
-
// Set the initial update time to now+min_session_lifetime
packet_gettimeofday(&next_update);
timeradd(&next_update, &min_session_lifetime, &next_update);
init_next_update();
}
-FlowHAClient::FlowHAClient(uint8_t length, bool session_client)
+FlowHAClient::FlowHAClient(uint8_t length, bool session_client) : max_length(length)
{
if (!ha)
return;
- max_length = length;
-
if (session_client)
{
index = SESSION_HA_CLIENT_INDEX;
static struct timeval min_sync_interval;
struct timeval next_update;
- uint16_t pending;
- uint8_t state;
+ uint16_t pending = NONE_PENDING;
+ uint8_t state = NEW | NEW_SESSION;
};
// Describe the message being produced or consumed.
virtual bool is_update_required(snort::Flow*) { return false; }
virtual uint8_t get_message_size(Flow&) { return max_length; }
- FlowHAClientHandle handle; // Actual handle for the instance
- uint8_t index;
+ FlowHAClientHandle handle = 0; // Actual handle for the instance
+ uint8_t index = 0;
uint8_t max_length;
protected:
virtual void set_extra_data(snort::Packet*, uint32_t /*flag*/) { }
- virtual bool is_sequenced(uint8_t /*dir*/) { return true; }
- virtual bool are_packets_missing(uint8_t /*dir*/) { return false; }
- virtual bool are_client_segments_queued() { return false; }
+ virtual bool is_sequenced(uint8_t /*dir*/) const { return true; }
+ virtual bool are_packets_missing(uint8_t /*dir*/) const { return false; }
+ virtual bool are_client_segments_queued() const { return false; }
virtual void disable_reassembly(snort::Flow*) { }
- virtual uint8_t get_reassembly_direction() { return SSN_DIR_NONE; }
- virtual uint8_t missing_in_reassembled(uint8_t /*dir*/) { return SSN_MISSING_NONE; }
+ virtual uint8_t get_reassembly_direction() const { return SSN_DIR_NONE; }
+ virtual uint8_t missing_in_reassembled(uint8_t /*dir*/) const { return SSN_MISSING_NONE; }
virtual bool set_packet_action_to_hold(snort::Packet*) { return false; }
-add_cpputest( ha_test )
+add_cpputest( ha_test
+ SOURCES flow_stubs.h
+)
add_cpputest( deferred_trust_test
SOURCES ../deferred_trust.cc
add_cpputest( flow_control_test
SOURCES ../flow_control.cc
+ flow_stubs.h
)
add_cpputest( flow_cache_test
../flow_cache.cc
../flow_control.cc
../flow_key.cc
+ flow_stubs.h
../../hash/hash_key_operations.cc
../../hash/hash_lru_cache.cc
../../hash/primetable.cc
SOURCES
../flow.cc
../flow_data.cc
+ flow_stubs.h
)
#include "flow/flow_cache.h"
#include "flow/ha.h"
#include "flow/session.h"
-#include "main/policy.h"
-#include "main/snort_config.h"
-#include "main/thread_config.h"
+#include "main/analyzer.h"
#include "managers/inspector_manager.h"
#include "packet_io/active.h"
-#include "packet_tracer/packet_tracer.h"
#include "protocols/icmp4.h"
-#include "protocols/packet.h"
#include "protocols/tcp.h"
#include "protocols/udp.h"
#include "protocols/vlan.h"
-#include "stream/stream.h"
#include "utils/util.h"
#include "trace/trace_api.h"
#include <CppUTest/CommandLineTestRunner.h>
#include <CppUTest/TestHarness.h>
+#include "flow_stubs.h"
+
using namespace snort;
THREAD_LOCAL bool Active::s_suspend = false;
THREAD_LOCAL Active::ActiveSuspendReason Active::s_suspend_reason = Active::ASP_NONE;
-THREAD_LOCAL PacketTracer* snort::s_pkt_trace = nullptr;
THREAD_LOCAL const Trace* stream_trace = nullptr;
void Active::drop_packet(snort::Packet const*, bool) { }
-PacketTracer::~PacketTracer() = default;
-void PacketTracer::log(const char*, ...) { }
-void PacketTracer::open_file() { }
-void PacketTracer::dump_to_daq(Packet*) { }
-void PacketTracer::reset(bool) { }
-void PacketTracer::pause() { }
-void PacketTracer::unpause() { }
+Analyzer* Analyzer::get_local_analyzer() { return nullptr; }
+void Analyzer::resume(unsigned long) { }
void Active::set_drop_reason(char const*) { }
-Packet::Packet(bool) { }
-Packet::~Packet() = default;
-uint32_t Packet::get_flow_geneve_vni() const { return 0; }
-Flow::~Flow() = default;
-DetectionEngine::DetectionEngine() = default;
+DetectionEngine::DetectionEngine() { context = nullptr; }
ExpectCache::~ExpectCache() = default;
DetectionEngine::~DetectionEngine() = default;
-void Flow::init(PktType) { }
-void Flow::flush(bool) { }
-void Flow::reset(bool) { }
-void Flow::free_flow_data() { }
-void DataBus::publish(unsigned, unsigned, DataEvent&, Flow*) { }
-void DataBus::publish(unsigned, unsigned, const uint8_t*, unsigned, Flow*) { }
-void DataBus::publish(unsigned, unsigned, Packet*, Flow*) { }
const SnortConfig* SnortConfig::get_conf() { return nullptr; }
-void Flow::set_client_initiate(Packet*) { }
-void Flow::set_direction(Packet*) { }
-void set_network_policy(unsigned) { }
-void set_inspection_policy(unsigned) { }
-void set_ips_policy(const snort::SnortConfig*, unsigned) { }
-void Flow::set_mpls_layer_per_dir(Packet*) { }
void DetectionEngine::disable_all(Packet*) { }
-void Stream::drop_traffic(const Packet*, char) { }
-bool Stream::blocked_flow(Packet*) { return true; }
ExpectCache::ExpectCache(uint32_t) { }
bool ExpectCache::check(Packet*, Flow*) { return true; }
bool ExpectCache::is_expected(Packet*) { return true; }
namespace snort
{
-NetworkPolicy* get_network_policy() { return nullptr; }
-InspectionPolicy* get_inspection_policy() { return nullptr; }
-IpsPolicy* get_ips_policy() { return nullptr; }
-unsigned SnortConfig::get_thread_reload_id() { return 0; }
+Flow::~Flow() = default;
+void Flow::init(PktType) { }
+void Flow::flush(bool) { }
+void Flow::reset(bool) { }
+void Flow::free_flow_data() { }
+void Flow::set_client_initiate(Packet*) { }
+void Flow::set_direction(Packet*) { }
+void Flow::set_mpls_layer_per_dir(Packet*) { }
-namespace layer
-{
-const vlan::VlanTagHdr* get_vlan_layer(const Packet* const) { return nullptr; }
-}
time_t packet_time() { return 0; }
-}
+void packet_gettimeofday(struct timeval* tv) { *tv = {}; }
-namespace snort
-{
namespace ip
{
uint32_t IpApi::id() const { return 0; }
}
}
-void Stream::stop_inspection(Flow*, Packet*, char, int32_t, int) { }
-
-
int ExpectCache::add_flow(const Packet*, PktType, IpProtocol, const SfIp*, uint16_t,
const SfIp*, uint16_t, char, FlowData*, SnortProtocolId, bool, bool, bool, bool)
{
#include <CppUTest/CommandLineTestRunner.h>
#include <CppUTest/TestHarness.h>
+#include "flow_stubs.h"
+
using namespace snort;
THREAD_LOCAL bool Active::s_suspend = false;
THREAD_LOCAL Active::ActiveSuspendReason Active::s_suspend_reason = Active::ASP_NONE;
-THREAD_LOCAL PacketTracer* snort::s_pkt_trace = nullptr;
-
void Active::drop_packet(snort::Packet const*, bool) { }
-PacketTracer::~PacketTracer() = default;
-void PacketTracer::log(const char*, ...) { }
-void PacketTracer::open_file() { }
-void PacketTracer::dump_to_daq(Packet*) { }
-void PacketTracer::reset(bool) { }
-void PacketTracer::pause() { }
-void PacketTracer::unpause() { }
void Active::set_drop_reason(char const*) { }
-Packet::Packet(bool) { }
-Packet::~Packet() = default;
-uint32_t Packet::get_flow_geneve_vni() const { return 0; }
FlowCache::FlowCache(const FlowCacheConfig& cfg) : config(cfg) { }
FlowCache::~FlowCache() = default;
Flow::~Flow() = default;
-DetectionEngine::DetectionEngine() = default;
+DetectionEngine::DetectionEngine() { context = nullptr; }
DetectionEngine::~DetectionEngine() = default;
ExpectCache::~ExpectCache() = default;
unsigned FlowCache::purge() { return 1; }
size_t FlowCache::uni_ip_flows_size() const { return 0; }
size_t FlowCache::flows_size() const { return 0; }
void Flow::init(PktType) { }
-void DataBus::publish(unsigned, unsigned, DataEvent&, Flow*) { }
-void DataBus::publish(unsigned, unsigned, const uint8_t*, unsigned, Flow*) { }
-void DataBus::publish(unsigned, unsigned, Packet*, Flow*) { }
const SnortConfig* SnortConfig::get_conf() { return nullptr; }
void FlowCache::unlink_uni(Flow*) { }
void Flow::set_client_initiate(Packet*) { }
void Flow::set_direction(Packet*) { }
-void set_network_policy(unsigned) { }
-void set_inspection_policy(unsigned) { }
-void set_ips_policy(const snort::SnortConfig*, unsigned) { }
void Flow::set_mpls_layer_per_dir(Packet*) { }
void DetectionEngine::disable_all(Packet*) { }
-void Stream::drop_traffic(const Packet*, char) { }
-bool Stream::blocked_flow(Packet*) { return true; }
ExpectCache::ExpectCache(uint32_t) { }
bool ExpectCache::check(Packet*, Flow*) { return true; }
bool ExpectCache::is_expected(Packet*) { return true; }
Flow* HighAvailabilityManager::import(Packet&, FlowKey&) { return nullptr; }
-namespace snort
-{
-NetworkPolicy* get_network_policy() { return nullptr; }
-InspectionPolicy* get_inspection_policy() { return nullptr; }
-IpsPolicy* get_ips_policy() { return nullptr; }
-unsigned SnortConfig::get_thread_reload_id() { return 0; }
-
-namespace layer
-{
-const vlan::VlanTagHdr* get_vlan_layer(const Packet* const) { return nullptr; }
-}
-}
-
namespace snort
{
namespace ip
return true;
}
-void Stream::stop_inspection(Flow*, Packet*, char, int32_t, int) { }
-
int ExpectCache::add_flow(const Packet*,
PktType, IpProtocol,
const SfIp*, uint16_t,
namespace snort
{
-SnortConfig::SnortConfig(const SnortConfig* const, const char*) { }
+SnortConfig::SnortConfig(const SnortConfig* const, const char*)
+{
+ daq_config = nullptr;
+ thread_config = nullptr;
+}
SnortConfig::~SnortConfig() = default;
const SnortConfig* SnortConfig::get_conf() { return &snort_conf; }
--- /dev/null
+//--------------------------------------------------------------------------
+// Copyright (C) 2020-2023 Cisco and/or its affiliates. All rights reserved.
+//
+// This program is free software; you can redistribute it and/or modify it
+// under the terms of the GNU General Public License Version 2 as published
+// by the Free Software Foundation. You may not use, modify or distribute
+// this program under any other version of the GNU General Public License.
+//
+// This program is distributed in the hope that it will be useful, but
+// WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+// General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+//--------------------------------------------------------------------------
+// flow_stubs.h author Ron Dempster <rdempste@cisco.com>
+
+#ifndef FLOW_STUBS_H
+#define FLOW_STUBS_H
+
+#include "framework/data_bus.h"
+#include "log/messages.h"
+#include "main/policy.h"
+#include "main/snort_config.h"
+#include "main/thread_config.h"
+#include "packet_tracer/packet_tracer.h"
+#include "protocols/layer.h"
+#include "protocols/packet.h"
+#include "stream/stream.h"
+
+namespace snort
+{
+void ErrorMessage(const char*,...) { }
+void LogMessage(const char*,...) { }
+
+void DataBus::publish(unsigned, unsigned, DataEvent&, Flow*) { }
+void DataBus::publish(unsigned, unsigned, const uint8_t*, unsigned, Flow*) { }
+void DataBus::publish(unsigned, unsigned, Packet*, Flow*) { }
+
+Packet::Packet(bool)
+{
+ memset((char*) this , 0, sizeof(*this));
+ ip_proto_next = IpProtocol::PROTO_NOT_SET;
+ packet_flags = PKT_FROM_CLIENT;
+}
+Packet::~Packet() = default;
+uint32_t Packet::get_flow_geneve_vni() const { return 0; }
+
+THREAD_LOCAL PacketTracer* s_pkt_trace = nullptr;
+
+PacketTracer::~PacketTracer() = default;
+void PacketTracer::log(const char*, ...) { }
+void PacketTracer::open_file() { }
+void PacketTracer::dump_to_daq(Packet*) { }
+void PacketTracer::reset(bool) { }
+void PacketTracer::pause() { }
+void PacketTracer::unpause() { }
+
+namespace layer
+{
+const vlan::VlanTagHdr* get_vlan_layer(const Packet* const) { return nullptr; }
+}
+
+void Stream::drop_traffic(const Packet*, char) { }
+bool Stream::blocked_flow(Packet*) { return true; }
+void Stream::stop_inspection(Flow*, Packet*, char, int32_t, int) { }
+
+NetworkPolicy* get_network_policy() { return nullptr; }
+InspectionPolicy* get_inspection_policy() { return nullptr; }
+IpsPolicy* get_ips_policy() { return nullptr; }
+void set_network_policy(NetworkPolicy*) { }
+void set_inspection_policy(InspectionPolicy*) { }
+void set_ips_policy(IpsPolicy*) { }
+unsigned SnortConfig::get_thread_reload_id() { return 0; }
+}
+
+void set_network_policy(unsigned) { }
+void set_inspection_policy(unsigned) { }
+void set_ips_policy(const snort::SnortConfig*, unsigned) { }
+void select_default_policy(const _daq_pkt_hdr&, const snort::SnortConfig*) { }
+
+#endif
#include <CppUTest/CommandLineTestRunner.h>
#include <CppUTest/TestHarness.h>
-using namespace snort;
+#include "flow_stubs.h"
-Packet::Packet(bool) { }
-Packet::~Packet() = default;
+using namespace snort;
void Inspector::rem_ref() {}
void DetectionEngine::onload(Flow*) {}
-void set_network_policy(unsigned) { }
-void set_inspection_policy(unsigned) { }
-void set_ips_policy(const snort::SnortConfig*, unsigned) { }
-void select_default_policy(const _daq_pkt_hdr&, const SnortConfig*) { }
-namespace snort
-{
-NetworkPolicy* get_network_policy() { return nullptr; }
-InspectionPolicy* get_inspection_policy() { return nullptr; }
-IpsPolicy* get_ips_policy() { return nullptr; }
-void set_network_policy(NetworkPolicy*) { }
-void set_inspection_policy(InspectionPolicy*) { }
-void set_ips_policy(IpsPolicy*) { }
-unsigned SnortConfig::get_thread_reload_id() { return 0; }
-}
-
Packet* DetectionEngine::set_next_packet(const Packet*, Flow*) { return nullptr; }
ContextSwitcher* Analyzer::get_switcher() { return nullptr; }
snort::IpsContext* ContextSwitcher::get_context() const { return nullptr; }
IpsContext* DetectionEngine::get_context() { return nullptr; }
-DetectionEngine::DetectionEngine() = default;
+DetectionEngine::DetectionEngine() { context = nullptr; }
DetectionEngine::~DetectionEngine() = default;
const Layer* layer::get_mpls_layer(const Packet* const) { return nullptr; }
-void DataBus::publish(unsigned, unsigned, Packet*, Flow*) {}
-
const SnortConfig* SnortConfig::get_conf() { return nullptr; }
TEST_GROUP(nondefault_timeout)
{
- void setup() override
- {
- }
-
- void teardown() override
- {
- }
};
TEST(nondefault_timeout, hard_expiration)
using namespace snort;
+#include "flow_stubs.h"
+
#define MSG_SIZE 100
#define TEST_KEY 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47
return (Flow*)mock().getData("flow").getObjectPointer();
}
-Packet::Packet(bool) { }
-Packet::~Packet() = default;
-
void Stream::delete_flow(const FlowKey* flowkey)
{
mock().actualCall("delete_flow");
namespace snort
{
-void ErrorMessage(const char*,...) { }
-void LogMessage(const char*,...) { }
+Flow::~Flow() = default;
+void Flow::set_client_initiate(Packet*) { }
+void Flow::set_direction(Packet*) { }
void packet_gettimeofday(struct timeval* tv)
{
int SFDAQInstance::ioctl(DAQ_IoctlCmd, void*, size_t) { return DAQ_SUCCESS; }
-Flow::~Flow() { }
-
FlowStash::~FlowStash() = default;
-void Flow::set_client_initiate(Packet*) { }
-void Flow::set_direction(Packet*) { }
-
SideChannel* SideChannelManager::get_side_channel(SCPort)
{
return (SideChannel*)mock().getData("s_side_channel").getObjectPointer();
}
-SideChannel::SideChannel() = default;
-
Connector::Direction SideChannel::get_direction()
{ return Connector::CONN_DUPLEX; }
{
Flow s_flow;
Active active;
- StreamHAClient* s_ha_client; // cppcheck-suppress variableScope
- FlowHAClient* s_other_ha_client; // cppcheck-suppress variableScope
+ StreamHAClient* s_ha_client;
+ FlowHAClient* s_other_ha_client;
uint8_t s_message[MSG_SIZE];
SCMessage s_sc_message;
Packet s_pkt;
s_sc_message = {};
s_sc_message.content = s_message;
mock().setDataObject("message_content", "SCMessage", &s_sc_message);
- s_pkt.active = &active; // cppcheck-suppress unreadVariable
+ s_pkt.active = &active;
memset(&ha_stats, 0, sizeof(ha_stats));
HighAvailabilityManager::configure(&hac);
HighAvailabilityManager::thread_init();
- s_ha_client = new StreamHAClient; // cppcheck-suppress unreadVariable
- s_other_ha_client = new OtherHAClient; // cppcheck-suppress unreadVariable
+ s_ha_client = new StreamHAClient;
+ s_other_ha_client = new OtherHAClient;
}
void teardown() override
virtual Direction get_connector_direction() = 0;
const std::string connector_name;
- const ConnectorConfig* config;
+ const ConnectorConfig* config = nullptr;
protected:
Connector() = default;
if (rhs.data)
{
data = new CursorDataVec;
+ data->reserve(rhs.data->size());
for (CursorData*& cd : *rhs.data)
data->push_back(cd->clone());
if (data)
{
- unsigned id = cd->get_id();
+ unsigned i = cd->get_id();
for (CursorData*& old : *data)
{
- if (old->get_id() == id)
+ if (old->get_id() == i)
{
delete old;
old = cd;
{
if (p->flow and p->flow->gadget)
{
- const DataBuffer& buf = DetectionEngine::get_alt_buffer(p);
+ const DataBuffer& alt_buf = DetectionEngine::get_alt_buffer(p);
- if (buf.len)
+ if (alt_buf.len)
{
- set("alt_data", buf.data, buf.len);
+ set("alt_data", alt_buf.data, alt_buf.len);
return;
}
}
virtual ~CursorData() = default;
virtual CursorData* clone() = 0;
- unsigned get_id()
+ unsigned get_id() const
{ return id; }
static unsigned create_cursor_data_id()
DataBus::~DataBus()
{
- for ( auto& p : pub_sub )
+ for ( const auto& p : pub_sub )
{
for ( auto* h : p )
{
* these three pointers are each referenced literally
* dozens if not hundreds of times. NOTHING else should be added!!
*/
- const snort::tcp::TCPHdr* tcph;
- const snort::udp::UDPHdr* udph;
- const snort::icmp::ICMPHdr* icmph;
+ const snort::tcp::TCPHdr* tcph = nullptr;
+ const snort::udp::UDPHdr* udph = nullptr;
+ const snort::icmp::ICMPHdr* icmph = nullptr;
- uint16_t sp; /* source port (TCP/UDP) */
- uint16_t dp; /* dest port (TCP/UDP) */
+ uint16_t sp = 0; /* source port (TCP/UDP) */
+ uint16_t dp = 0; /* dest port (TCP/UDP) */
- uint16_t decode_flags;
- PktType type;
+ uint16_t decode_flags = 0;
+ PktType type = PktType::NONE;
snort::ip::IpApi ip_api;
- snort::mpls::MplsHdr mplsHdr; // FIXIT-L need to zero this?
+ snort::mpls::MplsHdr mplsHdr = {};
inline void reset()
{
- memset(this, 0, offsetof(DecodeData, ip_api));
- ip_api.reset();
+ tcph = nullptr;
+ udph = nullptr;
+ icmph = nullptr;
sp = 0;
dp = 0;
+ decode_flags = 0;
+ type = PktType::NONE;
+ ip_api.reset();
+ mplsHdr = {};
}
inline void set_pkt_type(PktType pkt_type)
Inspector::~Inspector()
{
- unsigned total = 0;
-
for (unsigned i = 0; i < ThreadConfig::get_instance_max(); ++i )
- total += ref_count[i];
-
- assert(!total);
+ assert(0 == ref_count[i]);
delete[] ref_count;
}
SECTION("hash test")
{
- StubIpsOption main_ips("ips_test",
+ StubIpsOption other_main_ips("ips_test",
option_type_t::RULE_OPTION_TYPE_OTHER);
SECTION("hash test with short string")
{
StubIpsOption main_ips_short("ips_test",
option_type_t::RULE_OPTION_TYPE_OTHER);
- REQUIRE((main_ips.hash() == main_ips_short.hash()) == true);
+ REQUIRE((other_main_ips.hash() == main_ips_short.hash()) == true);
StubIpsOption main_ips_short_diff("not_ips_test",
option_type_t::RULE_OPTION_TYPE_OTHER);
- REQUIRE((main_ips.hash() == main_ips_short_diff.hash()) == false);
+ REQUIRE((other_main_ips.hash() == main_ips_short_diff.hash()) == false);
}
SECTION("hash test with long string")
option_type_t::RULE_OPTION_TYPE_OTHER);
REQUIRE(main_ips_long_first.hash() == main_ips_long_second.hash());
- REQUIRE(main_ips_long_first.hash() != main_ips.hash());
+ REQUIRE(main_ips_long_first.hash() != other_main_ips.hash());
}
}
}
Logger() = default;
private:
- const LogApi* api;
+ const LogApi* api = nullptr;
};
typedef Logger* (* LogNewFunc)(class Module*);
std::string chunk;
protected:
- LuaApi(const std::string& s, const std::string& c)
- {
- name = s;
- chunk = c;
- }
+ LuaApi(const std::string& s, const std::string& c) : name(s), chunk(c)
+ { }
};
#endif
// base stuff
//-------------------------------------------------------------------------
-Mpse::Mpse(const char* m)
-{
- method = m;
- verbose = 0;
- api = nullptr;
-}
+Mpse::Mpse(const char* m) : method(m)
+{ }
int Mpse::search(
const unsigned char* T, int n, MpseMatch match,
private:
std::string method;
- int verbose;
- const MpseApi* api;
+ int verbose = 0;
+ const MpseApi* api = nullptr;
};
typedef void (* MpseOptFunc)(SnortConfig*);
cs.src_ip = sip;
cs.dst_ip = dip;
- CHECK( match_constraints(cs, sip, dip, sport, dport) );
+ CHECK( true == match_constraints(cs, sip, dip, sport, dport) );
}
SECTION("backwards")
cs.src_ip = sip;
cs.dst_ip = dip;
- CHECK( !match_constraints(cs, dip, sip, dport, sport) );
+ CHECK( false == match_constraints(cs, dip, sip, dport, sport) );
}
SECTION("any ip")
cs.src_port = sport;
cs.dst_port = dport;
- CHECK( match_constraints(cs, sip, dip, sport, dport) );
+ CHECK( true == match_constraints(cs, sip, dip, sport, dport) );
}
SECTION("any port")
cs.src_ip = sip;
cs.dst_ip = dip;
- CHECK( match_constraints(cs, sip, dip, sport, dport) );
+ CHECK( true == match_constraints(cs, sip, dip, sport, dport) );
}
SECTION("any src")
cs.dst_port = dport;
cs.dst_ip = dip;
- CHECK( match_constraints(cs, sip, dip, sport, dport) );
+ CHECK( true == match_constraints(cs, sip, dip, sport, dport) );
}
}
{
RangeCheck rc;
- REQUIRE(rc.parse("5"));
+ REQUIRE(true == rc.parse("5"));
REQUIRE(rc.op == RangeCheck::EQ);
REQUIRE((rc.max == 5));
- CHECK(rc.eval(5));
+ CHECK(true == rc.eval(5));
- CHECK(!rc.eval(4));
- CHECK(!rc.eval(6));
+ CHECK(false == rc.eval(4));
+ CHECK(false == rc.eval(6));
}
TEST_CASE("=", "[RangeCheck]")
{
RangeCheck rc;
- REQUIRE(rc.parse("=+0x5"));
+ REQUIRE(true == rc.parse("=+0x5"));
REQUIRE(rc.op == RangeCheck::EQ);
REQUIRE((rc.max == 5));
- CHECK(rc.eval(5));
+ CHECK(true == rc.eval(5));
- CHECK(!rc.eval(4));
- CHECK(!rc.eval(6));
+ CHECK(false == rc.eval(4));
+ CHECK(false == rc.eval(6));
}
TEST_CASE("!", "[RangeCheck]")
{
RangeCheck rc;
- REQUIRE(rc.parse("!-5"));
+ REQUIRE(true == rc.parse("!-5"));
REQUIRE(rc.op == RangeCheck::NOT);
REQUIRE((rc.max == -5));
- CHECK(rc.eval(-4));
- CHECK(rc.eval(-6));
+ CHECK(true == rc.eval(-4));
+ CHECK(true == rc.eval(-6));
- CHECK(!rc.eval(-5));
+ CHECK(false == rc.eval(-5));
}
TEST_CASE("!=", "[RangeCheck]")
{
RangeCheck rc;
- REQUIRE(rc.parse("!=5"));
+ REQUIRE(true == rc.parse("!=5"));
REQUIRE(rc.op == RangeCheck::NOT);
REQUIRE((rc.max == 5));
- CHECK(rc.eval(4));
- CHECK(rc.eval(6));
+ CHECK(true == rc.eval(4));
+ CHECK(true == rc.eval(6));
- CHECK(!rc.eval(5));
+ CHECK(false == rc.eval(5));
}
TEST_CASE("<", "[RangeCheck]")
{
RangeCheck rc;
- REQUIRE(rc.parse("<5"));
+ REQUIRE(true == rc.parse("<5"));
REQUIRE(rc.op == RangeCheck::LT);
REQUIRE((rc.max == 5));
- CHECK(rc.eval(4));
- CHECK(rc.eval(-1));
+ CHECK(true == rc.eval(4));
+ CHECK(true == rc.eval(-1));
- CHECK(!rc.eval(5));
- CHECK(!rc.eval(6));
+ CHECK(false == rc.eval(5));
+ CHECK(false == rc.eval(6));
}
TEST_CASE("<=", "[RangeCheck]")
{
RangeCheck rc;
- REQUIRE(rc.parse("<=5"));
+ REQUIRE(true == rc.parse("<=5"));
REQUIRE(rc.op == RangeCheck::LE);
REQUIRE((rc.max == 5));
- CHECK(rc.eval(5));
- CHECK(rc.eval(-1));
+ CHECK(true == rc.eval(5));
+ CHECK(true == rc.eval(-1));
- CHECK(!rc.eval(6));
- CHECK(!rc.eval(1000));
+ CHECK(false == rc.eval(6));
+ CHECK(false == rc.eval(1000));
}
TEST_CASE(">", "[RangeCheck]")
{
RangeCheck rc;
- REQUIRE(rc.parse(">5"));
+ REQUIRE(true == rc.parse(">5"));
REQUIRE((rc.op == RangeCheck::GT));
REQUIRE((rc.min == 5));
- CHECK(rc.eval(6));
- CHECK(rc.eval(10));
+ CHECK(true == rc.eval(6));
+ CHECK(true == rc.eval(10));
- CHECK(!rc.eval(5));
- CHECK(!rc.eval(-1));
+ CHECK(false == rc.eval(5));
+ CHECK(false == rc.eval(-1));
}
TEST_CASE(">=", "[RangeCheck]")
{
RangeCheck rc;
- REQUIRE(rc.parse(">=5"));
+ REQUIRE(true == rc.parse(">=5"));
REQUIRE((rc.op == RangeCheck::GE));
REQUIRE((rc.min == 5));
- CHECK(rc.eval(5));
- CHECK(rc.eval(10));
+ CHECK(true == rc.eval(5));
+ CHECK(true == rc.eval(10));
- CHECK(!rc.eval(4));
- CHECK(!rc.eval(-4));
+ CHECK(false == rc.eval(4));
+ CHECK(false == rc.eval(-4));
}
TEST_CASE("<>", "[RangeCheck]")
{
RangeCheck rc;
- REQUIRE(rc.parse("0<>5"));
+ REQUIRE(true == rc.parse("0<>5"));
REQUIRE((rc.op == RangeCheck::LG));
REQUIRE(rc.min == 0);
REQUIRE((rc.max == 5));
- CHECK(rc.eval(1));
- CHECK(rc.eval(4));
+ CHECK(true == rc.eval(1));
+ CHECK(true == rc.eval(4));
- CHECK(!rc.eval(-1));
- CHECK(!rc.eval(0));
- CHECK(!rc.eval(5));
- CHECK(!rc.eval(6));
+ CHECK(false == rc.eval(-1));
+ CHECK(false == rc.eval(0));
+ CHECK(false == rc.eval(5));
+ CHECK(false == rc.eval(6));
}
TEST_CASE("<=>", "[RangeCheck]")
{
RangeCheck rc;
- REQUIRE(rc.parse("0<=>5"));
+ REQUIRE(true == rc.parse("0<=>5"));
REQUIRE((rc.op == RangeCheck::LEG));
REQUIRE((rc.max == 5));
- CHECK(rc.eval(0));
- CHECK(rc.eval(1));
- CHECK(rc.eval(4));
- CHECK(rc.eval(5));
+ CHECK(true == rc.eval(0));
+ CHECK(true == rc.eval(1));
+ CHECK(true == rc.eval(4));
+ CHECK(true == rc.eval(5));
- CHECK(!rc.eval(-1));
- CHECK(!rc.eval(6));
+ CHECK(false == rc.eval(-1));
+ CHECK(false == rc.eval(6));
}
TEST_CASE("parsing", "[RangeCheck]")
{
SECTION("a")
{
- REQUIRE(rc.parse("5"));
+ REQUIRE(true == rc.parse("5"));
CHECK(rc.op == RangeCheck::EQ);
CHECK((rc.max == 5));
}
SECTION("b")
{
- REQUIRE(rc.parse(" 5 "));
+ REQUIRE(true == rc.parse(" 5 "));
CHECK(rc.op == RangeCheck::EQ);
CHECK((rc.max == 5));
}
SECTION("c")
{
- REQUIRE(rc.parse(" ! 5 "));
+ REQUIRE(true == rc.parse(" ! 5 "));
CHECK(rc.op == RangeCheck::NOT);
CHECK((rc.max == 5));
}
SECTION("d")
{
- REQUIRE(rc.parse(" != 5 "));
+ REQUIRE(true == rc.parse(" != 5 "));
CHECK(rc.op == RangeCheck::NOT);
CHECK((rc.max == 5));
}
SECTION("e")
{
- REQUIRE(rc.parse(" < 5 "));
+ REQUIRE(true == rc.parse(" < 5 "));
CHECK((rc.op == RangeCheck::LT));
CHECK((rc.max == 5));
}
SECTION("f")
{
- REQUIRE(rc.parse(" > 5 "));
+ REQUIRE(true == rc.parse(" > 5 "));
CHECK((rc.op == RangeCheck::GT));
CHECK((rc.min == 5));
}
SECTION("g")
{
- REQUIRE(rc.parse(" <= 5 "));
+ REQUIRE(true == rc.parse(" <= 5 "));
CHECK((rc.op == RangeCheck::LE));
CHECK((rc.max == 5));
}
SECTION("h")
{
- REQUIRE(rc.parse(" >= 5 "));
+ REQUIRE(true == rc.parse(" >= 5 "));
CHECK((rc.op == RangeCheck::GE));
CHECK((rc.min == 5));
}
SECTION("i")
{
- REQUIRE(rc.parse(" 10 <> 50 "));
+ REQUIRE(true == rc.parse(" 10 <> 50 "));
CHECK((rc.op == RangeCheck::LG));
CHECK((rc.min == 10));
CHECK((rc.max == 50));
SECTION("j")
{
- REQUIRE(rc.parse(" 0x10 <=> 0x50 "));
+ REQUIRE(true == rc.parse(" 0x10 <=> 0x50 "));
CHECK((rc.op == RangeCheck::LEG));
CHECK((rc.min == 0x10));
CHECK((rc.max == 0x50));
SECTION("k")
{
- REQUIRE(rc.parse(" -0123 <=> 0x123 "));
+ REQUIRE(true == rc.parse(" -0123 <=> 0x123 "));
CHECK((rc.op == RangeCheck::LEG));
CHECK((rc.min == -83));
CHECK((rc.max == 291));
SECTION("invalid ranges")
{
// spacey operators
- CHECK(!rc.parse(" ! = 5 "));
- CHECK(!rc.parse(" < = 5 "));
- CHECK(!rc.parse(" > = 5 "));
- CHECK(!rc.parse(" 1 < > 5 "));
- CHECK(!rc.parse(" 1 < = > 5 "));
- CHECK(!rc.parse(" < > 5 "));
- CHECK(!rc.parse(" < = > 5 "));
+ CHECK(false == rc.parse(" ! = 5 "));
+ CHECK(false == rc.parse(" < = 5 "));
+ CHECK(false == rc.parse(" > = 5 "));
+ CHECK(false == rc.parse(" 1 < > 5 "));
+ CHECK(false == rc.parse(" 1 < = > 5 "));
+ CHECK(false == rc.parse(" < > 5 "));
+ CHECK(false == rc.parse(" < = > 5 "));
// other invalids
- CHECK(!rc.parse("5x"));
- CHECK(!rc.parse("5.0"));
- CHECK(!rc.parse("5-0"));
- CHECK(!rc.parse("*5"));
- CHECK(!rc.parse("=$5"));
- CHECK(!rc.parse("=5x"));
- CHECK(!rc.parse("<<0"));
- CHECK(!rc.parse("+9223372036854775808"));
- CHECK(!rc.parse("-9223372036854775809"));
- CHECK(!rc.parse("4<>2"));
- CHECK(!rc.parse("24<=>16"));
+ CHECK(false == rc.parse("5x"));
+ CHECK(false == rc.parse("5.0"));
+ CHECK(false == rc.parse("5-0"));
+ CHECK(false == rc.parse("*5"));
+ CHECK(false == rc.parse("=$5"));
+ CHECK(false == rc.parse("=5x"));
+ CHECK(false == rc.parse("<<0"));
+ CHECK(false == rc.parse("+9223372036854775808"));
+ CHECK(false == rc.parse("-9223372036854775809"));
+ CHECK(false == rc.parse("4<>2"));
+ CHECK(false == rc.parse("24<=>16"));
// backwards
- CHECK(!rc.parse(" 5 = "));
- CHECK(!rc.parse(" 5 ! "));
- CHECK(!rc.parse(" 5 != "));
- CHECK(!rc.parse(" 5 < "));
- CHECK(!rc.parse(" 5 <= "));
- CHECK(!rc.parse(" 5 > "));
- CHECK(!rc.parse(" 5 >= "));
+ CHECK(false == rc.parse(" 5 = "));
+ CHECK(false == rc.parse(" 5 ! "));
+ CHECK(false == rc.parse(" 5 != "));
+ CHECK(false == rc.parse(" 5 < "));
+ CHECK(false == rc.parse(" 5 <= "));
+ CHECK(false == rc.parse(" 5 > "));
+ CHECK(false == rc.parse(" 5 >= "));
// missing bound
- CHECK(!rc.parse(" 1 <> "));
- CHECK(!rc.parse(" <> 5 "));
- CHECK(!rc.parse(" 1 <=> "));
- CHECK(!rc.parse(" <=> 5 "));
+ CHECK(false == rc.parse(" 1 <> "));
+ CHECK(false == rc.parse(" <> 5 "));
+ CHECK(false == rc.parse(" 1 <=> "));
+ CHECK(false == rc.parse(" <=> 5 "));
}
}
{
RangeCheck rc;
- REQUIRE(rc.validate("2<>4", "0:10"));
+ REQUIRE(true == rc.validate("2<>4", "0:10"));
CHECK((rc.min == 2));
CHECK((rc.max == 4));
// #
- CHECK(rc.validate("2<>4", "0"));
+ CHECK(true == rc.validate("2<>4", "0"));
// #:
- CHECK(rc.validate("2<>4", "1:"));
+ CHECK(true == rc.validate("2<>4", "1:"));
// :#
- CHECK(rc.validate("2<>4", ":8"));
+ CHECK(true == rc.validate("2<>4", ":8"));
// in hex
- CHECK(rc.validate("2<>4", "0x1:0x0A"));
+ CHECK(true == rc.validate("2<>4", "0x1:0x0A"));
// invalid low
- CHECK(!rc.validate("2<>4", "3:"));
+ CHECK(false == rc.validate("2<>4", "3:"));
// invalid hi
- CHECK(!rc.validate("2<>4", "1:3"));
+ CHECK(false == rc.validate("2<>4", "1:3"));
// invalid low and hi
- CHECK(!rc.validate("200<>400", "3:10"));
+ CHECK(false == rc.validate("200<>400", "3:10"));
}
#endif
//--------------------------------------------------------------------------
// mocks
//--------------------------------------------------------------------------
-InspectionPolicy::InspectionPolicy(unsigned int) {}
+InspectionPolicy::InspectionPolicy(unsigned int) : framework_policy(nullptr), cloned(false) {}
InspectionPolicy::~InspectionPolicy() = default;
NetworkPolicy::NetworkPolicy(unsigned int, unsigned int) {}
NetworkPolicy::~NetworkPolicy() = default;
std::string value;
std::string token;
- stringstream s(origin_str);
- while ( s >> token )
+ stringstream str_s(origin_str);
+ while ( str_s >> token )
{
value += token;
value += " ";
// and the string value/zero is returned based on the result etc.
TEST_CASE("set double test", "[Value]")
+{
+ Value test_val((double)12345.689);
+ CHECK(true == test_val.get_bool());
+ CHECK(12345 == test_val.get_size());
+ CHECK(12345 == test_val.get_int16());
+ CHECK(12345 == test_val.get_uint16());
+ CHECK(12345 == test_val.get_int32());
+ CHECK(12345 == test_val.get_uint32());
+ CHECK(12345 == test_val.get_int64());
+ CHECK(12345 == test_val.get_uint64());
+ CHECK(12345.689 == test_val.get_real());
+ CHECK(12345 == test_val.get_ip4());
+}
+
+TEST_CASE("set double test 2", "[Value]")
{
Value test_val((double)123456.89);
CHECK(true == test_val.get_bool());
CHECK(123456 == test_val.get_size());
- CHECK(-7616 == test_val.get_int16());
- CHECK(0xe240 == test_val.get_uint16());
- CHECK(0x1e240 == test_val.get_int32());
- CHECK(0x1e240 == test_val.get_uint32());
- CHECK(0x1e240 == test_val.get_int64());
- CHECK(0x1e240 == test_val.get_uint64());
+ CHECK(123456 == test_val.get_int32());
+ CHECK(123456 == test_val.get_uint32());
+ CHECK(123456 == test_val.get_int64());
+ CHECK(123456 == test_val.get_uint64());
CHECK(123456.89 == test_val.get_real());
- CHECK(0x1e240 == test_val.get_ip4());
+ CHECK(123456 == test_val.get_ip4());
+}
+
+TEST_CASE("set double test 3", "[Value]")
+{
+ Value test_val((double)-123456.89);
+ CHECK(true == test_val.get_bool());
+ CHECK(-123456 == test_val.get_int32());
+ CHECK(-123456 == test_val.get_int64());
+ CHECK(-123456.89 == test_val.get_real());
}
TEST_CASE("mac addr negative test", "[Value]")
CHECK(true == test_val.get_next_csv_token(test_str));
str_val = (const char *)test_str.c_str();
REQUIRE(nullptr != str_val);
- CHECK((strcmp(str_val,"123456")==0));
+ CHECK(0 == strcmp(str_val,"123456"));
}
TEST_CASE("get as string", "[Value]")
template<typename Key, typename Value, typename Hash>
Value& LruCacheLocal<Key, Value, Hash>::find_else_create(const Key& key, bool* is_new)
{
- LruMapIter it = map.find(key);
+ auto it = map.find(key);
if (it == map.end())
{
stats.cache_misses++;
template<typename Key, typename Value, typename Hash>
bool LruCacheLocal<Key, Value, Hash>::add(const Key& key, const Value& value, bool replace)
{
- LruMapIter it = map.find(key);
+ auto it = map.find(key);
if (it == map.end())
{
stats.cache_misses++;
template<typename Key, typename Value, typename Hash>
bool LruCacheLocal<Key, Value, Hash>::remove(const Key& key)
{
- LruMapIter it = map.find(key);
+ auto it = map.find(key);
if (it == map.end())
{
return false;
using KeyType = Key;
// Return data entry associated with key. If doesn't exist, return nullptr.
- Data find(const Key& key);
+ Data find(const Key&);
// Return data entry associated with key. If doesn't exist, create a new entry.
- Data operator[](const Key& key);
+ Data operator[](const Key&);
// Same as operator[]; additionally, sets the boolean if a new entry is created.
- Data find_else_create(const Key& key, bool* new_data);
+ Data find_else_create(const Key&, bool* new_data);
// Returns true if found or replaced, takes a ref to a user managed entry
- bool find_else_insert(const Key& key, std::shared_ptr<Value>& data, bool replace = false);
+ bool find_else_insert(const Key&, Data&, bool replace = false);
// Returns the found or inserted data, takes a ref to user managed entry.
- Data find_else_insert(const Key&, Data&, LcsInsertStatus*, bool = false);
+ Data find_else_insert(const Key&, Data&, LcsInsertStatus*,
+ bool replace = false);
// Return all data from the LruCache in order (most recently used to least)
- std::vector<std::pair<Key, Data> > get_all_data();
+ std::vector<std::pair<Key, Data>> get_all_data();
// Get current number of elements in the LruCache.
size_t size()
return list.size() * mem_chunk;
}
- size_t get_max_size()
+ size_t get_max_size() const
{
return max_size;
}
// Remove entry associated with Key.
// Returns true if entry existed, false otherwise.
- virtual bool remove(const Key& key);
+ virtual bool remove(const Key&);
// Remove entry associated with key and return removed data.
// Returns true and copy of data if entry existed. Returns false if
// entry did not exist.
- virtual bool remove(const Key& key, Data& data);
+ virtual bool remove(const Key&, Data&);
const PegInfo* get_pegs() const
{ return lru_cache_shared_peg_names; }
- PegCount* get_counts()
- { return (PegCount*)&stats; }
+ const PegCount* get_counts() const
+ { return (const PegCount*)&stats; }
void lock()
{ cache_mutex.lock(); }
template<typename Key, typename Value, typename Hash, typename Eq, typename Purgatory>
std::shared_ptr<Value> LruCacheShared<Key, Value, Hash, Eq, Purgatory>::find(const Key& key)
{
- LruMapIter map_iter;
std::lock_guard<std::mutex> cache_lock(cache_mutex);
- map_iter = map.find(key);
+ auto map_iter = map.find(key);
if (map_iter == map.end())
{
stats.find_misses++;
}
template<typename Key, typename Value, typename Hash, typename Eq, typename Purgatory>
-std::shared_ptr<Value> LruCacheShared<Key, Value, Hash, Eq, Purgatory>::
-find_else_create(const Key& key, bool* new_data)
+std::shared_ptr<Value> LruCacheShared<Key, Value, Hash, Eq, Purgatory>::find_else_create(const Key& key,
+ bool* new_data)
{
- LruMapIter map_iter;
-
// As with remove and operator[], we need a temporary list of references
// to delay the destruction of the items being removed by prune().
// This is one instance where we cannot get by with directly locking and
std::lock_guard<std::mutex> cache_lock(cache_mutex);
- map_iter = map.find(key);
+ auto map_iter = map.find(key);
if (map_iter != map.end())
{
stats.find_hits++;
}
template<typename Key, typename Value, typename Hash, typename Eq, typename Purgatory>
-bool LruCacheShared<Key, Value, Hash, Eq, Purgatory>::
-find_else_insert(const Key& key, std::shared_ptr<Value>& data, bool replace)
+bool LruCacheShared<Key, Value, Hash, Eq, Purgatory>::find_else_insert(const Key& key, Data& data,
+ bool replace)
{
- LruMapIter map_iter;
-
Purgatory tmp_data;
+
std::lock_guard<std::mutex> cache_lock(cache_mutex);
- map_iter = map.find(key);
+ auto map_iter = map.find(key);
if (map_iter != map.end())
{
stats.find_hits++;
}
template<typename Key, typename Value, typename Hash, typename Eq, typename Purgatory>
-std::shared_ptr<Value> LruCacheShared<Key, Value, Hash, Eq, Purgatory>::
-find_else_insert(const Key& key, std::shared_ptr<Value>& data, LcsInsertStatus* status, bool replace)
+std::shared_ptr<Value> LruCacheShared<Key, Value, Hash, Eq, Purgatory>::find_else_insert(const Key& key, Data& data,
+ LcsInsertStatus* status, bool replace)
{
- LruMapIter map_iter;
-
Purgatory tmp_data;
+
std::lock_guard<std::mutex> cache_lock(cache_mutex);
- map_iter = map.find(key);
+ auto map_iter = map.find(key);
if (map_iter != map.end())
{
stats.find_hits++;
}
template<typename Key, typename Value, typename Hash, typename Eq, typename Purgatory>
-std::vector< std::pair<Key, std::shared_ptr<Value>> >
-LruCacheShared<Key, Value, Hash, Eq, Purgatory>::get_all_data()
+std::vector<std::pair<Key, std::shared_ptr<Value>>> LruCacheShared<Key, Value, Hash, Eq, Purgatory>::get_all_data()
{
std::vector<std::pair<Key, Data> > vec;
std::lock_guard<std::mutex> cache_lock(cache_mutex);
- for (auto& entry : list )
- {
- vec.emplace_back(entry);
- }
-
+ vec.reserve(list.size());
+ std::copy(list.cbegin(), list.cend(), std::back_inserter(vec));
return vec;
}
template<typename Key, typename Value, typename Hash, typename Eq, typename Purgatory>
bool LruCacheShared<Key, Value, Hash, Eq, Purgatory>::remove(const Key& key)
{
- LruMapIter map_iter;
-
// There is a potential race condition here, when the destructor of
// the object being removed needs to call back into the cache and lock
// the cache (e.g. via an allocator) to update the size of the cache.
std::lock_guard<std::mutex> cache_lock(cache_mutex);
- map_iter = map.find(key);
+ auto map_iter = map.find(key);
if (map_iter == map.end())
- {
return false; // Key is not in LruCache.
- }
data = map_iter->second->second;
}
template<typename Key, typename Value, typename Hash, typename Eq, typename Purgatory>
-bool LruCacheShared<Key, Value, Hash, Eq, Purgatory>::remove(const Key& key,
- std::shared_ptr<Value>& data)
+bool LruCacheShared<Key, Value, Hash, Eq, Purgatory>::remove(const Key& key, Data& data)
{
- LruMapIter map_iter;
-
std::lock_guard<std::mutex> cache_lock(cache_mutex);
- map_iter = map.find(key);
+ auto map_iter = map.find(key);
if (map_iter == map.end())
- {
return false; // Key is not in LruCache.
- }
data = map_iter->second->second;
#ifndef LRU_SEGMENTED_CACHE_SHARED_H
#define LRU_SEGMENTED_CACHE_SHARED_H
+#include <algorithm>
#include <cassert>
+#include <numeric>
#include <vector>
#include "lru_cache_shared.h"
#define DEFAULT_SEGMENT_COUNT 4
template<typename Key, typename Value, typename Hash = std::hash<Key>, typename Eq = std::equal_to<Key>>
-class SegmentedLruCache
+class SegmentedLruCache
{
public:
std::size_t segment_idx = get_segment_idx(key);
return segments[segment_idx]->remove(key);
}
-
+
bool remove(const Key& key, Data& data)
{
- std::size_t idx = get_segment_idx(key);
+ std::size_t idx = get_segment_idx(key);
return segments[idx]->remove(key, data);
}
std::size_t segment_idx = get_segment_idx(key);
return segments[segment_idx]->find_else_insert(key, data, status, replace);
}
-
+
bool set_max_size(size_t max_size)
{
bool success = true;
return all_data;
}
- size_t mem_size()
+ size_t mem_size() const
{
size_t mem_size = 0;
for ( const auto& cache : segments )
- {
mem_size += cache->mem_size();
- }
return mem_size;
}
- const PegInfo* get_pegs()
- {
- return lru_cache_shared_peg_names;
+ const PegInfo* get_pegs()
+ {
+ return lru_cache_shared_peg_names;
}
- PegCount* get_counts()
+ const PegCount* get_counts()
{
PegCount* pcs = (PegCount*)&counts;
const PegInfo* pegs = get_pegs();
}
pcs[i] = c;
}
- return (PegCount*)&counts;
+ return (const PegCount*)&counts;
}
- size_t size()
+ size_t size() const
{
size_t total_size = 0;
- for ( const auto& cache : segments )
- {
+ for ( const auto& cache : segments )
total_size += cache->size();
- }
return total_size;
}
- size_t get_max_size()
+ size_t get_max_size() const
{
size_t max_size = 0;
for ( const auto& cache : segments )
- {
max_size += cache->get_max_size();
- }
return max_size;
}
DataBus::~DataBus() = default;
// run_flags is used indirectly from HashFnc class by calling SnortConfig::static_hash()
-SnortConfig::SnortConfig(const SnortConfig* const, const char*)
+SnortConfig::SnortConfig(const SnortConfig* const, const char*) : daq_config(nullptr), thread_config(nullptr)
{ snort_conf->run_flags = 0;}
SnortConfig::~SnortConfig() = default;
lru_cache.remove(7); // Removes - hit
lru_cache.remove(10); // Removes - miss
- PegCount* stats = lru_cache.get_counts();
+ const PegCount* stats = lru_cache.get_counts();
CHECK(stats[0] == 10); // adds
CHECK(stats[1] == 7); // alloc prunes
lru_cache.remove(8);
lru_cache.remove(11); // not in cache
- PegCount* stats = lru_cache.get_counts();
+ const PegCount* stats = lru_cache.get_counts();
CHECK(stats[0] == 10); // adds
CHECK(stats[1] == 2); // alloc_prunes
SegmentedLruCache<int, std::string> lru_cache(8);
std::shared_ptr<std::string> data(new std::string("hello"));
LcsInsertStatus status;
-
+
lru_cache.find_else_insert(1, data, &status, false); // initial insert
CHECK(status == LcsInsertStatus::LCS_ITEM_INSERTED); // Check status for initial insert
-
+
std::shared_ptr<std::string> newData(new std::string("world"));
std::shared_ptr<std::string> returnedData = lru_cache.find_else_insert(1, newData, &status, true); // replace existing item
CHECK(returnedData != nullptr);
DataBus::~DataBus() = default;
// run_flags is used indirectly from HashFnc class by calling SnortConfig::static_hash()
-SnortConfig::SnortConfig(const SnortConfig* const, const char*)
+SnortConfig::SnortConfig(const SnortConfig* const, const char*) : daq_config(nullptr), thread_config(nullptr)
{ snort_conf->run_flags = 0;}
SnortConfig::~SnortConfig() = default;
DataBus::~DataBus() = default;
// run_flags is used indirectly from HashFnc class by calling SnortConfig::static_hash()
-SnortConfig::SnortConfig(const SnortConfig* const, const char*)
+SnortConfig::SnortConfig(const SnortConfig* const, const char*) : daq_config(nullptr), thread_config(nullptr)
{ snort_conf->run_flags = 0;}
SnortConfig::~SnortConfig() = default;
auto any_list = get_list((FilterType)type, DF_ANY_INTF);
if (!any_list)
continue;
- for (auto& intf_entry : intf_ip_list[type])
+ for (const auto& intf_entry : intf_ip_list[type])
{
if (intf_entry.second != any_list and
sfvar_add(intf_entry.second, any_list) != SFIP_SUCCESS)
DiscoveryFilter df(conf);
// Without flag
- CHECK(df.is_app_monitored(&p, nullptr) == true); // any interface rule for app is added to interface 0
- CHECK(df.is_host_monitored(&p, nullptr) == false); // no rule for host
- CHECK(df.is_user_monitored(&p, nullptr) == false); // no any interface rule for user
+ CHECK(true == df.is_app_monitored(&p, nullptr)); // any interface rule for app is added to interface 0
+ CHECK(false == df.is_host_monitored(&p, nullptr)); // no rule for host
+ CHECK(false == df.is_user_monitored(&p, nullptr)); // no any interface rule for user
// With flag
uint8_t flag = 0;
CHECK((flag & DF_APP_CHECKED) != DF_APP_CHECKED);
CHECK((flag & DF_APP_MONITORED) != DF_APP_MONITORED);
- CHECK(df.is_app_monitored(&p, &flag) == true); // first attempt
+ CHECK(true == df.is_app_monitored(&p, &flag)); // first attempt
CHECK((flag & DF_APP_CHECKED) == DF_APP_CHECKED);
CHECK((flag & DF_APP_MONITORED) == DF_APP_MONITORED);
- CHECK(df.is_app_monitored(&p, &flag) == true); // second attempt
+ CHECK(true == df.is_app_monitored(&p, &flag)); // second attempt
CHECK((flag & DF_APP_CHECKED) == DF_APP_CHECKED);
CHECK((flag & DF_APP_MONITORED) == DF_APP_MONITORED);
CHECK((flag & DF_USER_CHECKED) != DF_USER_CHECKED);
CHECK((flag & DF_USER_MONITORED) != DF_USER_MONITORED);
- CHECK(df.is_user_monitored(&p, &flag) == false); // first attempt
+ CHECK(false == df.is_user_monitored(&p, &flag)); // first attempt
CHECK((flag & DF_USER_CHECKED) == DF_USER_CHECKED);
CHECK((flag & DF_USER_MONITORED) != DF_USER_MONITORED);
- CHECK(df.is_user_monitored(&p, &flag) == false); // second attempt
+ CHECK(false == df.is_user_monitored(&p, &flag)); // second attempt
CHECK((flag & DF_USER_CHECKED) == DF_USER_CHECKED);
CHECK((flag & DF_USER_MONITORED) != DF_USER_MONITORED);
p.ptrs.ip_api.set(ip, ip);
DiscoveryFilter df(conf);
- CHECK(df.is_app_monitored(&p, nullptr) == false);
- CHECK(df.is_host_monitored(&p, nullptr) == false);
- CHECK(df.is_user_monitored(&p, nullptr) == false);
+ CHECK(false == df.is_app_monitored(&p, nullptr));
+ CHECK(false == df.is_host_monitored(&p, nullptr));
+ CHECK(false == df.is_user_monitored(&p, nullptr));
remove("test_empty_analyze.txt");
}
p.ptrs.ip_api.set(ip1, ip7); // ip from undefined interface matches interface any list
p.pkth = &z_undefined;
- CHECK(df.is_app_monitored(&p, nullptr) == true); // analyze host enables application discovery
- CHECK(df.is_host_monitored(&p, nullptr) == true);
- CHECK(df.is_user_monitored(&p, nullptr) == false);
+ CHECK(true == df.is_app_monitored(&p, nullptr)); // analyze host enables application discovery
+ CHECK(true == df.is_host_monitored(&p, nullptr));
+ CHECK(false == df.is_user_monitored(&p, nullptr));
p.pkth = &z2; // the ip is not in interface 2 list, but it is in interface any list
- CHECK(df.is_host_monitored(&p, nullptr) == true);
+ CHECK(true == df.is_host_monitored(&p, nullptr));
p.ptrs.ip_api.set(ip3, ip7); // the ip matches interface 2 list
- CHECK(df.is_host_monitored(&p, nullptr) == true);
+ CHECK(true == df.is_host_monitored(&p, nullptr));
p.pkth = &z1; // no interface 1 list and the ip is not in interface any list
- CHECK(df.is_host_monitored(&p, nullptr) == false);
+ CHECK(false == df.is_host_monitored(&p, nullptr));
p.ptrs.ip_api.set(ip1, ip7); // no interface 1 list, but the ip is in interface any list
- CHECK(df.is_host_monitored(&p, nullptr) == true);
+ CHECK(true == df.is_host_monitored(&p, nullptr));
p.pkth = saved_hdr;
p.ptrs.ip_api.set(ip2, ip7); // the ip matches interface 0 list
- CHECK(df.is_host_monitored(&p, nullptr) == true);
+ CHECK(true == df.is_host_monitored(&p, nullptr));
// no match since the configuration for these ip addresses were invalid
p.ptrs.ip_api.set(ip4, ip7);
- CHECK(df.is_host_monitored(&p, nullptr) == false);
+ CHECK(false == df.is_host_monitored(&p, nullptr));
p.ptrs.ip_api.set(ip5, ip7);
- CHECK(df.is_host_monitored(&p, nullptr) == false);
+ CHECK(false == df.is_host_monitored(&p, nullptr));
p.ptrs.ip_api.set(ip6, ip7);
- CHECK(df.is_host_monitored(&p, nullptr) == false);
+ CHECK(false == df.is_host_monitored(&p, nullptr));
remove("test_intf_ip.txt");
}
p.ptrs.dp = b_port;
p.packet_flags = 0x0;
p.packet_flags |= PKT_FROM_CLIENT;
- CHECK(is_port_excluded_test(df, &p) == true);
+ CHECK(true == is_port_excluded_test(df, &p));
// A:any <- B:b_port
p.ptrs.ip_api.set(&ba_hdr);
p.ptrs.dp = a_port;
p.packet_flags = 0x0;
p.packet_flags |= PKT_FROM_SERVER;
- CHECK(is_port_excluded_test(df, &p) == true);
+ CHECK(true == is_port_excluded_test(df, &p));
// Negative test: B = initiator (client), A = responder (server)
p.ptrs.dp = a_port;
p.packet_flags = 0x0;
p.packet_flags |= PKT_FROM_CLIENT;
- CHECK(is_port_excluded_test(df, &p) == false);
+ CHECK(false == is_port_excluded_test(df, &p));
// A -> B:b_port
p.ptrs.ip_api.set(&ab_hdr);
p.ptrs.dp = b_port;
p.packet_flags = 0x0;
p.packet_flags |= PKT_FROM_SERVER;
- CHECK(is_port_excluded_test(df, &p) == false);
+ CHECK(false == is_port_excluded_test(df, &p));
remove(conf.c_str());
}
SECTION("null string")
{
const char* nullstr = nullptr;
+ // cppcheck-suppress nullPointer
snprintf(expected, sizeof(expected), "%s", nullstr);
SigSafePrinter(actual, sizeof(actual)).printf("%s", nullstr);
CHECK_THAT(expected, Equals(actual));
const size_t bit = 7;
bitop.set(bit);
- CHECK(bitop.is_set(bit));
+ CHECK(true == bitop.is_set(bit));
CHECK(num_set(bitop, max) == 1);
bitop.clear(bit);
- CHECK(!bitop.is_set(bit));
+ CHECK(false == bitop.is_set(bit));
CHECK( (is_clear(bitop, max) == true) );
}
const size_t k = max + 2;
bitop.set(j);
- CHECK(bitop.is_set(j));
+ CHECK(true == bitop.is_set(j));
- CHECK(!bitop.is_set(k));
+ CHECK(false == bitop.is_set(k));
bitop.set(k);
- CHECK(bitop.is_set(k));
+ CHECK(true == bitop.is_set(k));
CHECK(num_set(bitop, k + 2) == 2);
- CHECK(bitop.is_set(j));
+ CHECK(true == bitop.is_set(j));
bitop.clear(k);
- CHECK(!bitop.is_set(k));
+ CHECK(false == bitop.is_set(k));
- CHECK(bitop.is_set(j));
+ CHECK(true == bitop.is_set(j));
bitop.clear(j);
- CHECK( (is_clear(bitop, k + 2) == true) );
+ CHECK(true == is_clear(bitop, k + 2));
}
}
{ "memcap", Parameter::PT_INT, "512:maxSZ", "8388608",
"maximum host cache size in bytes" },
-
+
{ "segments", Parameter::PT_INT, "1:32", "4",
"number of host cache segments. It must be power of 2."},
else if ( v.is("segments"))
{
segments = v.get_uint8();
-
+
if(segments > 32)
segments = 32;
if ( Snort::is_reloading() )
sc->register_reload_handler(new HostCacheReloadTuner(memcap));
else
- {
+ {
host_cache.setup(segments, memcap);
ControlConn::log_command("host_cache.delete_host",false);
}
if(seg_idx >= host_cache.get_segments())
return "Invalid segment index\nTry host_cache.get_segment_stats() to get all stats\n";
-
+
string str;
const PegInfo* pegs = host_cache.get_pegs();
cache->stats.items_in_use = cache->list.size();
cache->unlock();
}
-
+
PegCount* counts = (PegCount*) host_cache.get_counts();
for ( int i = 0; pegs[i].type != CountType::END; i++ )
{
cache->stats.items_in_use = cache->list.size();
cache->unlock();
- PegCount* count = (PegCount*) cache->get_counts();
+ const PegCount* count = cache->get_counts();
for ( int i = 0; pegs[i].type != CountType::END; i++ )
{
if ( count[i] )
cache->stats.items_in_use = cache->list.size();
cache->unlock();
}
-
+
PegCount* counts = (PegCount*) host_cache.get_counts();
const PegInfo* pegs = host_cache.get_pegs();
#include <atomic>
#include <cassert>
+#include <numeric>
#include "host_cache.h"
#include "log/messages.h"
class HostCacheSegmented
{
public:
- HostCacheSegmented() :
- segment_count(DEFAULT_HOST_CACHE_SEGMENTS),
+ HostCacheSegmented() :
+ segment_count(DEFAULT_HOST_CACHE_SEGMENTS),
memcap_per_segment(LRU_CACHE_INITIAL_SIZE) { }
HostCacheSegmented(uint8_t segment_count, size_t memcap_per_segment);
memcap_per_segment(memcap_per_segment)
{
assert(segment_count > 0);
-
+
for (size_t i = 0; i < this->segment_count; ++i)
{
auto cache = new HostCacheIp(this->memcap_per_segment);
return;
assert(segment_count > 0);
-
+
for (size_t i = 0; i < segment_count; ++i)
{
auto cache = new HostCacheIp(memcap_per_segment.load());
}
template<typename Key, typename Value>
-size_t HostCacheSegmented<Key, Value>::get_valid_id(uint8_t idx)
-{
+size_t HostCacheSegmented<Key, Value>::get_valid_id(uint8_t idx)
+{
if(idx < seg_list.size())
return seg_list[idx]->get_valid_id();
return 0;
}
template<typename Key, typename Value>
-void HostCacheSegmented<Key, Value>::print_config()
-{
+void HostCacheSegmented<Key, Value>::print_config()
+{
if ( snort::SnortConfig::log_verbose() )
{
snort::LogLabel("host_cache");
}
/**
- * Resize the cache based on the provided memory capacity, distributing the
+ * Resize the cache based on the provided memory capacity, distributing the
* memory equally among all the segments. If any segment fails to resize,
* the operation is considered unsuccessful.
*/
// Computes the index of the segment where a given key-value pair belongs.
template<typename Key, typename Value>
-uint8_t HostCacheSegmented<Key, Value>::get_segment_idx(Key val)
+uint8_t HostCacheSegmented<Key, Value>::get_segment_idx(Key val)
{
const uint8_t* bytes = reinterpret_cast<const uint8_t*>(&val);
uint8_t result = 0;
- for (size_t i = 0; i < sizeof(Key); ++i)
+ for (size_t i = 0; i < sizeof(Key); ++i)
result ^= bytes[i];
//Assumes segment_count is a power of 2 always
//This is a fast way to do a modulo operation
}
/**
- * Updates the internal counts of the host cache. This method aggregates the
+ * Updates the internal counts of the host cache. This method aggregates the
* counts from all segments and updates the overall counts for the cache.
*/
template<typename Key, typename Value>
{
PegCount c = 0;
for(auto cache : seg_list)
- {
c += cache->get_counts()[i];
- }
pcs[i] = c;
}
}
// Determine the segment index where the key-value pair resides or should reside
uint8_t idx = get_segment_idx(key);
bool new_data_local = false;
-
+
// Retrieve or create the entry for the key in the determined segment
auto ht = seg_list[idx]->find_else_create(key, &new_data_local);
if(new_data_local)
{
size_t max_size = 0;
for (auto cache : seg_list)
- {
max_size += cache->get_max_size();
- }
return max_size;
}
}
template<typename Key, typename Value>
-bool HostCacheSegmented<Key, Value>::remove(const Key& key)
+bool HostCacheSegmented<Key, Value>::remove(const Key& key)
{
uint8_t idx = get_segment_idx(key);
return seg_list[idx]->remove(key);
but erase it for speed. Use with care!!!
*/
template <template <typename, typename...> class Container, typename T, typename Alloc>
-void update_allocator(Container<T, Alloc>& cont, CacheInterface* new_lru)
+void update_allocator(Container<T, Alloc>& cont, CacheInterface* new_lru)
{
Alloc new_allocator;
new_allocator.set_cache(new_lru);
cont = std::move(Container<T, Alloc>(new_allocator));
-}
+}
template <template <typename, typename, typename...> class Container, typename T, typename Comp, typename Alloc>
-void update_set_allocator(Container<T, Comp, Alloc>& cont, CacheInterface* new_lru)
+void update_set_allocator(Container<T, Comp, Alloc>& cont, CacheInterface* new_lru)
{
Alloc new_allocator;
new_allocator.set_cache(new_lru);
- cont = std::move(Container<T, Comp, Alloc> (new_allocator));
+ cont = std::move(Container<T, Comp, Alloc> (new_allocator));
}
const uint8_t snort::zero_mac[MAC_SIZE] = {0, 0, 0, 0, 0, 0};
-
-HostTracker::HostTracker() : hops(-1)
+HostTracker::HostTracker()
{
last_seen = nat_count_start = (uint32_t) packet_time();
- last_event = -1;
visibility = host_cache.get_valid_id(0);
}
{
lock_guard<mutex> lck(host_tracker_lock);
- for ( auto& hm : macs )
+ for ( const auto& hm : macs )
if ( hm.primary and hm.visibility )
{
if ( !hops )
host_tracker_stats.service_adds++;
lock_guard<mutex> lck(host_tracker_lock);
- for ( auto& s : services )
+ auto it = std::find_if(services.begin(), services.end(),
+ [port, proto](const HostApplication& s)
+ { return s.port == port and s.proto == proto; });
+ if (it != services.end())
{
- if ( s.port == port and s.proto == proto )
+ HostApplication& s = *it;
+ if ( s.appid != appid and appid != APP_ID_NONE )
{
- if ( s.appid != appid and appid != APP_ID_NONE )
- {
- s.appid = appid;
- s.inferred_appid = inferred_appid;
- if ( added )
- *added = true;
- }
-
- if ( s.visibility == false )
- {
- if ( added )
- *added = true;
- s.visibility = true;
- num_visible_services++;
- }
+ s.appid = appid;
+ s.inferred_appid = inferred_appid;
+ if ( added )
+ *added = true;
+ }
- return true;
+ if ( !s.visibility )
+ {
+ if ( added )
+ *added = true;
+ s.visibility = true;
+ num_visible_services++;
}
+
+ return true;
}
services.emplace_back(port, proto, appid, inferred_appid);
Payload_t* invisible_swap_candidate = nullptr;
std::lock_guard<std::mutex> lck(host_tracker_lock);
- for ( auto& client : clients )
- if ( client.id == hc.id and client.service == hc.service )
+ auto it = std::find_if(clients.begin(), clients.end(),
+ [&hc](const HostClient& c)
+ { return c.id == hc.id and c.service == hc.service; });
+ if (it != clients.end())
+ {
+ HostClient& client = *it;
+ for ( auto& pld : client.payloads )
{
- for ( auto& pld : client.payloads )
+ if ( pld.first == payload )
{
- if ( pld.first == payload )
- {
- if ( pld.second )
- return false;
-
- pld.second = true;
- client.num_visible_payloads++;
- hc.payloads = client.payloads;
- strncpy(hc.version, client.version, INFO_SIZE);
- return true;
- }
- if ( !invisible_swap_candidate and !pld.second )
- invisible_swap_candidate = &pld;
- }
+ if ( pld.second )
+ return false;
- if ( invisible_swap_candidate )
- {
- invisible_swap_candidate->second = true;
- invisible_swap_candidate->first = payload;
+ pld.second = true;
client.num_visible_payloads++;
hc.payloads = client.payloads;
strncpy(hc.version, client.version, INFO_SIZE);
return true;
}
+ if ( !invisible_swap_candidate and !pld.second )
+ invisible_swap_candidate = &pld;
+ }
- if ( client.payloads.size() >= max_payloads )
- return false;
-
- client.payloads.emplace_back(payload, true);
+ if ( invisible_swap_candidate )
+ {
+ invisible_swap_candidate->second = true;
+ invisible_swap_candidate->first = payload;
+ client.num_visible_payloads++;
hc.payloads = client.payloads;
strncpy(hc.version, client.version, INFO_SIZE);
- client.num_visible_payloads++;
return true;
}
+ if ( client.payloads.size() >= max_payloads )
+ return false;
+
+ client.payloads.emplace_back(payload, true);
+ hc.payloads = client.payloads;
+ strncpy(hc.version, client.version, INFO_SIZE);
+ client.num_visible_payloads++;
+ return true;
+ }
+
return false;
}
host_tracker_stats.service_adds++;
lock_guard<mutex> lck(host_tracker_lock);
- for ( auto& s : services )
+ auto it = std::find_if(services.begin(), services.end(),
+ [&app](const HostApplication& s)
+ { return s.port == app.port and s.proto == app.proto; });
+ if (it != services.end())
{
- if ( s.port == app.port and s.proto == app.proto )
+ HostApplication& s = *it;
+ if ( s.appid != app.appid and app.appid != APP_ID_NONE )
{
- if ( s.appid != app.appid and app.appid != APP_ID_NONE )
- {
- s.appid = app.appid;
- s.inferred_appid = app.inferred_appid;
- if ( added )
- *added = true;
- }
-
- if ( s.visibility == false )
- {
- if ( added )
- *added = true;
- s.visibility = true;
- num_visible_services++;
- }
+ s.appid = app.appid;
+ s.inferred_appid = app.inferred_appid;
+ if ( added )
+ *added = true;
+ }
- return true;
+ if ( !s.visibility )
+ {
+ if ( added )
+ *added = true;
+ s.visibility = true;
+ num_visible_services++;
}
+
+ return true;
}
services.emplace_back(app.port, app.proto, app.appid, app.inferred_appid);
HostApplication* HostTracker::find_service_no_lock(Port port, IpProtocol proto, AppId appid)
{
- for ( auto& s : services )
+ auto it = std::find_if(services.begin(), services.end(),
+ [port, proto, appid](const HostApplication& s)
+ { return s.port == port and s.proto == proto
+ and (s.visibility or (appid != APP_ID_NONE and s.appid == appid)); });
+ if (it != services.end())
{
- if ( s.port == port and s.proto == proto )
- {
- if ( s.visibility == false )
- return nullptr;
- if ( appid != APP_ID_NONE and s.appid == appid )
- return &s;
- }
+ HostApplication& s = *it;
+ if ( s.visibility == false )
+ return nullptr;
+ if ( appid != APP_ID_NONE and s.appid == appid )
+ return &s;
}
return nullptr;
host_tracker_stats.service_finds++;
lock_guard<mutex> lck(host_tracker_lock);
- for ( auto& s : services )
+ auto it = std::find_if(services.begin(), services.end(),
+ [&ha](const HostApplication& s){ return s.port == ha.port and s.proto == ha.proto; });
+ if (it != services.end())
{
- if ( s.port == ha.port and s.proto == ha.proto )
- {
- s.hits = ha.hits;
- s.last_seen = ha.last_seen;
- return;
- }
+ HostApplication& s = *it;
+ s.hits = ha.hits;
+ s.last_seen = ha.last_seen;
}
}
{
if ( s.port == ha.port and s.proto == ha.proto )
{
- if ( s.visibility == false )
+ if ( !s.visibility )
return false;
if ( !version and !vendor )
if ( (version and !strncmp(version, i.version, INFO_SIZE-1)) and
(vendor and !strncmp(vendor, i.vendor, INFO_SIZE-1)) )
{
- if ( i.visibility == false )
+ if ( !i.visibility )
{
i.visibility = true; // rediscover it
update_ha_no_lock(ha, s);
// Appid notifies user events before service events, so use find or add service function.
HostApplication* ha = find_and_add_service_no_lock(port, proto, lseen, is_new, 0,
max_services);
- if ( !ha or ha->visibility == false )
+ if ( !(ha and ha->visibility) )
return false;
if ( user and strncmp(user, ha->user, INFO_SIZE-1) )
bool HostTracker::set_network_proto_visibility(uint16_t proto, bool v)
{
std::lock_guard<std::mutex> lck(host_tracker_lock);
- for ( auto& pp : network_protos )
+ auto it = std::find_if(network_protos.begin(), network_protos.end(),
+ [proto](const HostTracker::NetProto_t&pp)
+ { return pp.first == proto; });
+ if (it != network_protos.end())
{
- if ( pp.first == proto )
- {
- pp.second = v;
- return true;
- }
+ (*it).second = v;
+ return true;
}
return false;
}
bool HostTracker::set_xproto_visibility(uint8_t proto, bool v)
{
std::lock_guard<std::mutex> lck(host_tracker_lock);
- for ( auto& pp : xport_protos )
+ auto it = std::find_if(xport_protos.begin(), xport_protos.end(),
+ [proto](const HostTracker::XProto_t& pp)
+ { return pp.first == proto; });
+ if (it != xport_protos.end())
{
- if ( pp.first == proto )
- {
- pp.second = v;
- return true;
- }
+ (*it).second = v;
+ return true;
}
return false;
}
void HostTracker::set_payload_visibility_no_lock(PayloadVector& pv, bool v, size_t& num_vis)
{
- for ( auto& p : pv )
- {
- if ( p.second != v )
+ std::for_each(pv.begin(), pv.end(),
+ [v, &num_vis](Payload_t& p)
{
- p.second = v;
- if ( v )
- num_vis++;
- else
- num_vis--;
- }
- }
+ if ( p.second != v )
+ {
+ p.second = v;
+ if ( v )
+ num_vis++;
+ else
+ num_vis--;
+ }
+ });
}
bool HostTracker::set_service_visibility(Port port, IpProtocol proto, bool v)
{
std::lock_guard<std::mutex> lck(host_tracker_lock);
- for ( auto& s : services )
+ auto it = std::find_if(services.begin(), services.end(),
+ [port, proto](const HostApplication& s)
+ { return s.port == port and s.proto == proto; });
+ if (it != services.end())
{
- if ( s.port == port and s.proto == proto )
+ HostApplication& s = *it;
+ if ( s.visibility and !v )
{
- if ( s.visibility == true and v == false )
- {
- assert(num_visible_services > 0);
- num_visible_services--;
- }
- else if ( s.visibility == false and v == true )
- num_visible_services++;
-
- s.visibility = v;
- if ( s.visibility == false )
- {
- for ( auto& info : s.info )
- info.visibility = false;
- s.user[0] = '\0';
- s.banner_updated = false;
- }
+ assert(num_visible_services > 0);
+ num_visible_services--;
+ }
+ else if ( !s.visibility and v )
+ num_visible_services++;
- set_payload_visibility_no_lock(s.payloads, v, s.num_visible_payloads);
- return true;
+ s.visibility = v;
+ if ( !s.visibility )
+ {
+ for ( auto& info : s.info )
+ info.visibility = false;
+ s.user[0] = '\0';
+ s.banner_updated = false;
}
+
+ set_payload_visibility_no_lock(s.payloads, v, s.num_visible_payloads);
+ return true;
}
return false;
}
{
if ( c == hc )
{
- if ( c.visibility == true and v == false )
+ if ( c.visibility and !v )
{
assert(num_visible_clients > 0 );
num_visible_clients--;
}
- else if ( c.visibility == false and v == true )
+ else if ( !c.visibility and v )
num_visible_clients++;
c.visibility = v;
and ((c.version[0] == '\0' and !version) or
(version and strncmp(c.version, version, INFO_SIZE-1) == 0)) )
{
- if ( c.visibility == false )
+ if ( !c.visibility )
{
is_new = true;
c.visibility = true;
std::lock_guard<std::mutex> lock(host_tracker_lock);
cache_idx = idx;
cache_interface = host_cache.seg_list[idx];
-
+
update_allocator(macs, cache_interface);
update_allocator(network_protos, cache_interface);
update_allocator(xport_protos, cache_interface);
for ( const auto& s : services )
{
- if ( s.visibility == false )
+ if ( !s.visibility )
continue;
str += "\n port: " + to_string(s.port)
if ( !s.info.empty() )
for ( const auto& i : s.info )
{
- if ( i.visibility == false )
+ if ( !i.visibility )
continue;
if ( i.vendor[0] != '\0' )
str += "\nclients size: " + to_string(num_visible_clients);
for ( const auto& c : clients )
{
- if ( c.visibility == false )
+ if ( !c.visibility )
continue;
str += "\n id: " + to_string(c.id)
visibility = ha.visibility;
banner_updated = ha.banner_updated;
num_visible_payloads = ha.num_visible_payloads;
+ memcpy(user, ha.user, sizeof(user));
+ user_login = ha.user_login;
return *this;
}
Port port = 0;
- IpProtocol proto;
+ IpProtocol proto = IpProtocol::PROTO_NOT_SET;
AppId appid = APP_ID_NONE;
bool inferred_appid = false;
uint32_t hits = 0;
{
HostClient() = default;
HostClient(AppId clientid, const char *ver, AppId ser);
- AppId id;
+ AppId id = APP_ID_NONE;
char version[INFO_SIZE] = { '\0' };
- AppId service;
+ AppId service = APP_ID_NONE;
PayloadVector payloads;
size_t num_visible_payloads = 0;
mutable std::mutex host_tracker_lock; // ensure that updates to a shared object are safe
mutable std::mutex flows_lock; // protect the flows set separately
- uint8_t hops; // hops from the snort inspector, e.g., zero for ARP
+ uint8_t hops = ~0; // hops from the snort inspector, e.g., zero for ARP
uint32_t last_seen; // the last time this host was seen
- uint32_t last_event; // the last time an event was generated
+ uint32_t last_event = ~0; // the last time an event was generated
// list guarantees iterator validity on insertion
std::list<HostMac_t, HostCacheAllocIp<HostMac_t>> macs;
std::unordered_set<RNAFlow*> flows;
bool vlan_tag_present = false;
- vlan::VlanTagHdr vlan_tag;
+ vlan::VlanTagHdr vlan_tag = {};
HostType host_type = HOST_TYPE_HOST;
uint8_t ip_ttl = 0;
uint32_t nat_count = 0;
std::vector<snort::HostApplication> apps;
snort::HostApplication app;
- snort::SfIp addr;
+ snort::SfIp addr = {};
};
#endif
// Instantiate a cache, as soon as we know the Item type:
typedef LruCacheSharedMemcap<string, Item, hash<string>> CacheType;
-CacheType cache(100);
+CacheType lru_cache(100);
// Implement the allocator constructor AFTER we have a cache object
// to point to and the implementation of our base CacheAlloc:
template <class T>
Alloc<T>::Alloc()
{
- lru = &cache;
+ lru = &lru_cache;
}
namespace snort
// room for n items in the cache and m data in the Item.
const size_t max_size = n * item_sz + m * item_data_sz;
- cache.set_max_size(max_size);
+ lru_cache.set_max_size(max_size);
// insert n empty host trackers:
for (size_t i=0; i<n; i++)
{
string key = to_string(i);
- auto item_ptr = cache[key];
+ auto item_ptr = lru_cache[key];
CHECK( item_ptr != nullptr );
}
// grow the oldest item in the cache enough to trigger pruning:
string key = to_string(0);
- auto item_ptr = cache[key];
+ auto item_ptr = lru_cache[key];
CHECK( item_ptr != nullptr );
for (size_t i = 0; i<m; i++)
// the oldest (0) is no longer the oldest after the look-up above,
// so it should still be in the cache:
- CHECK( cache.find(key) != nullptr );
+ CHECK( lru_cache.find(key) != nullptr );
// however, the second oldest should have become oldest and be pruned:
- CHECK( cache.find(to_string(1)) == nullptr );
+ CHECK( lru_cache.find(to_string(1)) == nullptr );
}
int main(int argc, char** argv)
static char logged_message[LOG_MAX+1];
static ControlConn ctrlcon(1, true);
-ControlConn::ControlConn(int, bool) {}
+ControlConn::ControlConn(int, bool) : shell(nullptr), fd(-1), touched(0)
+{ }
ControlConn::~ControlConn() {}
void ControlConn::log_command(const std::string& , bool ) { }
ControlConn* ControlConn::query_from_lua(const lua_State*) { return &ctrlcon; }
auto services = ht.get_services();
// Verify we added the services, payload visibility == true
- for (auto& srv : services)
+ for (const auto& srv : services)
{
CHECK(true == srv.visibility);
- for (auto& pld : srv.payloads)
+ for (const auto& pld : srv.payloads)
CHECK(true == pld.second);
}
for (const auto& srv : services)
{
if (srv.port == 80)
- {
CHECK(false == srv.visibility);
- for (const auto& pld : srv.payloads)
- CHECK(false == pld.second);
- }
+ for ( const auto& pld : srv.payloads )
+ CHECK(false == pld.second);
}
// Test rediscovery
for (const auto& srv : services)
{
if (srv.port == 80)
- {
CHECK(true == srv.visibility);
- for (const auto& pld : srv.payloads)
- CHECK(true == pld.second);
- }
+ for ( const auto& pld : srv.payloads )
+ CHECK(true == pld.second);
}
CHECK(2 == services.front().payloads.size());
// Verify we added the services, payload visibility == true
CHECK(5 == services.front().payloads.size());
- for (auto& pld : services.front().payloads)
+ for (const auto& pld : services.front().payloads)
CHECK(true == pld.second);
// Delete the service
ht.add_client_payload(hc, 666, 5);
ht.add_client_payload(hc, 777, 5);
clients = ht.get_clients();
- for (auto& pld : clients.front().payloads)
+ for (const auto& pld : clients.front().payloads)
{
if (pld.first == 666 or pld.first == 777)
{
p.data = (const uint8_t*)"Lorem 010 12345 0x75";
p.dsize = 21;
Cursor c(&p);
- const uint8_t* start = nullptr;
- const uint8_t* ptr = nullptr;
+ const uint8_t* start;
+ const uint8_t* ptr;
const uint8_t* end = nullptr;
SECTION("4 bytes read, no offset")
set_cursor_bounds(settings, c, start, ptr, end);
CHECK(start == p.data);
CHECK(ptr == p.data);
- CHECK(end == p.data + 21);
}
SECTION("4 byte read, offset = 4")
{
set_cursor_bounds(settings, c, start, ptr, end);
CHECK(start == p.data);
CHECK(ptr == p.data + 4);
- CHECK(end == p.data + 21);
}
SECTION("4 bytes read, cursor move without relative flag")
{
set_cursor_bounds(settings, c, start, ptr, end);
CHECK(start == p.data);
CHECK(ptr == p.data);
- CHECK(end == p.data + 21);
}
SECTION("4 bytes read, cursor move with relative flag")
{
set_cursor_bounds(settings, c, start, ptr, end);
CHECK(start == p.data);
CHECK(ptr == p.data + 3);
- CHECK(end == p.data + 21);
}
+
+ CHECK(end == p.data + 21);
}
TEST_CASE("extract_data valid", "[byte_extraction_tests]")
class TcpAckOption : public IpsOption
{
public:
- TcpAckOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ TcpAckOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus TcpAckOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(tcpAckPerfStats);
if ( p->ptrs.tcph && config.eval(p->ptrs.tcph->th_ack) )
class Base64DecodeOption : public IpsOption
{
public:
- Base64DecodeOption(const Base64DecodeData& c) : IpsOption(s_name)
- { config = c; }
+ Base64DecodeOption(const Base64DecodeData& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
IpsOption::EvalStatus Base64DecodeOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(base64PerfStats);
DataBuffer& base64_decode_buffer = DetectionEngine::get_alt_buffer(p);
base64_decode_buffer.len = 0;
IpsOption::EvalStatus Base64DataOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(base64PerfStats);
const DataBuffer& base64_decode_buffer = DetectionEngine::get_alt_buffer(p);
IpsOption::EvalStatus BerDataOption::eval(Cursor& c, Packet*)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(berDataPerfStats);
BerReader ber(c);
IpsOption::EvalStatus BerSkipOption::eval(Cursor& c, Packet*)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(berSkipPerfStats);
BerReader ber(c);
class LenOption : public IpsOption
{
public:
- LenOption(const RangeCheck& c, bool r) : IpsOption(s_name)
- { config = c; relative = r; }
+ LenOption(const RangeCheck& c, bool r) : IpsOption(s_name), config(c), relative(r)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus LenOption::eval(Cursor& c, Packet*)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(lenCheckPerfStats);
unsigned n = relative ? c.length() : c.size();
IpsOption::EvalStatus ByteExtractOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(byteExtractPerfStats);
uint32_t value = 0;
ByteExtractOption rhs(data_rhs);
CHECK(lhs != rhs);
}
+ // cppcheck-suppress memleak
}
TEST_CASE("ByteExtractOption::hash", "[ips_byte_extract]")
IpsOption::EvalStatus ByteJumpOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(byteJumpPerfStats);
ByteJumpData* bjd = (ByteJumpData*)&config;
SECTION("Testing hash with maximum values")
{
SetByteJumpMaxValue(byte_jump);
- ByteJumpOption hash_test_max(byte_jump);
+ ByteJumpOption hash_test_max_opt(byte_jump);
ByteJumpOption hash_test_equal_max(byte_jump);
SECTION("Hash has same source")
{
- CHECK(hash_test_max.hash() == hash_test_equal_max.hash());
+ CHECK(hash_test_max_opt.hash() == hash_test_equal_max.hash());
}
SECTION("Compare hash from different source")
{
SetByteJumpMaxValue(byte_jump);
- ByteJumpOption hash_test_max(byte_jump);
- CHECK(hash_test.hash() != hash_test_max.hash());
+ ByteJumpOption tmp_hash_test_max_opt(byte_jump);
+ CHECK(hash_test.hash() != tmp_hash_test_max_opt.hash());
}
}
}
byte_jump.align_flag = 0;
byte_jump.bitmask_val = 0;
ByteJumpOption test_8(byte_jump);
- REQUIRE((test_8.eval(current_cursor, &test_packet)) == NO_MATCH);
- REQUIRE(current_cursor.awaiting_data());
+ REQUIRE(NO_MATCH == test_8.eval(current_cursor, &test_packet));
+ REQUIRE(true == current_cursor.awaiting_data());
}
SECTION("Cursor on the last byte of buffer, bytes_to_extract is bigger than offset")
module_jump.var = buff;
byte_jump.offset_var = -1;
module_jump.data = byte_jump;
- REQUIRE(module_jump.end("tmp", 0, nullptr) == false);
+ REQUIRE(false == module_jump.end("tmp", 0, nullptr));
}
SECTION("Undefined rule option for offset_var")
module_jump.post_var = buff;
byte_jump.post_offset_var = -1;
module_jump.data = byte_jump;
- REQUIRE(module_jump.end("tmp", 0, nullptr) == false);
+ REQUIRE(false == module_jump.end("tmp", 0, nullptr));
}
SECTION("From_beginning and from_end options together")
{
byte_jump.endianness = 0;
module_jump.data = byte_jump;
- REQUIRE(module_jump.end("tmp", 0, nullptr) == false);
+ REQUIRE(false == module_jump.end("tmp", 0, nullptr));
}
SECTION("Number of bytes in \"bitmask\" value is greater than bytes to extract")
byte_jump.from_beginning_flag = 0;
byte_jump.bytes_to_extract = 0;
module_jump.data = byte_jump;
- REQUIRE(module_jump.end("tmp", 0, nullptr) == false);
+ REQUIRE(false == module_jump.end("tmp", 0, nullptr));
}
SECTION("byte_jump rule option cannot extract more \
byte_jump.bytes_to_extract = 5;
byte_jump.string_convert_flag = 0;
module_jump.data = byte_jump;
- REQUIRE(module_jump.end("tmp", 0, nullptr) == false);
+ REQUIRE(false == module_jump.end("tmp", 0, nullptr));
}
SECTION("Case with returned value true")
{
byte_jump.from_beginning_flag = 0;
module_jump.data = byte_jump;
- REQUIRE(module_jump.end("tmp", 0, nullptr) == true);
+ REQUIRE(true == module_jump.end("tmp", 0, nullptr));
}
}
Parameter param("~count", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"~offset\"")
Parameter param("~offset", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("When value has a str")
Parameter param("~offset", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value_tmp.set(¶m);
- REQUIRE(module_jump.set(nullptr, value_tmp, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value_tmp, nullptr));
}
}
Parameter param("relative", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Param \"from_beginning\" correct")
Parameter param("from_beginning", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"from_end\"")
Parameter param("from_end", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"align\"")
Parameter param("align", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"multiplier\"")
Parameter param("multiplier", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"post_offset\"")
Parameter param("post_offset", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("When value has a str")
Parameter param("post_offset", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value_tmp.set(¶m);
- REQUIRE(module_jump.set(nullptr, value_tmp, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value_tmp, nullptr));
}
}
Parameter param("big", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"little\"")
Parameter param("little", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"dce\"")
Parameter param("dce", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"string\"")
Parameter param("string", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"dec\"")
Parameter param("dec", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"hex\"")
Parameter param("hex", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"oct\"")
Parameter param("oct", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
SECTION("Case param \"bitmask\"")
Parameter param("bitmask", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_jump.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_jump.set(nullptr, value, nullptr));
}
}
}
IpsOption::EvalStatus ByteMathOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(byteMathPerfStats);
/* Get values from ips options variables, if present. */
static void parse_base(uint8_t value, ByteMathData& idx)
{
assert(value <= 2);
- const int base[] = { 16, 10, 8 };
+ static const uint32_t base[] = { 16, 10, 8 };
idx.base = base[value];
}
static void parse_endian(uint8_t value, ByteMathData& idx)
{
assert(value <= 1);
- int endian[] = { ENDIAN_BIG, ENDIAN_LITTLE };
+ static const uint8_t endian[] = { ENDIAN_BIG, ENDIAN_LITTLE };
set_byte_order(idx.endianness, endian[value], "byte_math");
}
ByteMathOption rhs(data_rhs);
CHECK(lhs != rhs);
}
+ // cppcheck-suppress memleak
}
TEST_CASE("ByteMathOption::hash", "[ips_byte_math]")
IpsOption::EvalStatus ByteTestOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(byteTestPerfStats);
ByteTestData* btd = (ByteTestData*)&config;
{
SECTION("Incorrect ByteTestOper, other data correct")
{
- REQUIRE(byte_test_check(ByteTestOper(7), 1, 1, 0) == false);
+ REQUIRE(false == byte_test_check(ByteTestOper(7), 1, 1, 0));
}
SECTION("Incorrect ByteTestOper, true not_flag")
{
- REQUIRE(byte_test_check(ByteTestOper(7), 1, 1, 1) == true);
+ REQUIRE(true == byte_test_check(ByteTestOper(7), 1, 1, 1));
}
SECTION("CHECK_EQ both true && false situation")
{
- REQUIRE(byte_test_check(ByteTestOper(0), 1, 1, 0) == true);
- REQUIRE(byte_test_check(ByteTestOper(0), 1, 2, 0) == false);
+ REQUIRE(true == byte_test_check(ByteTestOper(0), 1, 1, 0));
+ REQUIRE(false == byte_test_check(ByteTestOper(0), 1, 2, 0));
}
SECTION("CHECK_LT both true && false situation")
{
- REQUIRE(byte_test_check(ByteTestOper(1), 1, 2, 0) == true);
- REQUIRE(byte_test_check(ByteTestOper(1), 4, 1, 0) == false);
+ REQUIRE(true == byte_test_check(ByteTestOper(1), 1, 2, 0));
+ REQUIRE(false == byte_test_check(ByteTestOper(1), 4, 1, 0));
}
SECTION("CHECK_GT both true && false situation")
{
- REQUIRE(byte_test_check(ByteTestOper(2), 2, 1, 0) == true);
- REQUIRE(byte_test_check(ByteTestOper(2), 1, 4, 0) == false);
+ REQUIRE(true == byte_test_check(ByteTestOper(2), 2, 1, 0));
+ REQUIRE(false == byte_test_check(ByteTestOper(2), 1, 4, 0));
}
SECTION("CHECK_LTE both true && false situation")
{
- REQUIRE(byte_test_check(ByteTestOper(3), 0, 1, 0) == true);
- REQUIRE(byte_test_check(ByteTestOper(3), 4, 1, 0) == false);
+ REQUIRE(true == byte_test_check(ByteTestOper(3), 0, 1, 0));
+ REQUIRE(false == byte_test_check(ByteTestOper(3), 4, 1, 0));
}
SECTION("CHECK_GTE both true && false situation")
{
- REQUIRE(byte_test_check(ByteTestOper(4), 1, 0, 0) == true);
- REQUIRE(byte_test_check(ByteTestOper(4), 0, 4, 0) == false);
+ REQUIRE(true == byte_test_check(ByteTestOper(4), 1, 0, 0));
+ REQUIRE(false == byte_test_check(ByteTestOper(4), 0, 4, 0));
}
SECTION("CHECK_AND for bites both true && false situation")
{
- REQUIRE(byte_test_check(ByteTestOper(5), 1, 1, 0) == true);
- REQUIRE(byte_test_check(ByteTestOper(5), 1, 0, 0) == false);
+ REQUIRE(true == byte_test_check(ByteTestOper(5), 1, 1, 0));
+ REQUIRE(false == byte_test_check(ByteTestOper(5), 1, 0, 0));
}
SECTION("CHECK_XOR for bites both true && false situation")
{
- REQUIRE(byte_test_check(ByteTestOper(6), 1, 0, 0) == true);
- REQUIRE(byte_test_check(ByteTestOper(6), 1, 1, 0) == false);
+ REQUIRE(true == byte_test_check(ByteTestOper(6), 1, 0, 0));
+ REQUIRE(false == byte_test_check(ByteTestOper(6), 1, 1, 0));
}
}
SECTION("Testing hash with maximum values from different source")
{
SetByteTestDataMax(byte_test);
- ByteTestOption hash_test_max(byte_test);
- CHECK(hash_test.hash() != hash_test_max.hash());
+ ByteTestOption tmp_hash_test_max(byte_test);
+ CHECK(hash_test.hash() != tmp_hash_test_max.hash());
}
}
}
{
module_test.cmp_var = buff;
module_test.data = byte_test;
- REQUIRE(module_test.end("tmp", 0, nullptr) == false);
+ REQUIRE(false == module_test.end("tmp", 0, nullptr));
}
SECTION("Undefined rule option for offset_var")
module_test.cmp_var.clear();
module_test.off_var = buff;
module_test.data = byte_test;
- REQUIRE(module_test.end("tmp", 0, nullptr) == false);
+ REQUIRE(false == module_test.end("tmp", 0, nullptr));
}
SECTION("Number of bytes in \"bitmask\" value is greater than bytes to extract")
byte_test.endianness = 0;
byte_test.bytes_to_extract = 0;
module_test.data = byte_test;
- REQUIRE(module_test.end("tmp", 0, nullptr) == false);
+ REQUIRE(false == module_test.end("tmp", 0, nullptr));
}
SECTION("Case with returned value true")
{
module_test.data = byte_test;
- REQUIRE(module_test.end("tmp", 0, nullptr) == true);
+ REQUIRE(true == module_test.end("tmp", 0, nullptr));
}
}
Parameter param("~count", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("Param \"~operator\" correct")
Parameter param("~operator", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("Case param \"~compare\"")
Parameter param("~compare", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("When value has a str")
Parameter param("~compare", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value_tmp.set(¶m);
- REQUIRE(module_test.set(nullptr, value_tmp, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value_tmp, nullptr));
}
SECTION("Value isn't truncated")
Parameter param("~compare", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value_tmp.set(¶m);
- REQUIRE(module_test.set(nullptr, value_tmp, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value_tmp, nullptr));
REQUIRE(module_test.data.cmp_value == 4294967295UL);
}
}
Parameter param("~offset", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("When value has a str")
Parameter param("~offset", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value_tmp.set(¶m);
- REQUIRE(module_test.set(nullptr, value_tmp, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value_tmp, nullptr));
}
}
Parameter param("relative", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("Case param \"big\"")
Parameter param("big", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("Case param \"little\"")
Parameter param("little", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("Case param \"dce\"")
Parameter param("dce", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("Case param \"string\"")
Parameter param("string", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("Case param \"dec\"")
Parameter param("dec", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("Case param \"hex\"")
Parameter param("hex", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("Case param \"oct\"")
Parameter param("oct", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
SECTION("Case param \"bitmask\"")
Parameter param("bitmask", snort::Parameter::Type::PT_BOOL,
nullptr, "default", "help");
value.set(¶m);
- REQUIRE(module_test.set(nullptr, value, nullptr) == true);
+ REQUIRE(true == module_test.set(nullptr, value, nullptr));
}
}
}
else
{
// retry - adjust from start of last match
- pos = c.get_pos() - cd->pmd.pattern_size + cd->match_delta;
+ pos = (int64_t)c.get_pos() - cd->pmd.pattern_size + cd->match_delta;
if ( cd->depth_configured )
- depth -= c.get_delta();
+ depth -= (int64_t)c.get_delta();
if ( pos < 0 )
return false;
static IpsOption::EvalStatus CheckANDPatternMatch(ContentData* idx, Cursor& c)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(contentPerfStats);
bool found = uniSearchReal(idx, c);
class CvsOption : public IpsOption
{
public:
- CvsOption(const CvsRuleOption& c) :
- IpsOption(s_name)
- { config = c; }
+ CvsOption(const CvsRuleOption& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
class DsizeOption : public IpsOption
{
public:
- DsizeOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ DsizeOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
// Test the packet's payload size against the rule payload size value
IpsOption::EvalStatus DsizeOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(dsizePerfStats);
/* fake packet dsizes are always wrong
IpsOption::EvalStatus FileDataOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(fileDataPerfStats);
uint64_t sid;
struct FileMetaData
{
- uint32_t file_id;
+ uint32_t file_id = 0;
std::string file_type;
std::string category;
std::string version;
// class methods
//-------------------------------------------------------------------------
-FileTypeOption::FileTypeOption(const FileTypeBitSet& t) : IpsOption(s_name)
-{
- types = t;
-}
+FileTypeOption::FileTypeOption(const FileTypeBitSet& t) : IpsOption(s_name), types(t)
+{ }
uint32_t FileTypeOption::hash() const
{
IpsOption::EvalStatus FileTypeOption::eval(Cursor&, Packet* pkt)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(fileTypePerfStats);
if (!pkt->flow)
class TcpFlagOption : public IpsOption
{
public:
- TcpFlagOption(const TcpFlagCheckData& c) :
- IpsOption(s_name)
- { config = c; }
+ TcpFlagOption(const TcpFlagCheckData& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
class FlowCheckOption : public IpsOption
{
public:
- FlowCheckOption(const FlowCheckData& c) : IpsOption(s_name)
- { config = c; }
+ FlowCheckOption(const FlowCheckData& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus FlowCheckOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(flowCheckPerfStats);
FlowCheckData* fcd = &config;
bool FlowBitsOption::is_set(BitOp* bitop)
{
- if ( !config->or_bits )
- {
- for ( auto id : config->ids )
- {
- if ( !bitop->is_set(id) )
- return false;
- }
- return true;
- }
- for ( auto id : config->ids )
- {
- if ( bitop->is_set(id) )
- return true;
- }
- return false;
+ return config->or_bits ?
+ std::any_of(config->ids.cbegin(), config->ids.cend(),
+ [&bitop](uint16_t id){ return !bitop->is_set(id); })
+ :
+ std::none_of(config->ids.cbegin(), config->ids.cend(),
+ [&bitop](uint16_t id){ return !bitop->is_set(id); });
}
void FlowBitsOption::get_dependencies(bool& set, std::vector<std::string>& bits)
IpsOption::EvalStatus FragBitsOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(fragBitsPerfStats);
if ( !p->has_ip() )
class FragOffsetOption : public IpsOption
{
public:
- FragOffsetOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ FragOffsetOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus FragOffsetOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(fragOffsetPerfStats);
if (!p->has_ip())
IpsOption::EvalStatus HashOption::eval(Cursor& c, Packet*)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(hash_ps[idx]);
int found = match(c);
class IcmpIdOption : public IpsOption
{
public:
- IcmpIdOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ IcmpIdOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus IcmpIdOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(icmpIdPerfStats);
if (!p->ptrs.icmph)
class IcmpSeqOption : public IpsOption
{
public:
- IcmpSeqOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ IcmpSeqOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus IcmpSeqOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(icmpSeqPerfStats);
if (!p->ptrs.icmph)
class IcodeOption : public IpsOption
{
public:
- IcodeOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ IcodeOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus IcodeOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(icmpCodePerfStats);
// return 0 if we don't have an icmp header
class IpIdOption : public IpsOption
{
public:
- IpIdOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ IpIdOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus IpIdOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(ipIdPerfStats);
if (!p->has_ip())
class IpProtoOption : public IpsOption
{
public:
- IpProtoOption(const IpProtoData& c) :
- IpsOption(s_name)
- { config = c; }
+ IpProtoOption(const IpProtoData& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
class IpOptOption : public IpsOption
{
public:
- IpOptOption(const IpOptionData& c) :
- IpsOption(s_name)
- { config = c; }
+ IpOptOption(const IpOptionData& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus IpOptOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(ipOptionPerfStats);
if ( !p->is_ip4() )
const uint8_t option_len = ip4h->get_opt_len();
if ((config.any_flag == 1) && (option_len > 0))
- {
return MATCH;
- }
ip::IpOptionIterator iter(ip4h, p);
{
if (config.ip_option == opt.code)
return MATCH;
-
}
return NO_MATCH;
class IsDataAtOption : public IpsOption
{
public:
- IsDataAtOption(const IsDataAtData& c) :
- IpsOption(s_name)
- { config = c; }
+ IsDataAtOption(const IsDataAtData& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus IsDataAtOption::eval(Cursor& c, Packet*)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(isDataAtPerfStats);
int offset;
class IcmpTypeOption : public IpsOption
{
public:
- IcmpTypeOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ IcmpTypeOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus IcmpTypeOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(icmpTypePerfStats);
// return 0 if we don't have an icmp header
EvalStatus eval(Cursor& c, Packet* p) override
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(js_data_profile_stats);
InspectionBuffer buf;
LuaJitOption::LuaJitOption(
const char* name, std::string& chunk, LuaJitModule* mod)
- : IpsOption((my_name = snort_strdup(name)))
+ : IpsOption((my_name = snort_strdup(name))), config("args = { " + mod->args + "}")
{
- // create an args table with any rule options
- config = "args = { ";
- config += mod->args;
- config += "}";
-
unsigned max = ThreadConfig::get_instance_max();
states.reserve(max);
IpsOption::EvalStatus LuaJitOption::eval(Cursor& c, Packet*)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(luaIpsPerfStats);
cursor = &c;
IpsOption::EvalStatus PcreOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(pcrePerfStats);
// short circuit this for testing pcre performance impact
IpsOption::EvalStatus PktDataOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(pktDataPerfStats);
c.reset(p);
IpsOption::EvalStatus RawDataOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(rawDataPerfStats);
c.set(s_name, p->data, p->dsize);
RegexConfig config;
};
-RegexOption::RegexOption(const RegexConfig& c) :
- IpsOption(s_name, RULE_OPTION_TYPE_CONTENT)
+RegexOption::RegexOption(const RegexConfig& c) : IpsOption(s_name, RULE_OPTION_TYPE_CONTENT), config(c)
{
- config = c;
-
if ( !scratcher->allocate(config.db) )
ParseError("can't allocate scratch for regex '%s'", config.re.c_str());
IpsOption::EvalStatus RegexOption::eval(Cursor& c, Packet*)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(regex_perf_stats);
unsigned pos = c.get_delta();
}
// finally, process the modifiers
- for ( char& c : modifiers )
+ for ( const char& c : modifiers )
{
switch ( c )
{
IpsOption::EvalStatus ReplaceOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(replacePerfStats);
if ( p->is_cooked() )
void ReplaceOption::action(Packet*)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(replacePerfStats);
if ( pending() )
class RpcOption : public IpsOption
{
public:
- RpcOption(const RpcCheckData& c) : IpsOption(s_name)
- { config = c; }
+ RpcOption(const RpcCheckData& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus RpcOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(rpcCheckPerfStats);
if ( !is_valid(p) )
IpsOption::EvalStatus SdPatternOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(sd_pattern_perf_stats);
unsigned matches = SdSearch(c, p);
else if ( matches == 0 )
++s_stats.nomatch_notfound;
- else if ( matches > 0 && matches < config.threshold )
+ else
++s_stats.nomatch_threshold;
return NO_MATCH;
class TcpSeqOption : public IpsOption
{
public:
- TcpSeqOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ TcpSeqOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus TcpSeqOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(tcpSeqPerfStats);
if (!p->ptrs.tcph)
assert(v.is("*"));
std::string svc = v.get_string();
- for ( const auto& p : services )
+ if (std::any_of(services.cbegin(), services.cend(), [&svc](const std::string&p){ return p == svc; }))
{
- if ( p == svc )
- {
- ParseWarning(WARN_RULES, "repeated service '%s'", svc.c_str());
- return true;
- }
+ ParseWarning(WARN_RULES, "repeated service '%s'", svc.c_str());
+ return true;
}
services.emplace_back(svc);
return true;
IpsOption::EvalStatus SoOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(soPerfStats);
return func(data, c, p);
}
class IpTosOption : public IpsOption
{
public:
- IpTosOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ IpTosOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus IpTosOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(ipTosPerfStats);
if(!p->ptrs.ip_api.is_ip())
class TtlOption : public IpsOption
{
public:
- TtlOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ TtlOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus TtlOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(ttlCheckPerfStats);
if(!p->ptrs.ip_api.is_ip())
IpsOption::EvalStatus VbaDataOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(vbaDataPerfStats);
if (!p->flow or !p->flow->gadget)
class TcpWinOption : public IpsOption
{
public:
- TcpWinOption(const RangeCheck& c) :
- IpsOption(s_name)
- { config = c; }
+ TcpWinOption(const RangeCheck& c) : IpsOption(s_name), config(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus TcpWinOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(tcpWinPerfStats);
if (!p->ptrs.tcph)
const std::list<JSProgramScopeType> JSIdentifierCtx::get_types() const
{
std::list<JSProgramScopeType> return_list;
- for (const auto& scope : scopes)
- {
- return_list.push_back(scope.type());
- }
+ std::transform(scopes.cbegin(), scopes.cend(), std::back_inserter(return_list),
+ [](const ProgramScope& scope){ return scope.type(); });
return return_list;
}
}
src_ptr = (const uint8_t*)buf_pdf_out.data();
- src_end = src_ptr + buf_pdf_out.data_len();
// script object not found
if (!src_ptr)
+ {
+ src_end = nullptr;
return false;
+ }
+ src_end = src_ptr + buf_pdf_out.data_len();
return true;
}
auto v3 = ident_ctx.substitute("w", false);
auto v4 = ident_ctx.substitute("w", true);
- CHECK(ident_ctx.is_ignored(v1) == true);
- CHECK(ident_ctx.is_ignored(v2) == false);
- CHECK(ident_ctx.is_ignored(v3) == false);
- CHECK(ident_ctx.is_ignored(v4) == true);
+ CHECK(true == ident_ctx.is_ignored(v1));
+ CHECK(false == ident_ctx.is_ignored(v2));
+ CHECK(false == ident_ctx.is_ignored(v3));
+ CHECK(true == ident_ctx.is_ignored(v4));
}
SECTION("multiple chars identifier")
{
auto v3 = ident_ctx.substitute("watch", false);
auto v4 = ident_ctx.substitute("watch", true);
- CHECK(ident_ctx.is_ignored(v1) == true);
- CHECK(ident_ctx.is_ignored(v2) == false);
- CHECK(ident_ctx.is_ignored(v3) == false);
- CHECK(ident_ctx.is_ignored(v4) == true);
+ CHECK(true == ident_ctx.is_ignored(v1));
+ CHECK(false == ident_ctx.is_ignored(v2));
+ CHECK(false == ident_ctx.is_ignored(v3));
+ CHECK(true == ident_ctx.is_ignored(v4));
}
}
SECTION("scope stack")
{
- CHECK(ident_ctx.scope_check({GLOBAL}));
+ CHECK(true == ident_ctx.scope_check({GLOBAL}));
ident_ctx.scope_push(JSProgramScopeType::FUNCTION);
ident_ctx.scope_push(JSProgramScopeType::BLOCK);
ident_ctx.scope_push(JSProgramScopeType::BLOCK);
- CHECK(ident_ctx.scope_check({GLOBAL, FUNCTION, BLOCK, BLOCK}));
+ CHECK(true == ident_ctx.scope_check({GLOBAL, FUNCTION, BLOCK, BLOCK}));
- CHECK(ident_ctx.scope_pop(JSProgramScopeType::BLOCK));
- CHECK(ident_ctx.scope_check({GLOBAL, FUNCTION, BLOCK}));
+ CHECK(true == ident_ctx.scope_pop(JSProgramScopeType::BLOCK));
+ CHECK(true == ident_ctx.scope_check({GLOBAL, FUNCTION, BLOCK}));
ident_ctx.reset();
- CHECK(ident_ctx.scope_check({GLOBAL}));
+ CHECK(true == ident_ctx.scope_check({GLOBAL}));
}
SECTION("aliases")
{
CHECK(!strcmp(ident_ctx.alias_lookup("a"), "console.log"));
CHECK(!strcmp(ident_ctx.alias_lookup("b"), "document"));
- REQUIRE(ident_ctx.scope_push(JSProgramScopeType::FUNCTION));
+ REQUIRE(true == ident_ctx.scope_push(JSProgramScopeType::FUNCTION));
ident_ctx.add_alias("a", "document");
CHECK(!strcmp(ident_ctx.alias_lookup("a"), "document"));
CHECK(!strcmp(ident_ctx.alias_lookup("b"), "document"));
- REQUIRE(ident_ctx.scope_push(JSProgramScopeType::BLOCK));
+ REQUIRE(true == ident_ctx.scope_push(JSProgramScopeType::BLOCK));
ident_ctx.add_alias("b", "console.log");
CHECK(!strcmp(ident_ctx.alias_lookup("b"), "console.log"));
CHECK(!strcmp(ident_ctx.alias_lookup("a"), "document"));
- REQUIRE(ident_ctx.scope_pop(JSProgramScopeType::BLOCK));
- REQUIRE(ident_ctx.scope_pop(JSProgramScopeType::FUNCTION));
+ REQUIRE(true == ident_ctx.scope_pop(JSProgramScopeType::BLOCK));
+ REQUIRE(true == ident_ctx.scope_pop(JSProgramScopeType::FUNCTION));
ident_ctx.add_alias("a", "eval");
CHECK(!strcmp(ident_ctx.alias_lookup("a"), "eval"));
CHECK(!strcmp(ident_ctx.alias_lookup("b"), "document"));
}
SECTION("scope mismatch")
{
- CHECK(!ident_ctx.scope_pop(JSProgramScopeType::FUNCTION));
- CHECK(ident_ctx.scope_check({GLOBAL}));
- CHECK(!ident_ctx.scope_check({FUNCTION}));
-
- CHECK(ident_ctx.scope_push(JSProgramScopeType::FUNCTION));
- CHECK(ident_ctx.scope_check({GLOBAL, FUNCTION}));
- CHECK(!ident_ctx.scope_pop(JSProgramScopeType::BLOCK));
- CHECK(ident_ctx.scope_check({GLOBAL, FUNCTION}));
- CHECK(!ident_ctx.scope_check({GLOBAL}));
+ CHECK(false == ident_ctx.scope_pop(JSProgramScopeType::FUNCTION));
+ CHECK(true == ident_ctx.scope_check({GLOBAL}));
+ CHECK(false == ident_ctx.scope_check({FUNCTION}));
+
+ CHECK(true == ident_ctx.scope_push(JSProgramScopeType::FUNCTION));
+ CHECK(true == ident_ctx.scope_check({GLOBAL, FUNCTION}));
+ CHECK(false == ident_ctx.scope_pop(JSProgramScopeType::BLOCK));
+ CHECK(true == ident_ctx.scope_check({GLOBAL, FUNCTION}));
+ CHECK(false == ident_ctx.scope_check({GLOBAL}));
}
SECTION("scope max nesting")
{
JSIdentifierCtx ident_ctx_limited(DEPTH, 2, s_ignored_ids, s_ignored_props);
- CHECK(ident_ctx_limited.scope_push(JSProgramScopeType::FUNCTION));
- CHECK(ident_ctx_limited.scope_check({GLOBAL, FUNCTION}));
+ CHECK(true == ident_ctx_limited.scope_push(JSProgramScopeType::FUNCTION));
+ CHECK(true == ident_ctx_limited.scope_check({GLOBAL, FUNCTION}));
- CHECK(!ident_ctx_limited.scope_push(JSProgramScopeType::FUNCTION));
- CHECK(ident_ctx_limited.scope_check({GLOBAL, FUNCTION}));
- CHECK(!ident_ctx_limited.scope_push(JSProgramScopeType::FUNCTION));
- CHECK(ident_ctx_limited.scope_check({GLOBAL, FUNCTION}));
+ CHECK(false == ident_ctx_limited.scope_push(JSProgramScopeType::FUNCTION));
+ CHECK(true == ident_ctx_limited.scope_check({GLOBAL, FUNCTION}));
+ CHECK(false == ident_ctx_limited.scope_push(JSProgramScopeType::FUNCTION));
+ CHECK(true == ident_ctx_limited.scope_check({GLOBAL, FUNCTION}));
- CHECK(ident_ctx_limited.scope_pop(JSProgramScopeType::FUNCTION));
- CHECK(ident_ctx_limited.scope_push(JSProgramScopeType::FUNCTION));
- CHECK(ident_ctx_limited.scope_check({GLOBAL, FUNCTION}));
+ CHECK(true == ident_ctx_limited.scope_pop(JSProgramScopeType::FUNCTION));
+ CHECK(true == ident_ctx_limited.scope_push(JSProgramScopeType::FUNCTION));
+ CHECK(true == ident_ctx_limited.scope_check({GLOBAL, FUNCTION}));
}
}
CHECK(last_return == checks.return_code);
if (checks.check_open_tag.is_set())
- CHECK(normalizer.is_opening_tag_seen() == checks.check_open_tag);
+ CHECK((normalizer.is_opening_tag_seen() == checks.check_open_tag));
if (checks.check_closing_tag.is_set())
- CHECK(normalizer.is_closing_tag_seen() == checks.check_closing_tag);
+ CHECK((normalizer.is_closing_tag_seen() == checks.check_closing_tag));
if (checks.check_mixed_encoding.is_set())
- CHECK(normalizer.is_mixed_encoding_seen() == checks.check_mixed_encoding);
+ CHECK((normalizer.is_mixed_encoding_seen() == checks.check_mixed_encoding));
if (checks.check_unescape_nesting.is_set())
- CHECK(normalizer.is_unescape_nesting_seen() == checks.check_unescape_nesting);
+ CHECK((normalizer.is_unescape_nesting_seen() == checks.check_unescape_nesting));
if (checks.expected_cursor_pos.is_set())
CHECK((normalizer.get_src_next() - last_source.c_str()) == checks.expected_cursor_pos);
private:
const JSTestConfig& config;
- JSTokenizer::JSRet last_return;
+ JSTokenizer::JSRet last_return = JSTokenizer::EOS;
std::string last_source;
};
SECTION("EVENT_CLOSING_TAG")
{
- JSNorm jsn(&config, true);
+ JSNorm tmp_jsn(&config, true);
- std::string src = "'</script>' ;";
- std::string exp = "'</script>';";
+ std::string tmp_src = "'</script>' ;";
+ std::string tmp_exp = "'</script>';";
- jsn.normalize(src.c_str(), src.size(), dst, dst_len);
+ tmp_jsn.normalize(tmp_src.c_str(), tmp_src.size(), dst, dst_len);
REQUIRE(dst != nullptr);
REQUIRE(dst_len != 0);
- CHECK(std::string((const char*)dst, dst_len) == exp);
+ CHECK(std::string((const char*)dst, dst_len) == tmp_exp);
}
jsn.normalize(src.c_str(), src.size(), dst, dst_len);
{
config.identifier_depth = 0;
- JSNorm jsn(&config, false);
+ JSNorm tmp_jsn(&config, false);
- std::string src = "; a";
- std::string exp = ";";
+ std::string tmp_src = "; a";
+ std::string tmp_exp = ";";
- jsn.normalize(src.c_str(), src.size(), dst, dst_len);
+ tmp_jsn.normalize(tmp_src.c_str(), tmp_src.size(), dst, dst_len);
REQUIRE(dst != nullptr);
REQUIRE(dst_len != 0);
- CHECK(std::string((const char*)dst, dst_len) == exp);
+ CHECK(std::string((const char*)dst, dst_len) == tmp_exp);
}
SECTION("EVENT_BRACKET_NEST_OVERFLOW")
{
config.max_bracket_depth = 0;
- JSNorm jsn(&config, false);
+ JSNorm tmp_jsn(&config, false);
- std::string src = "; {";
- std::string exp = ";";
+ std::string tmp_src = "; {";
+ std::string tmp_exp = ";";
- jsn.normalize(src.c_str(), src.size(), dst, dst_len);
+ tmp_jsn.normalize(tmp_src.c_str(), tmp_src.size(), dst, dst_len);
REQUIRE(dst != nullptr);
REQUIRE(dst_len != 0);
- CHECK(std::string((const char*)dst, dst_len) == exp);
+ CHECK(std::string((const char*)dst, dst_len) == tmp_exp);
}
SECTION("EVENT_SCOPE_NEST_OVERFLOW")
{
config.max_scope_depth = 0;
- JSNorm jsn(&config, false);
+ JSNorm tmp_jsn(&config, false);
- std::string src = "; function f () {";
- std::string exp = ";function var_0000";
+ std::string tmp_src = "; function f () {";
+ std::string tmp_exp = ";function var_0000";
- jsn.normalize(src.c_str(), src.size(), dst, dst_len);
+ tmp_jsn.normalize(tmp_src.c_str(), tmp_src.size(), dst, dst_len);
REQUIRE(dst != nullptr);
REQUIRE(dst_len != 0);
- CHECK(std::string((const char*)dst, dst_len) == exp);
+ CHECK(std::string((const char*)dst, dst_len) == tmp_exp);
}
jsn.normalize(src.c_str(), src.size(), dst, dst_len);
ostringstream out;
PDFTokenizer extractor(in, out);
- for (auto& chunk : chunks)
+ for (const auto& chunk : chunks)
{
auto src = chunk.first;
auto exp = chunk.second;
{
MockClock::inc(config.config.max_time + 1_ticks);
- CHECK( impl.fastpath() );
- CHECK( impl.pop(nullptr) );
+ CHECK( true == impl.fastpath() );
+ CHECK( true == impl.pop(nullptr) );
CHECK( event_handler.count == 1 );
}
SECTION( "no timeout" )
{
- CHECK_FALSE( impl.fastpath() );
- CHECK_FALSE( impl.pop(nullptr) );
+ CHECK( false == impl.fastpath() );
+ CHECK( false == impl.pop(nullptr) );
CHECK( event_handler.count == 0 );
}
{
MockClock::inc(config.config.max_time + 1_ticks);
- CHECK_FALSE( impl.fastpath() );
- CHECK( impl.pop(nullptr) );
+ CHECK( false == impl.fastpath() );
+ CHECK( true == impl.pop(nullptr) );
CHECK( event_handler.count == 1 );
}
SECTION( "no timeout" )
{
- CHECK_FALSE( impl.fastpath() );
- CHECK_FALSE( impl.pop(nullptr) );
+ CHECK( false == impl.fastpath() );
+ CHECK( false == impl.pop(nullptr) );
CHECK( event_handler.count == 0 );
}
#endif
if ( timed_out )
{
- auto suspended = RuleTree::timeout_and_suspend(timer.root, config->suspend_threshold,
+ auto s = RuleTree::timeout_and_suspend(timer.root, config->suspend_threshold,
Clock::now(), config->suspend);
Event e
{
- suspended ? Event::EVENT_SUSPENDED : Event::EVENT_TIMED_OUT,
+ s ? Event::EVENT_SUSPENDED : Event::EVENT_TIMED_OUT,
timer.elapsed(), timer.root, timer.packet
};
SECTION( "push rule" )
{
- CHECK_FALSE( impl.push(root, &pkt) );
+ CHECK( false == impl.push(root, &pkt) );
CHECK( event_handler.count == 0 );
CHECK( RuleInterfaceSpy::reenable_called );
}
{
RuleInterfaceSpy::reenable_result = true;
- CHECK( impl.push(root, &pkt) );
+ CHECK( true == impl.push(root, &pkt) );
CHECK( event_handler.count == 1 );
CHECK( RuleInterfaceSpy::reenable_called );
}
SECTION( "push rule" )
{
- CHECK_FALSE( impl.push(root, &pkt) );
+ CHECK( false == impl.push(root, &pkt) );
CHECK( event_handler.count == 0 );
CHECK_FALSE( RuleInterfaceSpy::reenable_called );
}
{
config.config.suspend = false;
- CHECK_FALSE( impl.suspended() );
+ CHECK( false == impl.suspended() );
CHECK_FALSE( RuleInterfaceSpy::is_suspended_called );
}
{
config.config.suspend = true;
- CHECK( impl.suspended() );
+ CHECK( true == impl.suspended() );
CHECK( RuleInterfaceSpy::is_suspended_called );
}
}
{
RuleInterfaceSpy::is_suspended_result = true;
- CHECK_FALSE( impl.pop() );
+ CHECK( false == impl.pop() );
CHECK( event_handler.count == 0 );
CHECK_FALSE( RuleInterfaceSpy::timeout_and_suspend_called );
}
RuleInterfaceSpy::is_suspended_result = false;
RuleInterfaceSpy::timeout_and_suspend_result = true;
- CHECK( impl.pop() );
+ CHECK( true == impl.pop() );
CHECK( event_handler.count == 1 );
CHECK( RuleInterfaceSpy::timeout_and_suspend_called );
}
{
RuleInterfaceSpy::timeout_and_suspend_result = false;
- CHECK( impl.pop() );
+ CHECK( true == impl.pop() );
CHECK( event_handler.count == 1 );
CHECK( RuleInterfaceSpy::timeout_and_suspend_called );
}
{
RuleInterfaceSpy::is_suspended_result = false;
- CHECK_FALSE( impl.pop() );
+ CHECK( false == impl.pop() );
CHECK( event_handler.count == 0 );
CHECK_FALSE( RuleInterfaceSpy::timeout_and_suspend_called );
}
SECTION( "is_suspended" )
{
- CHECK_FALSE( RuleInterface::is_suspended(root) );
+ CHECK( false == RuleInterface::is_suspended(root) );
root.latency_state[0].suspend(hr_time(0_ticks));
- CHECK( RuleInterface::is_suspended(root) );
+ CHECK( true == RuleInterface::is_suspended(root) );
}
SECTION( "reenable" )
SECTION( "rule already enabled" )
{
REQUIRE_FALSE( root.latency_state[get_instance_id()].suspended );
- CHECK_FALSE( RuleInterface::reenable(root, 0_ticks, hr_time(0_ticks)) );
+ CHECK( false == RuleInterface::reenable(root, 0_ticks, hr_time(0_ticks)) );
}
SECTION( "rule suspended" )
SECTION( "suspend time not exceeded" )
{
- CHECK_FALSE( RuleInterface::reenable(root, 1_ticks, hr_time(0_ticks)) );
+ CHECK( false == RuleInterface::reenable(root, 1_ticks, hr_time(0_ticks)) );
}
SECTION( "suspend time exceeded" )
{
- CHECK( RuleInterface::reenable(root, 1_ticks, hr_time(2_ticks)) );
+ CHECK( true == RuleInterface::reenable(root, 1_ticks, hr_time(2_ticks)) );
}
}
}
{
SECTION( "timeouts under threshold" )
{
- CHECK_FALSE( RuleInterface::timeout_and_suspend(root, 2, hr_time(0_ticks), true) );
+ CHECK( false == RuleInterface::timeout_and_suspend(root, 2, hr_time(0_ticks), true) );
CHECK( child_state[0].latency_timeouts == 1 );
CHECK( child_state[0].latency_suspends == 0 );
}
SECTION( "timeouts exceed threshold" )
{
- CHECK( RuleInterface::timeout_and_suspend(root, 1, hr_time(0_ticks), true) );
+ CHECK( true == RuleInterface::timeout_and_suspend(root, 1, hr_time(0_ticks), true) );
CHECK( child_state[0].latency_timeouts == 1 );
CHECK( child_state[0].latency_suspends == 1 );
}
SECTION( "suspend disabled" )
{
- CHECK_FALSE( RuleInterface::timeout_and_suspend(root, 0, hr_time(0_ticks), false) );
+ CHECK( false == RuleInterface::timeout_and_suspend(root, 0, hr_time(0_ticks), false) );
CHECK( child_state[0].latency_timeouts == 1 );
CHECK( child_state[0].latency_suspends == 0 );
}
// Used for iterations
ObfuscatorBlock() = default;
- uint32_t offset;
- size_t length;
+ uint32_t offset = 0;
+ size_t length = 0;
};
class SO_PUBLIC Obfuscator
ob.push(0,0);
uint32_t last = 0;
- for ( auto &b: ob )
+ for ( const auto &b: ob )
{
CHECK_TRUE(last <= b.offset);
last = b.offset;
ob.push(0,100);
uint32_t last = 0;
- for ( auto &b: ob )
+ for ( const auto &b: ob )
{
CHECK_TRUE(last <= b.offset);
last = b.offset;
string sep;
};
-CsvLogger::CsvLogger(CsvModule* m)
-{
- file = m->file ? F_NAME : "stdout";
- limit = m->limit;
- sep = m->sep;
- fields = std::move(m->fields);
-}
+CsvLogger::CsvLogger(CsvModule* m) :
+ file(m->file ? F_NAME : "stdout"),
+ limit(m->limit),
+ fields(std::move(m->fields)),
+ sep(m->sep)
+{ }
void CsvLogger::open()
{
std::vector<unsigned> FastLogger::req_ids;
std::vector<unsigned> FastLogger::rsp_ids;
-FastLogger::FastLogger(FastModule* m)
-{
- file = m->file ? F_NAME : "stdout";
- limit = m->limit;
- packet = m->packet;
-}
+FastLogger::FastLogger(FastModule* m) : file(m->file ? F_NAME : "stdout"), limit(m->limit), packet(m->packet)
+{ }
//-----------------------------------------------------------------
// FIXIT-L generalize buffer sets when other inspectors get smarter
unsigned long limit;
};
-FullLogger::FullLogger(FullModule* m)
-{
- file = m->file ? F_NAME : "stdout";
- limit = m->limit;
-}
+FullLogger::FullLogger(FullModule* m) : file(m->file ? F_NAME : "stdout"), limit(m->limit)
+{ }
void FullLogger::open()
{
string sep;
};
-JsonLogger::JsonLogger(JsonModule* m)
-{
- file = m->file ? F_NAME : "stdout";
- limit = m->limit;
- sep = m->sep;
- fields = std::move(m->fields);
-}
+JsonLogger::JsonLogger(JsonModule* m) : file(m->file ? F_NAME : "stdout"), limit(m->limit), fields(std::move(m->fields)), sep(m->sep)
+{ }
void JsonLogger::open()
{
};
LuaJitLogger::LuaJitLogger(const char* name, std::string& chunk, LuaLogModule* mod)
+ : config("args = { " + mod->args + "}")
{
- // create an args table with any rule options
- config = "args = { ";
- config += mod->args;
- config += "}";
-
unsigned max = ThreadConfig::get_instance_max();
// FIXIT-L might make more sense to have one instance with one lua state in
void LuaJitLogger::alert(Packet* p, const char*, const Event& e)
{
+ // cppcheck-suppress unreadVariable
Profile profile(luaLogPerfStats);
packet = p;
}
else if (msg != nullptr)
{
- syslog(priority, "%s", msg == nullptr ? "ALERT" : msg);
+ syslog(priority, "%s", msg);
}
}
};
HextLogger::HextLogger(HextModule* m)
+ : file(m->file ? F_NAME : "stdout"), limit(m->limit), width(m->width), raw(m->raw)
{
- file = m->file ? F_NAME : "stdout";
- limit = m->limit;
- width = m->width;
- raw = m->raw;
-
DataBus::subscribe(intrinsic_pub_key, IntrinsicEventIds::DAQ_SOF_MSG, new DaqMessageEventHandler());
DataBus::subscribe(intrinsic_pub_key, IntrinsicEventIds::DAQ_EOF_MSG, new DaqMessageEventHandler());
}
struct LtdConfig
{
- string file;
size_t limit;
};
static void AlertExtraData(
Flow* flow, void* data,
- LogFunction* log_funcs, uint32_t max_count,
- uint32_t xtradata_mask, const AlertInfo& alert_info)
+ LogFunction* log_funcs, //cppcheck-suppress constParameter
+ uint32_t max_count, uint32_t xtradata_mask, const AlertInfo& alert_info)
{
Unified2Config* config = (Unified2Config*)data;
uint32_t xid;
p->pkth = nullptr; // No longer avail after finalize_message.
{
+ // cppcheck-suppress unreadVariable
Profile profile(daqPerfStats);
p->daq_instance->finalize_message(p->daq_msg, verdict);
}
}
oops_handler->set_current_message(nullptr, nullptr);
{
+ // cppcheck-suppress unreadVariable
Profile profile(daqPerfStats);
daq_instance->finalize_message(msg, verdict);
}
void Analyzer::finalize_daq_message(DAQ_Msg_h msg, DAQ_Verdict verdict)
{
+ // cppcheck-suppress unreadVariable
Profile profile(daqPerfStats);
daq_instance->finalize_message(msg, verdict);
}
while ((msg = retry_queue->get()) != nullptr)
{
daq_stats.retries_discarded++;
+ // cppcheck-suppress unreadVariable
Profile profile(daqPerfStats);
daq_instance->finalize_message(msg, DAQ_VERDICT_BLOCK);
}
TraceApi::thread_term();
}
-Analyzer::Analyzer(SFDAQInstance* instance, unsigned i, const char* s, uint64_t msg_cnt)
+Analyzer::Analyzer(SFDAQInstance* instance, unsigned i, const char* s, uint64_t msg_cnt) :
+ id(i),
+ exit_after_cnt(msg_cnt),
+ source(s ? s : ""),
+ daq_instance(instance),
+ retry_queue(new RetryQueue(200)),
+ oops_handler(new OopsHandler())
{
- id = i;
- exit_after_cnt = msg_cnt;
- source = s ? s : "";
- daq_instance = instance;
- oops_handler = new OopsHandler();
- retry_queue = new RetryQueue(200);
set_state(State::NEW);
}
DAQ_RecvStatus rstat;
{
+ // cppcheck-suppress unreadVariable
Profile profile(daqPerfStats);
rstat = daq_instance->receive_messages(max_recv);
}
static ContextSwitcher* get_switcher();
static void set_main_hook(MainHook_f);
+ Analyzer() = delete;
Analyzer(snort::SFDAQInstance*, unsigned id, const char* source, uint64_t msg_cnt = 0);
~Analyzer();
uint64_t skip_cnt = 0;
std::string source;
snort::SFDAQInstance* daq_instance;
- RetryQueue* retry_queue = nullptr;
- OopsHandler* oops_handler = nullptr;
+ RetryQueue* retry_queue;
+ OopsHandler* oops_handler;
ContextSwitcher* switcher = nullptr;
std::mutex pending_work_queue_mutex;
std::list<UncompletedAnalyzerCommand*> uncompleted_work_queue;
private:
string name;
string text;
- unsigned priority;
+ unsigned priority = 0;
};
bool ClassificationsModule::begin(const char*, int, SnortConfig*)
{ return GLOBAL; }
private:
- int thread;
- CpuSet* cpuset;
+ int thread = 0;
+ CpuSet* cpuset = nullptr;
string type;
string name;
};
{ return CONTEXT; }
private:
- THDX_STRUCT thdx;
+ THDX_STRUCT thdx = {};
};
bool SuppressModule::set(const char*, Value& v, SnortConfig*)
{ return CONTEXT; }
private:
- THDX_STRUCT thdx;
+ THDX_STRUCT thdx = {};
};
bool EventFilterModule::set(const char*, Value& v, SnortConfig*)
{
public:
HostsModule() : Module("hosts", hosts_help, hosts_params, true)
- { host = nullptr; }
+ { }
~HostsModule() override
{ assert(!host); }
private:
HostServiceDescriptor service;
- HostAttributesEntry host;
+ HostAttributesEntry host = nullptr;
};
bool HostsModule::set(const char*, Value& v, SnortConfig* sc)
bool PolicyMap::setup_network_policies()
{
- for (auto* np : network_policy)
- {
- if (!set_user_network(np))
- return false;
- }
- return true;
+ return std::none_of(network_policy.begin(), network_policy.end(),
+ [this](NetworkPolicy* np){ return !set_user_network(np); });
}
void PolicyMap::clone(PolicyMap *other_map, const char* exclude_name)
return true;
}
-void ReloadTracker::end(ControlConn* ctrlcon, bool prompt)
+void ReloadTracker::end(const ControlConn* ctrlcon, bool prompt)
{
#ifdef NDEBUG
UNUSED(ctrlcon);
reload_in_progress = false;
}
-void ReloadTracker::failed(ControlConn* ctrlcon, const char* reason)
+void ReloadTracker::failed(const ControlConn* ctrlcon, const char* reason)
{
#ifdef NDEBUG
UNUSED(ctrlcon);
reload_in_progress = false;
}
-void ReloadTracker::update(ControlConn* ctrlcon, const char* status)
+void ReloadTracker::update(const ControlConn* ctrlcon, const char* status)
{
#ifdef NDEBUG
UNUSED(ctrlcon);
public:
ReloadTracker() = delete;
static bool start(ControlConn* ctrlcon);
- static void end(ControlConn* ctrlcon, bool prompt=false);
- static void failed(ControlConn* ctrlcon, const char* reason);
- static void update(ControlConn* ctrlcon, const char* status);
+ static void end(const ControlConn* ctrlcon, bool prompt=false);
+ static void failed(const ControlConn* ctrlcon, const char* reason);
+ static void update(const ControlConn* ctrlcon, const char* status);
private:
static bool reload_in_progress;
detection_filter_term();
term_signals();
-
+
}
void Snort::clean_exit(int)
delete trace_config;
delete overlay_trace_config;
delete ha_config;
- delete global_dbus;
+ delete global_dbus;
delete profiler;
delete latency;
for ( unsigned i = 0; i < num_slots; ++i )
state[i].resize(handler_count);
- for ( auto* s : scratch_handlers )
- {
- if ( s and s->setup(this) )
- scratchers.push_back(s);
- }
+ std::copy_if(scratch_handlers.begin(), scratch_handlers.end(), std::back_inserter(scratchers),
+ [this](ScratchAllocator* s){ return s and s->setup(this); });
}
void SnortConfig::update_scratch(ControlConn* ctrlcon)
daq_config->overlay(cmd_line_conf->daq_config);
// -k (only configures eval, not drop)
- int cl_chk = cmd_line_conf->policy_map->get_network_policy()->checksum_eval;
+ uint32_t cl_chk = cmd_line_conf->policy_map->get_network_policy()->checksum_eval;
if (!(cl_chk & CHECKSUM_FLAG__DEF))
{
for (unsigned idx = 0; idx < policy_map->network_policy_count(); ++idx)
{
NetworkPolicy* nw_policy = policy_map->get_network_policy(idx);
- if (!(cl_chk & CHECKSUM_FLAG__DEF))
- nw_policy->checksum_eval = cl_chk;
+ nw_policy->checksum_eval = cl_chk;
}
}
ConfigOutput* SnortConfig::create_config_output() const
{
- ConfigOutput* output = nullptr;
+ ConfigOutput* output_cfg = nullptr;
switch (dump_config_type)
{
case DUMP_CONFIG_JSON_ALL:
- output = new JsonAllConfigOutput();
+ output_cfg = new JsonAllConfigOutput();
break;
case DUMP_CONFIG_JSON_TOP:
- output = new JsonTopConfigOutput();
+ output_cfg = new JsonTopConfigOutput();
break;
case DUMP_CONFIG_TEXT:
- output = new TextConfigOutput();
+ output_cfg = new TextConfigOutput();
break;
default:
break;
}
- return output;
+ return output_cfg;
}
bool SnortConfig::tunnel_bypass_enabled(uint16_t proto) const
private:
inline bool is(const Value& v, const char* opt);
- SFDAQModuleConfig* module_config;
+ SFDAQModuleConfig* module_config = nullptr;
bool no_warn_flowbits = false;
bool no_warn_rules = false;
std::string stub_opts;
// with this program; if not, write to the Free Software Foundation, Inc.,
// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
//--------------------------------------------------------------------------
-// stubs.h author Ron Dempster <rdempste@cisco.com>
+// distill_verdict_stubs.h author Ron Dempster <rdempste@cisco.com>
#include "detection/context_switcher.h"
#include "detection/detection_engine.h"
bool SFDAQ::can_inject_raw() { return false; }
bool SFDAQ::can_replace() { return false; }
int SFDAQInstance::set_packet_verdict_reason(DAQ_Msg_h, uint8_t) { return 0; }
-DetectionEngine::DetectionEngine() = default;
+DetectionEngine::DetectionEngine() { context = nullptr; }
DetectionEngine::~DetectionEngine() = default;
void DetectionEngine::onload() { }
void DetectionEngine::thread_init() { }
ThreadConfig::~ThreadConfig()
{
- for (auto& iter : thread_affinity)
+ for (const auto& iter : thread_affinity)
delete iter.second;
- for (auto& iter : named_thread_affinity)
+ for (const auto& iter : named_thread_affinity)
delete iter.second;
}
tc.set_thread_affinity(STHREAD_TYPE_PACKET, 0, cpuset2);
tc.set_thread_affinity(STHREAD_TYPE_PACKET, 1, cpuset);
- CHECK(tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
+ CHECK(true == tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
hwloc_mock->node.os_index = 1;
numa_mock->pref = 1;
- CHECK(tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 1));
+ CHECK(true == tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 1));
}
TEST_CASE("numa_available negative test", "[ThreadConfig]")
numa_mock->numa_avail = -1;
numa = numa_mock;
hwloc = hwloc_mock;
- CHECK(!tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
+ CHECK(false == tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
}
TEST_CASE("set node failure negative test", "[ThreadConfig]")
numa_mock->pref = -1;
numa = numa_mock;
hwloc = hwloc_mock;
- CHECK(!tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
+ CHECK(false == tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
}
TEST_CASE("depth unknown negative test", "[ThreadConfig]")
hwloc_mock->type_depth = HWLOC_TYPE_DEPTH_UNKNOWN;
hwloc = hwloc_mock;
numa = numa_mock;
- CHECK(!tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
+ CHECK(false == tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
}
TEST_CASE("set memory policy failure negative test", "[ThreadConfig]")
numa_mock->mem_policy = -1;
numa = numa_mock;
hwloc = hwloc_mock;
- CHECK(!tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
+ CHECK(false == tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
}
TEST_CASE("get_nbobjs_by_depth failure negative test", "[ThreadConfig]")
hwloc_mock->nbobjs_by_depth = 0;
hwloc = hwloc_mock;
numa = numa_mock;
- CHECK(!tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
+ CHECK(false == tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0));
}
#endif
{
if ( action < s_act_index )
{
- for ( const auto& type : s_act_types )
- {
- if ( type.second == action )
- return type.first;
- }
+ auto it = std::find_if(s_act_types.cbegin(), s_act_types.cend(),
+ [action](const std::pair<const std::string, Actions::Type>& type){ return type.second == action; });
+ if ( it != s_act_types.cend())
+ return (*it).first;
}
return "ERROR";
{
Dumper d("IPS Actions");
- for ( auto& p : s_actors )
+ for ( const auto& p : s_actors )
d.dump(p.api->base.name, p.api->base.version);
}
static ActionClass* get_action_class(const ActionApi* api, IpsActionsConfig* iac)
{
- for ( auto& ai : iac->clist )
- {
- if ( ai.cls.api == api )
- return &ai.cls;
- }
-
- for ( auto& ac : s_actors )
+ auto it = std::find_if(iac->clist.cbegin(), iac->clist.cend(),
+ [api](const ActionInst &ai){ return ai.cls.api == api; });
+ if ( it != iac->clist.cend() )
+ return &(*it).cls;
+
+ auto it2 = std::find_if(s_actors.begin(), s_actors.end(),
+ [api](const ActionClass& ac){ return ac.api == api; });
+ if ( it2 != s_actors.end() )
{
- if ( ac.api == api )
+ ActionClass& ac = *it2;
+ if ( !ac.initialized )
{
- if ( !ac.initialized )
- {
- if ( ac.api->pinit )
- ac.api->pinit();
- ac.initialized = true;
- }
- return ∾
+ if ( ac.api->pinit )
+ ac.api->pinit();
+ ac.initialized = true;
}
+ return ∾
}
return nullptr;
//-------------------------------------------------------------------------
static ActionClass& get_thread_local_action_class(const ActionApi* api)
{
- for ( ActionClass& p : *s_tl_actors )
- {
- if ( p.api == api )
- return p;
- }
+ auto it = std::find_if(s_tl_actors->begin(), s_tl_actors->end(),
+ [api](const ActionClass& p){ return p.api == api; });
+ if ( it != s_tl_actors->end() )
+ return *it;
s_tl_actors->emplace_back(api);
return s_tl_actors->back();
}
{
// Initial build out of this thread's configured plugin registry
s_tl_actors = new ACList;
- for ( auto& p : sc->ips_actions_config->clist )
+ for ( const auto& p : sc->ips_actions_config->clist )
{
ActionClass& tlac = get_thread_local_action_class(p.cls.api);
if ( tlac.api->tinit )
void ActionManager::thread_reinit(const SnortConfig* sc)
{
// Update this thread's configured plugin registry with any newly configured inspectors
- for ( auto& p : sc->ips_actions_config->clist )
+ for ( const auto& p : sc->ips_actions_config->clist )
{
ActionClass& tlac = get_thread_local_action_class(p.cls.api);
if (!tlac.initialized)
CodecManager::CodecApiWrapper& CodecManager::get_api_wrapper(const CodecApi* cd_api)
{
- for (CodecApiWrapper& caw : s_codecs)
- {
- if (caw.api == cd_api)
- return caw;
- }
+ auto it = std::find_if(s_codecs.begin(), s_codecs.end(),
+ [cd_api](const CodecApiWrapper& caw){ return caw.api == cd_api; });
+ if (it != s_codecs.end())
+ return *it;
ParseAbort("Attempting to instantiate Codec '%s', "
"but codec has not been added", cd_api->base.name);
{
Dumper d("Codecs");
- for ( CodecApiWrapper& wrap : s_codecs )
+ for ( const CodecApiWrapper& wrap : s_codecs )
d.dump(wrap.api->base.name, wrap.api->base.version);
}
{
Dumper d("Connectors");
- for ( auto& sc : s_connector_commons )
+ for ( const auto& sc : s_connector_commons )
d.dump(sc.api->base.name, sc.api->base.version);
}
if ( sc.api->dtor )
sc.api->dtor(sc.connector_common);
- for ( auto& conn : sc.connectors )
+ for ( const auto& conn : sc.connectors )
delete conn.second;
sc.connectors.clear();
{
s_loggers.outputs.clear();
- for ( auto* p : s_outputs )
+ for ( const auto* p : s_outputs )
delete p;
s_outputs.clear();
void InspectorList::clear_removed()
{
- for ( auto& ri : removed_ilist )
+ for ( const auto& ri : removed_ilist )
ri.instance->handler->rem_global_ref();
removed_ilist.clear();
}
{
for (auto* p : ilist)
{
- for (auto* old_p : old_list->ilist)
+ auto it = std::find_if(old_list->ilist.cbegin(), old_list->ilist.cend(),
+ [&p](const PHInstance* old_p){ return old_p->name == p->name; });
+ if (it != old_list->ilist.cend())
{
- if (old_p->name == p->name)
+ ReloadType reload_type = p->get_reload_type();
+ if (!cloned || RELOAD_TYPE_NEW == reload_type || RELOAD_TYPE_REENABLED == reload_type)
{
- ReloadType reload_type = p->get_reload_type();
- if (!cloned || RELOAD_TYPE_NEW == reload_type
- || RELOAD_TYPE_REENABLED == reload_type)
- {
- p->handler->copy_thread_storage(old_p->handler);
- p->handler->install_reload_handler(sc);
- }
- break;
+ p->handler->copy_thread_storage((*it)->handler);
+ p->handler->install_reload_handler(sc);
}
}
}
--ts_handlers->ref_count;
if (!ts_handlers->ref_count)
{
- for (auto* h : ts_handlers->olists)
+ for (const auto* h : ts_handlers->olists)
delete h;
delete ts_handlers;
}
std::vector<const InspectApi*> InspectorManager::get_apis()
{
std::vector<const InspectApi*> v;
+ v.reserve(s_handlers.size());
- for ( const auto* p : s_handlers )
- v.emplace_back(&p->api);
+ std::transform(s_handlers.cbegin(), s_handlers.cend(), std::back_inserter(v),
+ [](const PHObject* p){ return &p->api; });
return v;
}
static const InspectApi* get_plugin(const char* keyword)
{
- for ( auto* p : s_handlers )
+ for ( const auto* p : s_handlers )
if ( !strcmp(p->api.base.name, keyword) )
return &p->api;
InspectSsnFunc InspectorManager::get_session(uint16_t proto)
{
- for ( auto* p : s_handlers )
- {
- if ( p->api.type == IT_STREAM && p->api.proto_bits == proto && p->initialized )
- return p->api.ssn;
- }
+ auto it = std::find_if(s_handlers.cbegin(), s_handlers.cend(),
+ [proto](const PHObject* p)
+ { return p->api.type == IT_STREAM && p->api.proto_bits == proto && p->initialized; });
+ if (it != s_handlers.cend())
+ return (*it)->api.ssn;
return nullptr;
}
if ( !sc->framework_config )
return;
- for ( auto* p : sc->framework_config->clist )
+ for ( const auto* p : sc->framework_config->clist )
delete p;
delete sc->framework_config;
static PHClass* get_class(const char* keyword, FrameworkConfig* fc)
{
+ // cppcheck-suppress constVariable
for ( auto* p : fc->clist )
if ( !strcmp(p->api.base.name, keyword) )
return p;
for ( auto* p : s_handlers )
+ {
if ( !strcmp(p->api.base.name, keyword) )
{
if ( !p->initialized )
fc->clist.emplace_back(ppc);
return ppc;
}
+ }
return nullptr;
}
{
assert(handlers);
- for ( PHObject& phg : *handlers )
- {
- if ( &phg.api == &api )
- return phg;
- }
+ auto it = std::find_if(handlers->begin(), handlers->end(),
+ [&api](const PHObject& phg){ return &phg.api == &api; });
+ if (it != handlers->end())
+ return (*it);
handlers->emplace_back(api);
return handlers->back();
}
g_disabled.emplace_back(gp->control.vec[i]);
}
gp->control.num = g_c;
+ // cppcheck-suppress constVariable
for (auto* ph : g_disabled)
gp->control.vec[g_c++] = ph;
for ( unsigned idx = 0; idx < sc->policy_map->network_policy_count(); ++idx )
disabled.emplace_back(tp->control.vec[i]);
}
tp->control.num = c;
+ // cppcheck-suppress constVariable
for (auto* ph : disabled)
tp->control.vec[c++] = ph;
}
void IpsManager::release_plugins()
{
- for ( auto& p : s_options )
+ for ( const auto& p : s_options )
delete p.second;
s_options.clear();
void IpsManager::global_term(const SnortConfig* sc)
{
- for ( auto& p : s_options )
+ for ( const auto& p : s_options )
if ( p.second->init && p.second->api->pterm )
{
p.second->api->pterm(sc);
void IpsManager::reset_options()
{
- for ( auto& p : s_options )
+ for ( const auto& p : s_options )
p.second->count = 0;
}
void IpsManager::setup_options(const SnortConfig* sc)
{
- for ( auto& p : s_options )
+ for ( const auto& p : s_options )
if ( p.second->init && p.second->api->tinit )
p.second->api->tinit(sc);
}
void IpsManager::clear_options(const SnortConfig* sc)
{
- for ( auto& p : s_options )
+ for ( const auto& p : s_options )
if ( p.second->init && p.second->api->tterm )
p.second->api->tterm(sc);
}
bool IpsManager::verify(SnortConfig* sc)
{
- for ( auto& p : s_options )
+ for ( const auto& p : s_options )
if ( p.second->init && p.second->api->verify )
p.second->api->verify(sc);
// ffi methods - only called from Lua so cppcheck suppressions required
//-------------------------------------------------------------------------
-// cppcheck-suppress unusedFunction
SO_PUBLIC void clear_alias()
{
s_aliased_name.clear();
s_aliased_type.clear();
}
-// cppcheck-suppress unusedFunction
SO_PUBLIC bool set_alias(const char* from, const char* to)
{
if ( !from or !to )
if ( !m or !m->is_bindable() )
return false;
- if ( (m->get_usage() == Module::GLOBAL) and from )
+ if ( m->get_usage() == Module::GLOBAL )
{
ParseError("global module type '%s' can't be aliased", to);
return false;
return true;
}
-// cppcheck-suppress unusedFunction
SO_PUBLIC void snort_whitelist_append(const char* s)
{
Shell::allowlist_append(s, false);
}
-// cppcheck-suppress unusedFunction
SO_PUBLIC void snort_whitelist_add_prefix(const char* s)
{
Shell::allowlist_append(s, true);
}
-// cppcheck-suppress unusedFunction
SO_PUBLIC const char* push_include_path(const char* file)
{
static std::string path;
return path.c_str();
}
-// cppcheck-suppress unusedFunction
SO_PUBLIC void pop_include_path()
{
pop_parse_location();
}
-// cppcheck-suppress unusedFunction
SO_PUBLIC bool set_includer(const char* fqn, const char* s)
{
if ( !strcmp(fqn, "ips.includer") )
return true;
}
-// cppcheck-suppress unusedFunction
SO_PUBLIC int get_module_version(const char* name, const char* type)
{
// not all modules are plugins
void ModuleManager::term()
{
- for ( auto& mh : s_modules )
+ for ( const auto& mh : s_modules )
delete mh.second;
s_modules.clear();
{
list<Module*> ret;
- for ( auto& mh : s_modules )
- ret.emplace_back(mh.second->mod);
+ std::transform(s_modules.cbegin(), s_modules.cend(), std::back_inserter(ret),
+ [](const std::pair<const std::string, ModHook*>& mh){ return mh.second->mod; });
return ret;
}
{
list<ModHook*> ret;
- for ( auto& mh : s_modules )
- ret.emplace_back(mh.second);
+ std::transform(s_modules.cbegin(), s_modules.cend(), std::back_inserter(ret),
+ [](const std::pair<const std::string, ModHook*>& mh){ return mh.second; });
return ret;
}
{
std::string tr = range;
const char* d = strchr(range, ':');
- bool is_signed = ('-' == *range) || (d && '-' == d[1]);
if ( *range == 'm' )
{
if ( d )
- {
- if (is_signed)
- tr = std::to_string(Parameter::get_int(range)) + tr.substr(tr.find(":"));
- else
- tr = std::to_string(Parameter::get_uint(range)) + tr.substr(tr.find(":"));
- }
+ tr = std::to_string(Parameter::get_uint(range)) + tr.substr(tr.find(":"));
else
- {
- if (is_signed)
- tr = std::to_string(Parameter::get_int(range));
- else
- tr = std::to_string(Parameter::get_uint(range));
- }
+ tr = std::to_string(Parameter::get_uint(range));
}
if ( d and *++d == 'm' )
{
- if (is_signed)
- tr = tr.substr(0, tr.find(":") + 1) + std::to_string(Parameter::get_int(d));
+ bool is_signed = ('-' == *range);
+ tr.resize(tr.find(":") + 1);
+ if ( is_signed )
+ tr += std::to_string(Parameter::get_int(d));
else
- tr = tr.substr(0, tr.find(":") + 1) + std::to_string(Parameter::get_uint(d));
+ tr += std::to_string(Parameter::get_uint(d));
}
json.put("range", tr);
break;
dump_param_range_json(json, &p_min_max);
x = R"-(, "range": "2147483647:4294967295")-";
CHECK(ss.str() == x);
+ ss.str("");
+
+ const Parameter p_s_int_max("s_int_max", Parameter::PT_INT, "-2:max63", nullptr, "help");
+ dump_param_range_json(json, &p_s_int_max);
+ x = R"-(, "range": "-2:9223372036854775807")-";
+ CHECK(ss.str() == x);
+ ss.str("");
+
+ const Parameter p_s_uint_max("s_uint_max", Parameter::PT_INT, "-5:max64", nullptr, "help");
+ dump_param_range_json(json, &p_s_uint_max);
+ x = R"-(, "range": "-5:-1")-";
+ CHECK(ss.str() == x);
+ ss.str("");
+
+ const Parameter p_max("uint_max", Parameter::PT_INT, ":max64", nullptr, "help");
+ dump_param_range_json(json, &p_max);
+ x = R"-(, "range": ":18446744073709551615")-";
+ CHECK(ss.str() == x);
}
}
return (api->flags & MPSE_MTBLD) != 0;
}
-// was called during drop stats but actually commented out
-// FIXIT-M this one has to accumulate across threads
-#if 0
-void MpseManager::print_qinfo()
-{
- sfksearch_print_qinfo();
- acsmx2_print_qinfo();
-}
-#endif
-
SoHandlePtr so_file;
if ( handle and sc )
{ // for reload, if the so lib file was previously opened, reuse the shared_ptr
- for( auto const& i : s_plugins.plug_map )
- {
- if ( i.second.api == (*api) and i.second.handle.get()->handle == handle )
- {
- so_file = i.second.handle;
- break;
- }
- }
+ auto it = std::find_if(s_plugins.plug_map.cbegin(), s_plugins.plug_map.cend(),
+ [api, handle](const std::pair<const std::string, Plugin>& i)
+ { return i.second.api == *api and i.second.handle.get()->handle == handle; });
+
+ if (it != s_plugins.plug_map.cend())
+ so_file = (*it).second.handle;
}
if ( !so_file.get() )
so_file = std::make_shared<SoHandle>(handle);
{
for ( auto it = s_plugins.plug_map.begin(); it != s_plugins.plug_map.end(); ++it )
{
- Plugin& p = it->second;
+ const Plugin& p = it->second;
cout << Markup::item();
cout << p.key;
cout << " v" << p.api->version;
{
for ( auto it = s_plugins.plug_map.begin(); it != s_plugins.plug_map.end(); ++it )
{
- Plugin& p = it->second;
+ const Plugin& p = it->second;
cout << Markup::item();
cout << Markup::emphasis(p.key);
#include "script_manager.h"
+#include <algorithm>
+
#include <sys/stat.h>
#include "framework/ips_option.h"
const char* IpsLuaApi::type = "ips_option";
-IpsLuaApi::IpsLuaApi(string& s, string& c, unsigned v) : LuaApi(s, c)
+extern const IpsApi* ips_luajit;
+IpsLuaApi::IpsLuaApi(string& s, string& c, unsigned v) : LuaApi(s, c), api(*ips_luajit)
{
- extern const IpsApi* ips_luajit;
- api = *ips_luajit;
api.base.name = name.c_str();
api.base.version = v;
}
const char* LogLuaApi::type = "logger";
-LogLuaApi::LogLuaApi(string& s, string& c, unsigned v) : LuaApi(s, c)
+extern const LogApi* log_luajit;
+LogLuaApi::LogLuaApi(string& s, string& c, unsigned v) : LuaApi(s, c), api(*log_luajit)
{
- extern const LogApi* log_luajit;
- api = *log_luajit;
api.base.name = name.c_str();
api.base.version = v;
}
const BaseApi** ScriptManager::get_plugins()
{
base_api.clear();
+ base_api.reserve(lua_api.size() + 1);
- for ( auto p : lua_api )
- base_api.emplace_back(p->get_base());
+ transform(lua_api.cbegin(), lua_api.cend(), back_inserter(base_api),
+ [](const LuaApi* p){ return p->get_base(); });
base_api.emplace_back(nullptr);
string* ScriptManager::get_chunk(const char* key)
{
- for ( auto p : lua_api )
- if ( p->name == key )
- return &p->chunk;
+ auto it = find_if(lua_api.cbegin(), lua_api.cend(), [key](const LuaApi* p){ return p->name == key; });
+ if (it != lua_api.cend())
+ return &(*it)->chunk;
return nullptr;
}
void eval(Packet*) override { }
bool configure(SnortConfig* sc) override
{
- for( auto i : sc->so_rules->handles )
- handles.emplace_back(i);
+ copy(sc->so_rules->handles.begin(), sc->so_rules->handles.end(), back_inserter(handles));
sc->so_rules->proxy = this;
return true;
}
void DetectionEngine::disable_content(Packet*) { }
unsigned SnortConfig::get_thread_reload_id() { return 1; }
void SnortConfig::update_thread_reload_id() { }
-Inspector::Inspector() { }
+Inspector::Inspector() { ref_count = nullptr; }
Inspector::~Inspector() { }
bool Inspector::likes(Packet*) { return false; }
bool Inspector::get_buf(const char*, Packet*, InspectionBuffer&) { return false; }
}
PolicyMap::PolicyMap(PolicyMap*, const char*)
{
+ empty_ips_policy = nullptr;
+ inspector_tinit_complete = nullptr;
file_id = InspectorManager::create_single_instance_inspector_policy();
flow_tracking = InspectorManager::create_single_instance_inspector_policy();
global_inspector_policy = InspectorManager::create_global_inspector_policy();
const SnortConfig* SnortConfig::get_conf()
{ return (const SnortConfig*)mock().getData("snort_config").getObjectPointer(); }
-Module::Module(const char* name, const char*) : name(name)
+Module::Module(const char* name, const char*) : name(name), help(nullptr), params(nullptr), list(false)
{ }
class TestInspector : public Inspector
auto meta = memory::Metadata::create<AllocatorSpy>(n);
CHECK( (void*)meta == (void*)pool );
- CHECK( meta->valid() );
+ CHECK( true == meta->valid() );
CHECK( meta->payload_size == n );
}
const uint8_t* header_value_ptr = nullptr;
int max_header_name_len = 0;
- int header_found;
/* got a line with only end of line marker should signify end of header */
if (eolm == ptr)
{
if (tolower((int)*ptr) == 'c')
{
mime_current_search = &mime_hdr_search[0];
- header_found = mime_hdr_search_mpse->find(
+ int header_found = mime_hdr_search_mpse->find(
(const char*)ptr, eolm - ptr, search_str_found, true);
/* Headers must start at beginning of line */
void AppInfoManager::cleanup_appid_info_table()
{
- for (auto& kv: app_info_table)
+ for (const auto& kv: app_info_table)
delete(kv.second);
app_info_table.erase(app_info_table.begin(), app_info_table.end());
- for (auto& kv: custom_app_info_table)
+ for (const auto& kv: custom_app_info_table)
delete(kv.second);
custom_app_info_table.erase(custom_app_info_table.begin(), custom_app_info_table.end());
void ApplicationDescriptor::set_id(AppId app_id)
{
- if ( my_id != app_id )
- my_id = app_id;
+ my_id = app_id;
}
void ApplicationDescriptor::set_id(const Packet& p, AppIdSession& asd,
bool log_all_sessions = false;
bool enable_rna_filter = false;
std::string rna_conf_path = "";
- SnortProtocolId snort_proto_ids[PROTO_INDEX_MAX];
+ SnortProtocolId snort_proto_ids[PROTO_INDEX_MAX] = {};
void show() const;
};
private:
bool enabled = false;
bool active = false;
- AppIdDebugSessionConstraints info = { };
- char debug_session[APPID_DEBUG_SESSION_ID_SIZE];
+ AppIdDebugSessionConstraints info = {};
+ char debug_session[APPID_DEBUG_SESSION_ID_SIZE] = {};
};
extern THREAD_LOCAL AppIdDebug* appidDebug;
int AppIdDetector::initialize(AppIdInspector& inspector)
{
if ( !tcp_patterns.empty() )
- for (auto& pat : tcp_patterns)
+ for (const auto& pat : tcp_patterns)
handler->register_tcp_pattern(this, pat.pattern, pat.length, pat.index, pat.nocase);
if ( !udp_patterns.empty() )
- for (auto& pat : udp_patterns)
+ for (const auto& pat : udp_patterns)
handler->register_udp_pattern(this, pat.pattern, pat.length, pat.index, pat.nocase);
if (!appid_registry.empty())
{
- AppIdContext& ctxt = inspector.get_ctxt();
- for (auto& id : appid_registry)
+ const AppIdContext& ctxt = inspector.get_ctxt();
+ for (const auto& id : appid_registry)
register_appid(id.appId, id.additionalInfo, ctxt.get_odp_ctxt());
}
if (!service_ports.empty())
- for (auto& port: service_ports)
+ for (const auto& port: service_ports)
handler->add_service_port(this, port);
do_custom_init();
if (!server_name.empty())
{
- AppId client_id = APP_ID_NONE;
- AppId payload_id = APP_ID_NONE;
+ AppId tmp_client_id = APP_ID_NONE;
+ AppId tmp_payload_id = APP_ID_NONE;
if (!asd->tsession)
asd->tsession = new TlsSession();
asd->set_tls_host();
odp_ctxt.get_ssl_matchers().scan_hostname(reinterpret_cast<const uint8_t*>(server_name.c_str()),
- server_name.length(), client_id, payload_id);
- asd->set_payload_id(payload_id);
+ server_name.length(), tmp_client_id, tmp_payload_id);
+ asd->set_payload_id(tmp_payload_id);
}
std::string debug_str;
}
int longest = 0;
- for (auto& item: cmd.match_tally)
+ for (const auto& item: cmd.match_tally)
{
// Only those items with key_pattern_countdown field reduced to zero are a full match
if (item.key_pattern_countdown)
if (asd.get_service_id() <= APP_ID_NONE)
{
- if (service_id > APP_ID_NONE and service_id != APP_ID_HTTP and asd.get_service_id() != service_id)
+ if (service_id > APP_ID_NONE and service_id != APP_ID_HTTP)
{
const char* app_name = asd.get_odp_ctxt().get_app_info_mgr().get_app_name(service_id);
appid_log(p, TRACE_DEBUG_LEVEL, "URL is service %s (%d)\n",
static THREAD_LOCAL PacketTracer::TracerMute appid_mute;
-static void add_appid_to_packet_trace(Flow& flow, const OdpContext& odp_context)
+static void add_appid_to_packet_trace(const Flow& flow, const OdpContext& odp_context)
{
AppIdSession* session = appid_api.get_appid_session(flow);
// Skip sessions using old odp context after odp reload
void AppIdInspector::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(appid_perf_stats);
appid_stats.packets++;
class AcAppIdDebug : public AnalyzerCommand
{
public:
- AcAppIdDebug(AppIdDebugSessionConstraints* cs);
+ AcAppIdDebug(const AppIdDebugSessionConstraints* cs);
bool execute(Analyzer&, void**) override;
const char* stringify() override { return "APPID_DEBUG"; }
bool enable = false;
};
-AcAppIdDebug::AcAppIdDebug(AppIdDebugSessionConstraints* cs)
+AcAppIdDebug::AcAppIdDebug(const AppIdDebugSessionConstraints* cs)
{
if (cs)
{
static void client_success(const SshAppIdInfo& fd, AppIdSession& asd, AppidChangeBits& change_bits)
{
- SshPatternMatchers& table = asd.get_odp_ctxt().get_ssh_matchers();
+ const SshPatternMatchers& table = asd.get_odp_ctxt().get_ssh_matchers();
AppId client_id;
if (table.has_pattern(fd.vendor))
}
AppIdStatistics::AppIdStatistics(const AppIdConfig& config)
+ : bucket_interval(config.app_stats_period), roll_size(config.app_stats_rollover_size)
{
- enabled = true;
-
- roll_size = config.app_stats_rollover_size;
- bucket_interval = config.app_stats_period;
-
- time_t now = get_time();
- start_stats_period(now);
+ start_stats_period(get_time());
}
AppIdStatistics::~AppIdStatistics()
{
- if ( !enabled )
- return;
-
/*flush the last stats period. */
end_stats_period();
dump_statistics();
void AppIdStatistics::flush()
{
- if ( !enabled )
- return;
-
time_t now = get_time();
if (now >= bucket_end)
{
class AppIdStatistics
{
public:
+ AppIdStatistics() = delete;
~AppIdStatistics();
static AppIdStatistics* initialize_manager(const AppIdConfig&);
void open_stats_log_file();
void dump_statistics();
- bool enabled = false;
SF_LIST* curr_buckets = nullptr;
SF_LIST* log_buckets = nullptr;
struct TextLog* log = nullptr;
}
/* Get the product */
+ // cppcheck-suppress knownConditionTrueFalse
if ( end - args.data >= (int)sizeof(MSNMSGR) && memcmp(args.data, MSNMSGR, sizeof(MSNMSGR)-
1) == 0 )
{
args.data++; /* skip the space */
}
+ // cppcheck-suppress knownConditionTrueFalse
else if ( end - args.data >= (int)sizeof(MACMSGS) &&
memcmp(args.data, MACMSGS, sizeof(MACMSGS)-1) == 0 )
{
{
unsigned index = 0;
- for (auto& pat : tcp_patterns)
+ for (const auto& pat : tcp_patterns)
{
cmd_matcher->add(pat.pattern, pat.length, index++);
if (pat.length > longest_pattern)
pattern->next = ps->pattern;
ps->pattern = pattern;
- AppIdContext& ctxt = inspector.get_ctxt();
+ const AppIdContext& ctxt = inspector.get_ctxt();
ctxt.get_odp_ctxt().get_app_info_mgr().set_app_info_active(ps->id);
}
struct ClientPOP3Data
{
- int auth;
char* username;
POP3ClientState state;
int detected;
{
unsigned index = 0;
- for (auto& pat : tcp_patterns)
+ for (const auto& pat : tcp_patterns)
{
cmd_matcher->add(pat.pattern, pat.length, index++);
if (pat.length > longest_pattern)
if (*args.data == '.')
{
if (len == 0 ||
- (len >= 1 && args.data[1] == '\n') ||
+ args.data[1] == '\n' ||
(len >= 2 && args.data[1] == '\r' && args.data[2] == '\n'))
{
add_app(args.asd, APP_ID_SMTP, APP_ID_SMTP, nullptr, args.change_bits);
static void free_http_patterns(DetectorHTTPPatterns& patterns)
{
- for (auto& pat: patterns)
+ for (const auto& pat: patterns)
if (pat.pattern)
snort_free(const_cast<uint8_t*>(pat.pattern));
}
free_http_patterns(content_type_patterns);
free_chp_app_elements();
- for (auto* pattern : host_url_patterns)
+ for (const auto* pattern : host_url_patterns)
delete pattern;
host_url_patterns.clear();
if ( host_url_matcher )
if ( add_mlmp_pattern(host_url_matcher, pattern) < 0 )
return -1;
- for (auto* pattern: rtmp_url_patterns)
- if ( add_mlmp_pattern(rtmp_host_url_matcher, *pattern) < 0 )
- return -1;
+ if (std::any_of(rtmp_url_patterns.begin(), rtmp_url_patterns.end(),
+ [this](DetectorAppUrlPattern* pattern){ return add_mlmp_pattern(rtmp_host_url_matcher, *pattern) < 0; }))
+ return -1;
- for (auto* pattern: app_url_patterns)
- if ( add_mlmp_pattern(host_url_matcher, *pattern) < 0 )
- return -1;
+ if (std::any_of(app_url_patterns.begin(), app_url_patterns.end(),
+ [this](DetectorAppUrlPattern* pattern){ return add_mlmp_pattern(host_url_matcher, *pattern) < 0; }))
+ return -1;
return 0;
}
static inline void chp_add_candidate_to_tally(CHPMatchTally& match_tally, CHPApp* chpapp)
{
- for (auto& item: match_tally)
- if (chpapp == item.chpapp)
- {
- item.key_pattern_countdown--;
- return;
- }
+ auto it = std::find_if(match_tally.begin(), match_tally.end(),
+ [&chpapp](const CHPMatchCandidate& item){ return chpapp == item.chpapp; });
+ if (it != match_tally.end())
+ {
+ (*it).key_pattern_countdown--;
+ return;
+ }
match_tally.emplace_back( CHPMatchCandidate{ chpapp, chpapp->key_pattern_length_sum,
chpapp->key_pattern_count - 1 } );
// LCOV_EXCL_STOP
// Stubs for appid sessions
-FlowData::FlowData(unsigned, Inspector*) { }
+FlowData::FlowData(unsigned, Inspector*) : next(nullptr), prev(nullptr), handler(nullptr), id(0)
+{ }
FlowData::~FlowData() = default;
// Stubs for packet
#include "framework/mpse_batch.h"
#include "network_inspectors/appid/appid_utils/sf_mlmp.cc"
#include "protocols/protocol_ids.h"
+#include "service_inspectors/sip/sip_parser.h"
#include "utils/util_cstring.cc"
#include "appid_inspector.h"
int, char const*, AppidChangeBits&) { }
// LCOV_EXCL_STOP
-SipEvent::SipEvent(snort::Packet const* p, SIPMsg const*, SIP_DialogData const*) { this->p = p; }
+SipEvent::SipEvent(const snort::Packet* p, const SIPMsg& msg, const SIP_DialogData*) : p(p), msg(msg)
+{ }
SipEvent::~SipEvent() = default;
bool SipEvent::is_invite() const { return false; }
bool SipEvent::is_dialog_established() const { return false; }
TEST_GROUP(detector_sip_tests)
{
+ SIPMsg sip_msg;
+
void setup() override
{
+ sip_msg = {};
appid_inspector.configure(nullptr);
}
void teardown() override
OdpContext* odpctxt = pkt_thread_odp_ctxt = &context.get_odp_ctxt();
odpctxt->initialize(appid_inspector);
- SipEvent event(&pkt, nullptr, nullptr);
+ SipEvent event(&pkt, sip_msg, nullptr);
SipEventHandler event_handler(appid_inspector);
Flow* flow = new Flow;
event_handler.handle(event, flow);
{
max_network_range.clear();
network_address.clear();
- port = 0;
- proto = IpProtocol::PROTO_NOT_SET;
}
bool operator<(const FirstPktkey& right) const
return false;
}
- uint32_t netmask[4];
+ uint32_t netmask[4] = {};
snort::SfIp max_network_range;
snort::SfIp network_address;
- uint16_t port;
- IpProtocol proto;
- char padding;
+ uint16_t port = 0;
+ IpProtocol proto = IpProtocol::PROTO_NOT_SET;
+ char padding = 0;
};
PADDING_GUARD_END
// first match wins...
IpsOption::EvalStatus AppIdIpsOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(ips_appid_perf_stats);
if ( !p->flow )
}
PortPatternNode* pPattern = (decltype(pPattern))snort_calloc(sizeof(PortPatternNode));
+ // cppcheck-suppress internalAstError
pPattern->pattern = (decltype(pPattern->pattern))snort_calloc(pattern_size);
pPattern->appId = appid;
pPattern->protocol = protocol;
std::string validateFunctionName;
int minimum_matches = 0;
std::string name = "NoName";
- IpProtocol proto;
+ IpProtocol proto = IpProtocol::PROTO_NOT_SET;
};
struct LuaDetectorParameters
const uint8_t* data = nullptr;
uint16_t size = 0;
AppidSessionDirection dir = APP_ID_FROM_INITIATOR;
- AppIdSession* asd;
+ AppIdSession* asd = nullptr;
AppidChangeBits* change_bits = nullptr;
const snort::Packet* pkt = nullptr;
};
lua_State* myLuaState;
AppIdSession* asd;
- int userDataRef;
+ int userDataRef = 0;
};
int register_detector_flow_api(lua_State*);
LuaDetectorManager::~LuaDetectorManager()
{
- auto L = this->L;
if (lua_gettop(L))
appid_log(nullptr, TRACE_WARNING_LEVEL, "appid: leak of %d lua stack elements before detector unload\n",
lua_gettop(L));
data_add(args.asd, rd, &rexec_free_state);
rd->state = REXEC_STATE_PORT;
}
+ // cppcheck-suppress nullPointerRedundantCheck
appid_log(args.pkt, TRACE_DEBUG_LEVEL, "rexec state %d\n", rd->state);
- switch (rd->state)
+ switch (rd->state) // cppcheck-suppress nullPointerRedundantCheck
{
case REXEC_STATE_PORT:
if (args.dir != APP_ID_FROM_INITIATOR)
rd->state = RSHELL_STATE_PORT;
}
+ // cppcheck-suppress nullPointerRedundantCheck
appid_log(args.pkt, TRACE_DEBUG_LEVEL, "RSHELL state %d\n",rd->state);
- switch (rd->state)
+ switch (rd->state) // cppcheck-suppress nullPointerRedundantCheck
{
case RSHELL_STATE_PORT:
if (args.dir != APP_ID_FROM_INITIATOR)
else
{
/* We've gotten all of the bytes that we wanted. */
- ss->server_state = RTMP_STATE_SENT_HANDSHAKE2;
args.data += ss->server_bytes_left;
- args.size -= ss->server_bytes_left;
}
/* fall through */
void ParseWarning(WarningGroup, const char*, ...) { }
// Stubs for appid sessions
-FlowData::FlowData(unsigned, Inspector*) { }
+FlowData::FlowData(unsigned, Inspector*) : next(nullptr), prev(nullptr), handler(nullptr), id(0)
+{ }
FlowData::~FlowData() = default;
// Stubs for packet
~MapList()
{
- for ( auto& kv : m )
+ for ( const auto& kv : m )
delete kv.second;
}
namespace snort
{
-Inspector::Inspector()
+Inspector::Inspector() : ref_count(nullptr)
{
set_api(nullptr);
}
{
AppidChangeBits change_bits;
- SfIp ip;
+ SfIp ip{};
mock_session = new AppIdSession(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt);
mock_session->flow = &flow;
pkt_thread_odp_ctxt = &mock_session->get_odp_ctxt();
TEST(appid_session_api, get_client_app_id_with_eve_for_http2)
{
- SfIp ip;
+ SfIp ip{};
AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt);
asd.flow = &flow;
AppidChangeBits change_bits;
TEST(appid_session_api, get_app_id)
{
- SfIp ip;
+ SfIp ip{};
AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt);
asd.flow = &flow;
AppidChangeBits change_bits;
TEST(appid_session_api, get_app_id_with_eve_for_http2)
{
- SfIp ip;
+ SfIp ip{};
AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt);
asd.flow = &flow;
AppidChangeBits change_bits;
TEST(appid_session_api, get_first_stream_appids_for_http2)
{
- SfIp ip;
+ SfIp ip{};
AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt);
asd.flow = &flow;
AppidChangeBits change_bits;
TEST(appid_session_api, get_client_info_http2)
{
- SfIp ip;
+ SfIp ip{};
AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt);
asd.flow = &flow;
AppidChangeBits change_bits;
namespace snort
{
-Packet::Packet(bool) { }
+Packet::Packet(bool)
+{
+ memset((char*) this , 0, sizeof(*this));
+ ip_proto_next = IpProtocol::PROTO_NOT_SET;
+ packet_flags = PKT_FROM_CLIENT;
+}
Packet::~Packet() = default;
Packet* DetectionEngine::get_current_packet() { return nullptr; }
// Stubs for appid classes
class AppIdInspector{};
-FlowData::FlowData(unsigned, Inspector*) {}
+FlowData::FlowData(unsigned, Inspector*) : next(nullptr), prev(nullptr), handler(nullptr), id(0)
+{ }
FlowData::~FlowData() = default;
// Stubs for AppIdDebug
static inline bool contains(const vector<AppId>& vec, const AppId val)
{
- for (const auto& elem : vec)
- if (elem == val)
- return true;
- return false;
+ return std::any_of(vec.cbegin(), vec.cend(), [val](AppId elem){ return elem == val; });
}
static inline bool check_reinspect(const Packet* p, const AppIdSession& asd)
TP_SESSION_FLAG_TUNNELING | TP_SESSION_FLAG_FUTUREFLOW);
}
- const char *tp_app_name = asd.get_odp_ctxt().get_app_info_mgr().get_app_name(tp_app_id);
- appid_log(p, TRACE_DEBUG_LEVEL, "3rd party returned %s (%d)\n", tp_app_name ? tp_app_name : "unknown", tp_app_id);
+ const char *app_name = asd.get_odp_ctxt().get_app_info_mgr().get_app_name(tp_app_id);
+ appid_log(p, TRACE_DEBUG_LEVEL, "3rd party returned %s (%d)\n", app_name ? app_name : "unknown", tp_app_id);
process_third_party_results(*p, asd, tp_confidence, tp_proto_list, tp_attribute_data, change_bits);
if (!(asd.scan_flags & SCAN_SPOOFED_SNI_FLAG))
asd.set_tp_payload_app_id(*p, direction, tp_app_id, change_bits);
tp_app_id = portAppId;
- const char *app_name = asd.get_odp_ctxt().get_app_info_mgr().get_app_name(tp_app_id);
- appid_log(p, TRACE_DEBUG_LEVEL, "SSL is %s (%d)\n", app_name ? app_name : "unknown", tp_app_id);
+ const char *tp_app_name = asd.get_odp_ctxt().get_app_info_mgr().get_app_name(tp_app_id);
+ appid_log(p, TRACE_DEBUG_LEVEL, "SSL is %s (%d)\n", tp_app_name ? tp_app_name : "unknown", tp_app_id);
}
snort_app_id = APP_ID_SSL;
}
// arp_spoof module
//-------------------------------------------------------------------------
-ArpSpoofModule::ArpSpoofModule() :
- Module(MOD_NAME, MOD_HELP, s_params)
-{
- config = nullptr;
-}
+ArpSpoofModule::ArpSpoofModule() : Module(MOD_NAME, MOD_HELP, s_params)
+{ }
ArpSpoofModule::~ArpSpoofModule()
-{
- if ( config )
- delete config;
-}
+{ delete config; }
const RuleMap* ArpSpoofModule::get_rules() const
{ return s_rules; }
{ return INSPECT; }
private:
- ArpSpoofConfig* config;
- IPMacEntry host;
+ ArpSpoofConfig* config = nullptr;
+ IPMacEntry host = {};
};
#endif
static const IPMacEntry* LookupIPMacEntryByIP(const IPMacEntryList& ipmel, uint32_t ipv4_addr)
{
- for ( auto& p : ipmel )
- {
- if (p.ipv4_addr == ipv4_addr)
- return &p;
- }
- return nullptr;
+ auto it = std::find_if(ipmel.cbegin(), ipmel.cend(),
+ [ipv4_addr](const IPMacEntry& p){ return p.ipv4_addr == ipv4_addr; });
+ return (it != ipmel.cend()) ? &(*it) : nullptr;
}
static std::string to_hex_string(const uint8_t* data, size_t len)
};
Binder::Binder(std::vector<Binding>& bv, std::vector<Binding>& pbv)
-{
- bindings = std::move(bv);
- policy_bindings = std::move(pbv);
-}
+ : bindings(std::move(bv)), policy_bindings(std::move(pbv))
+{ }
Binder::~Binder()
{
void Binder::handle_packet(const Packet* pkt)
{
+ // cppcheck-suppress unreadVariable
Profile profile(bindPerfStats);
Stuff stuff;
else
{
// reset to wizard when service is not specified
- for (const Binding& b : bindings)
- {
- if (b.use.what == BindUse::BW_WIZARD)
- {
- ins = b.use.inspector;
- break;
- }
- }
+ auto it = std::find_if(bindings.cbegin(), bindings.cend(),
+ [](const Binding& b){ return b.use.what == BindUse::BW_WIZARD; });
+ if (it != bindings.cend())
+ ins = (*it).use.inspector;
if (flow.gadget)
flow.clear_gadget();
void Binder::handle_assistant_gadget(const char* service, Flow& flow)
{
+ // cppcheck-suppress unreadVariable
Profile profile(bindPerfStats);
Stuff stuff;
struct ExtOpt
{
- uint8_t next;
+ uint8_t next; // cppcheck-suppress unusedStructMember
uint8_t xlen;
uint8_t type;
uint8_t olen;
NormalizerConfig config;
};
-Normalizer::Normalizer(const NormalizerConfig& nc)
-{
- config = nc;
-}
+Normalizer::Normalizer(const NormalizerConfig& nc) : config(nc)
+{ }
// FIXIT-L this works with one normalizer per policy
// but would be better if binder could select
void Normalizer::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(norm_perf_stats);
if ( !p->is_rebuilt() && !p->active->packet_was_dropped() )
{
TestPacketTracer::thread_init();
// packet tracer is disabled by default
- CHECK(!TestPacketTracer::is_active());
+ CHECK(false == TestPacketTracer::is_active());
// enabled from user
TestPacketTracer::set_user_enable(true);
- CHECK(TestPacketTracer::is_user_enabled());
- CHECK(!TestPacketTracer::is_daq_enabled());
+ CHECK(true == TestPacketTracer::is_user_enabled());
+ CHECK(false == TestPacketTracer::is_daq_enabled());
// enabled from DAQ
TestPacketTracer::set_daq_enable(true);
- CHECK(TestPacketTracer::is_daq_enabled());
+ CHECK(true == TestPacketTracer::is_daq_enabled());
// disable DAQ enable
TestPacketTracer::set_daq_enable(false);
- CHECK(!TestPacketTracer::is_daq_enabled());
+ CHECK(false == TestPacketTracer::is_daq_enabled());
// user configuration remain enabled
- CHECK(TestPacketTracer::is_user_enabled());
+ CHECK(true == TestPacketTracer::is_user_enabled());
TestPacketTracer::thread_term();
}
// non-static variable
FILE* log_fh = stdout;
std::vector<bool> mutes;
- char buffer[max_buff_size];
+ char buffer[max_buff_size] = {0};
unsigned buff_len = 0;
- char daq_buffer[max_buff_size];
+ char daq_buffer[max_buff_size] = {0};
unsigned daq_buff_len = 0;
unsigned pause_count = 0;
bool shell_enabled = false;
bool active = false;
- char debug_session[PT_DEBUG_SESSION_ID_SIZE];
+ char debug_session[PT_DEBUG_SESSION_ID_SIZE] = {0};
PacketConstraints constraints;
// static functions
{
std::string section = section_names[i];
- for( auto& field : field_names[i] )
+ for( const auto& field : field_names[i] )
{
header += ",";
header += section;
FlowIPTracker::~FlowIPTracker()
{
- const XHashStats& stats = ip_map->get_stats();
- pmstats.flow_tracker_creates = stats.nodes_created;
- pmstats.flow_tracker_total_deletes = stats.memcap_deletes;
- pmstats.flow_tracker_prunes = stats.memcap_prunes;
+ const XHashStats& tmp_stats = ip_map->get_stats();
+ pmstats.flow_tracker_creates = tmp_stats.nodes_created;
+ pmstats.flow_tracker_total_deletes = tmp_stats.memcap_deletes;
+ pmstats.flow_tracker_prunes = tmp_stats.memcap_prunes;
delete ip_map;
}
if ( !value )
return;
- TrafficStats* stats = &value->traffic_stats[type];
+ TrafficStats* tmp_stats = &value->traffic_stats[type];
if ( !swapped )
{
- stats->packets_a_to_b++;
- stats->bytes_a_to_b += len;
+ tmp_stats->packets_a_to_b++;
+ tmp_stats->bytes_a_to_b += len;
}
else
{
- stats->packets_b_to_a++;
- stats->bytes_b_to_a += len;
+ tmp_stats->packets_b_to_a++;
+ tmp_stats->bytes_b_to_a += len;
}
value->total_packets++;
value->total_bytes += len;
}
}
- for ( auto &i : peg_names )
- {
- if ( !i.second )
+ std::for_each(peg_names.cbegin(), peg_names.cend(),
+ [this](const std::pair<const std::string, bool>& i)
{
- ParseWarning(WARN_CONF, "Perf monitor is unable to find %s.%s count\n",
- name.c_str(), i.first.c_str());
- }
- }
+ if (!i.second)
+ ParseWarning(WARN_CONF, "Perf monitor is unable to find %s.%s count\n",
+ name.c_str(), i.first.c_str());
+ });
}
name.clear();
peg_names.clear();
void PerfMonitor::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(perfmonStats);
if (p)
void PortScan::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(psPerfStats);
assert(p->ptrs.ip_api.is_ip());
void IpRepHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(reputation_perf_stats);
Packet* p = const_cast<Packet*>(event.get_packet());
assert(p);
void AuxiliaryIpRepHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(reputation_perf_stats);
ReputationData* data = static_cast<ReputationData*>(inspector.get_thread_specific_data());
assert(data);
return 0;
}
+ // cppcheck-suppress invalidTestForOverflow
if (total_lines + num_lines < total_lines)
{
ErrorMessage("Too many entries in one file.\n");
if ( rt->set_netbios_name(nb_name) )
{
- const auto& src_ip = p->ptrs.ip_api.get_src();
- const auto& src_ip_ptr = (const struct in6_addr*) src_ip->get_ip6_ptr();
- const auto& src_mac = layer::get_eth_layer(p)->ether_src;
+ const SfIp* src_ip = p->ptrs.ip_api.get_src();
+ const struct in6_addr* src_ip_ptr = (const struct in6_addr*) src_ip->get_ip6_ptr();
+ const uint8_t* src_mac = layer::get_eth_layer(p)->ether_src;
logger.log(RNA_EVENT_CHANGE, CHANGE_NETBIOS_NAME, src_ip_ptr, src_mac,
&rt, p, (uint32_t) packet_time(), 0, nullptr, nullptr, nullptr, nullptr, nullptr,
void RnaAppidEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.appid_change;
update_rna_pkt_stats(event);
void RnaIcmpBidirectionalEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.icmp_bidirectional;
update_rna_pkt_stats(event);
void RnaIcmpNewFlowEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.icmp_new;
update_rna_pkt_stats(event);
void RnaIpBidirectionalEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.ip_bidirectional;
update_rna_pkt_stats(event);
void RnaIpNewFlowEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.ip_new;
update_rna_pkt_stats(event);
void RnaTcpSynEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.tcp_syn;
update_rna_pkt_stats(event);
void RnaTcpSynAckEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.tcp_syn_ack;
update_rna_pkt_stats(event);
void RnaTcpMidstreamEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.tcp_midstream;
update_rna_pkt_stats(event);
void RnaUdpBidirectionalEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.udp_bidirectional;
update_rna_pkt_stats(event);
void RnaUdpNewFlowEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.udp_new;
update_rna_pkt_stats(event);
void RnaIdleEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.change_host_update;
update_rna_pkt_stats(event);
void RnaDHCPInfoEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.dhcp_info;
update_rna_pkt_stats(event);
void RnaDHCPDataEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.dhcp_data;
update_rna_pkt_stats(event);
void RnaFpSMBEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.smb;
update_rna_pkt_stats(event);
void RnaCPEOSInfoEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.cpe_os;
update_rna_pkt_stats(event);
void RnaNetFlowEventHandler::handle(DataEvent& event, Flow*)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.netflow_record;
update_rna_pkt_stats(event);
rna_stats.total_bytes_in_interval += p->pktlen;
}
-inline static void update_rna_pkt_stats(snort::DataEvent& event)
+inline static void update_rna_pkt_stats(const snort::DataEvent& event)
{
update_rna_pkt_stats(event.get_packet());
}
std::string dhcp55;
std::string dhcp60;
- uint16_t smb_major;
- uint16_t smb_minor;
- uint32_t smb_flags;
+ uint16_t smb_major = 0;
+ uint16_t smb_minor = 0;
+ uint32_t smb_flags = 0;
void clear()
{
}
static inline bool is_option_good(const int& optpos, const int& fp_optpos,
- uint8_t* optorder, uint8_t* fp_optorder)
+ const uint8_t* optorder, const uint8_t* fp_optorder)
{
if (optpos != fp_optpos)
return false;
}
static inline bool is_ts_good(const FpTcpKey& key, const vector<FpElement>& topts,
- const int& optpos, uint8_t* optorder, uint8_t* fp_optorder)
+ const int& optpos, const uint8_t* optorder, uint8_t* fp_optorder)
{
if (key.syn_timestamp)
return false;
static int get_tcp_option(const Packet* p, tcp::TcpOptCode opt_code, int& pos)
{
int maxops = (int) p->ptrs.tcph->options_len();
- if (maxops < 0 || TCP_OPTLENMAX < maxops)
+ if (TCP_OPTLENMAX < maxops)
{
pos = -1;
return -1;
rawfp.fpid = 1234;
rawfp.fp_type = 1;
rawfp.tcp_window = "SYN";
- CHECK( processor->push(rawfp) == true );
+ CHECK( true == processor->push(rawfp) );
// Testing the insertion failure for duplicate fpid
rawfp.fp_type = 2;
- CHECK( processor->push(rawfp) == false );
+ CHECK( false == processor->push(rawfp) );
processor->make_tcp_fp_tables(TcpFpProcessor::TCP_FP_MODE::SERVER);
processor->make_tcp_fp_tables(TcpFpProcessor::TCP_FP_MODE::CLIENT);
int pos;
// Check the default case when the desired option does not match
- CHECK( get_tcp_option(&p, tcp::TcpOptCode::EOL, pos) == -1 );
+ CHECK( -1 == get_tcp_option(&p, tcp::TcpOptCode::EOL, pos) );
// Check the case when NOP option is matched
cooked_pkt[54] = 1; // 34 + TCP_MIN_HEADER_LEN = 54
int initial_mss = -1;
int timestamp = -1;
int numopts = -1;
- uint8_t tcpopts[4];
+ uint8_t tcpopts[4] = {};
time_t timeout = -1;
bool set(const snort::Packet*);
auto cur_fp = (UaFingerprint*) id;
auto matched_parts = (vector<UaFingerprint*>*)data;
- for (const auto& fp : *matched_parts)
- if ( *fp == *cur_fp )
- return 0; // ignore already recorded matching part
-
- matched_parts->emplace_back(cur_fp);
- return 0; // search continues for the next match
+ if (std::none_of(matched_parts->cbegin(), matched_parts->cend(),
+ [cur_fp](const UaFingerprint* fp){ return *fp == *cur_fp; }))
+ matched_parts->emplace_back(cur_fp);
+ return 0;
}
struct CompareParts
#include "rna_fingerprint_udp.h"
+#include <algorithm>
#include <sstream>
#ifdef UNIT_TEST
uint32_t fptype = FpFingerprint::FpType::FP_TYPE_DHCP;
for (const auto& fp: dhcp_fps)
{
- if (fptype == fp.fp_type && fp.dhcp55.size() == key.dhcp55_len and
+ if (fptype == fp.fp_type and fp.dhcp55.size() == key.dhcp55_len and
match_dhcp_options(fp.dhcp55, key.dhcp55))
{
if (key.dhcp60 and !fp.dhcp60.empty())
return rt;
}
-void RNAFlow::set_server(RnaTracker& ht)
+void RNAFlow::set_server(const RnaTracker& ht)
{
rna_mutex.lock();
serverht = ht;
rna_mutex.unlock();
}
-void RNAFlow::set_client(RnaTracker& ht)
+void RNAFlow::set_client(const RnaTracker& ht)
{
rna_mutex.lock();
clientht = ht;
RnaTracker get_client(const snort::SfIp&);
RnaTracker get_tracker(const snort::Packet*, DiscoveryFilter&);
- void set_server(RnaTracker& ht);
- void set_client(RnaTracker& ht);
+ void set_server(const RnaTracker& ht);
+ void set_client(const RnaTracker& ht);
};
void RnaInspector::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.other_packets;
update_rna_pkt_stats(p);
RnaTracker ht;
uint8_t mac[6] = {0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6};
RnaLogger logger1(false);
- CHECK(logger1.log(0, 0, nullptr, mac, &ht, nullptr, 0, 0,
- nullptr, nullptr, nullptr, nullptr, nullptr) == false);
+ CHECK(false == logger1.log(0, 0, nullptr, mac, &ht, nullptr, 0, 0,
+ nullptr, nullptr, nullptr, nullptr, nullptr));
RnaLogger logger2(true);
- CHECK(logger2.log(0, 0, nullptr, mac, &ht, nullptr, 0, 0,
- nullptr, nullptr, nullptr, nullptr, nullptr) == true);
+ CHECK(true == logger2.log(0, 0, nullptr, mac, &ht, nullptr, 0, 0,
+ nullptr, nullptr, nullptr, nullptr, nullptr));
}
}
#endif
uint32_t event_time = 0;
uint16_t type;
uint16_t subtype;
- const struct in6_addr* ip;
+ const struct in6_addr* ip = nullptr;
const uint8_t* mac;
const RnaTracker* ht;
const snort::HostMac* hm;
{
lock_guard<mutex> lck(host_tracker_mac_lock);
- for ( const auto& proto : network_protos )
- if ( proto == type )
- return false;
+ if (std::any_of(network_protos.cbegin(), network_protos.cend(),
+ [type](uint16_t proto){ return proto == type; }))
+ return false;
network_protos.emplace_back(type);
return true;
a_ptr->get_vlan_details(cfi, priority, vid);
- CHECK(a_ptr->has_vlan());
+ CHECK(true == a_ptr->has_vlan());
CHECK(cfi == (ntohs(vth_pri_cfi_vlan) & 0x1000) >> 12);
CHECK(priority == (ntohs(vth_pri_cfi_vlan)) >> 13);
CHECK(vid == (ntohs(vth_pri_cfi_vlan) & 0x0FFF));
return true;
else if (v.is("substring"))
{
- const auto& ua_part = v.get_string();
+ const char* ua_part = v.get_string();
if ( !ua_part )
return false;
fingerprint.user_agent.emplace_back(ua_part);
snort::LogMessage("Error opening %s for dumping MAC cache", outfile);
}
- string str;
HostCacheMac* host_cache_mac = get_host_cache_mac();
assert(host_cache_mac);
const auto&& lru_data = host_cache_mac->get_all_data();
<< lru_data.size() << " trackers" << endl << endl;
for ( const auto& elem : lru_data )
{
- str = "MAC: ";
+ string str = "MAC: ";
str += format_dump_mac(elem.first.mac_addr);
str += "\n Key: " + to_string(hash_mac(elem.first.mac_addr));
elem.second->stringify(str);
RnaModule mod;
SnortConfig sc;
- CHECK_FALSE(mod.begin("dummy", 0, nullptr));
- CHECK(mod.end("rna", 0, nullptr) == false);
- CHECK(mod.begin("rna", 0, nullptr) == true);
+ CHECK(false == mod.begin("dummy", 0, nullptr));
+ CHECK(false == mod.end("rna", 0, nullptr));
+ CHECK(true == mod.begin("rna", 0, nullptr));
Value v1("rna.conf");
v1.set(Parameter::find(rna_params, "rna_conf_path"));
- CHECK(mod.set(nullptr, v1, nullptr) == true);
- CHECK(mod.end("rna", 0, &sc) == true);
+ CHECK(true == mod.set(nullptr, v1, nullptr));
+ CHECK(true == mod.end("rna", 0, &sc));
RnaModuleConfig* rc = mod.get_config();
CHECK(rc != nullptr);
SnortConfig sc;
sc.set_run_flags(RUN_FLAG__IP_FRAGS_ONLY);
- CHECK(sc.ip_frags_only() == true);
+ CHECK(true == sc.ip_frags_only());
- CHECK(mod.begin(RNA_NAME, 0, nullptr) == true);
- CHECK(mod.end(RNA_NAME, 0, &sc) == true);
- CHECK(sc.ip_frags_only() == false);
+ CHECK(true == mod.begin(RNA_NAME, 0, nullptr));
+ CHECK(true == mod.end(RNA_NAME, 0, &sc));
+ CHECK(false == sc.ip_frags_only());
delete mod.get_config();
}
SnortConfig sc;
sc.clear_run_flags(RUN_FLAG__TRACK_ON_SYN);
- CHECK(sc.track_on_syn() == false);
+ CHECK(false == sc.track_on_syn());
- CHECK(mod.begin(RNA_NAME, 0, nullptr) == true);
- CHECK(mod.end(RNA_NAME, 0, &sc) == true);
- CHECK(sc.track_on_syn() == true);
+ CHECK(true == mod.begin(RNA_NAME, 0, nullptr));
+ CHECK(true == mod.end(RNA_NAME, 0, &sc));
+ CHECK(true == sc.track_on_syn());
delete mod.get_config();
}
}
RnaPnd::RnaPnd(const bool en, const std::string& cp, RnaConfig* rc) :
- logger(RnaLogger(en)), filter(DiscoveryFilter(cp)), conf(rc)
-{
- update_timeout = (rc ? rc->update_timeout : 0);
-}
+ logger(RnaLogger(en)), filter(DiscoveryFilter(cp)), conf(rc), update_timeout(rc ? rc->update_timeout : 0)
+{ }
RnaPnd::~RnaPnd() = default;
namespace snort
{
-Module::Module(const char*, const char*, const Parameter*, bool) {}
+Module::Module(const char* s, const char*, const Parameter*, bool)
+ : name(s), help(nullptr), params(nullptr), list(false)
+{ }
bool TcpFingerprint::operator==(const TcpFingerprint&) const { return true; }
// inspector
} // end of namespace snort
static ControlConn s_ctrlcon(1, true);
-ControlConn::ControlConn(int, bool) {}
+ControlConn::ControlConn(int, bool) : shell(nullptr), fd(-1), touched(0)
+{}
ControlConn::~ControlConn() {}
#endif
TEST_GROUP(rna_ua_fp_processor_test)
{
- UaFpProcessor* ua_proc;
-
- void setup() override
- { ua_proc = new UaFpProcessor; }
-
- void teardown() override
- { delete ua_proc; }
+ UaFpProcessor ua_proc;
};
TEST(rna_ua_fp_processor_test, sequential_setup)
UaFingerprint fp;
fp.user_agent = "Pink ";
- ua_proc->push_agent(fp);
- ua_proc->make_mpse();
+ ua_proc.push_agent(fp);
+ ua_proc.make_mpse();
CHECK(s_prep_count == 1);
fp.user_agent = "Floyd";
- ua_proc->push_agent(fp);
- ua_proc->make_mpse(true);
+ ua_proc.push_agent(fp);
+ ua_proc.make_mpse(true);
CHECK(s_prep_count == 2);
CHECK(s_prep_data == "Pink Floyd");
UaFingerprint fp;
fp.user_agent = "Pink ";
- ua_proc->push_agent(fp);
+ ua_proc.push_agent(fp);
CHECK(s_prep_count == 0);
fp.user_agent = "Floyd";
- ua_proc->push_agent(fp);
- ua_proc->make_mpse(true);
+ ua_proc.push_agent(fp);
+ ua_proc.make_mpse(true);
CHECK(s_prep_count == 2);
CHECK(s_prep_data == "Pink Floyd");
- ua_proc->make_mpse();
+ ua_proc.make_mpse();
CHECK(s_prep_count == 2);
CHECK(s_prep_data == "Pink Floyd");
class SO_PUBLIC Active
{
public:
+ Active() = default;
+ ~Active() = default;
struct Counts
{
static THREAD_LOCAL bool s_suspend;
static THREAD_LOCAL ActiveSuspendReason s_suspend_reason;
- int active_tunnel_bypass;
- const char* drop_reason;
+ int active_tunnel_bypass = 0;
+ const char* drop_reason = nullptr;
// these can't be pkt flags because we do the handling
// of these flags following all processing and the drop
// or response may have been produced by a pseudopacket.
- ActiveStatus active_status;
- ActiveWouldReason active_would_reason;
- ActiveActionType active_action;
- ActiveActionType delayed_active_action;
- ActiveAction* delayed_reject; // set with set_delayed_action()
+ ActiveStatus active_status = AST_MAX;
+ ActiveWouldReason active_would_reason = WHD_EXIT;
+ ActiveActionType active_action = ACT_MAX;
+ ActiveActionType delayed_active_action = ACT_MAX;
+ ActiveAction* delayed_reject = nullptr; // set with set_delayed_action()
};
struct SO_PUBLIC ActiveSuspendContext
}
}
- for (SFDAQModuleConfig* dmc : cfg->module_configs)
+ if (std::any_of(cfg->module_configs.cbegin(), cfg->module_configs.cend(),
+ [](const SFDAQModuleConfig* dmc){ return !AddDaqModuleConfig(dmc); }))
{
- if (!AddDaqModuleConfig(dmc))
- {
- daq_config_destroy(daqcfg);
- daqcfg = nullptr;
- return false;
- }
+ daq_config_destroy(daqcfg);
+ daqcfg = nullptr;
+ return false;
}
/*
#include "sfdaq_config.h"
+#include <algorithm>
+
using namespace std;
static pair<string, string> parse_variable(const char* varkvp)
*/
SFDAQModuleConfig::SFDAQModuleConfig(const SFDAQModuleConfig& other)
-{
- name = other.name;
- mode = other.mode;
- variables = other.variables;
-}
+ : name(other.name), mode(other.mode), variables(other.variables)
+{ }
void SFDAQModuleConfig::set_variable(const char* varkvp)
{
for (SFDAQModuleConfig *dmc : module_configs)
delete dmc;
module_configs.clear();
- for (SFDAQModuleConfig *dmc : other->module_configs)
- module_configs.emplace_back(new SFDAQModuleConfig(*dmc));
+ module_configs.reserve(other->module_configs.size());
+ transform(other->module_configs.cbegin(), other->module_configs.cend(), back_inserter(module_configs),
+ [](const SFDAQModuleConfig* dmc){ return new SFDAQModuleConfig(*dmc); });
}
if (!other->inputs.empty())
{
// Empty module table entry should fail
CHECK(true == sfdm.begin("daq.modules", 1, &sc));
- CHECK_FALSE(sfdm.end("daq.modules", 1, &sc));
+ CHECK(false == sfdm.end("daq.modules", 1, &sc));
}
CHECK(true == sfdm.begin("daq.modules", 2, &sc));
std::string file;
unsigned line;
- Location(const char* c, const char* p, const char* f, unsigned u)
- { code = c; path = p; file = f; line = u; }
+ Location(const char* c, const char* p, const char* f, unsigned u) : code(c), path(p), file(f), line(u)
+ { }
};
static std::stack<Location> files;
{
SnortProtocolId svc_id = sc->proto_ref->add(svc_name);
- for ( const auto& si : otn->sigInfo.services )
- if ( si.snort_protocol_id == svc_id )
- return; // already added
+ if (std::any_of(otn->sigInfo.services.cbegin(), otn->sigInfo.services.cend(),
+ [svc_id](const SignatureServiceInfo& si){ return si.snort_protocol_id == svc_id; }))
+ return; // already added
SignatureServiceInfo si(svc_name, svc_id);
otn->sigInfo.services.emplace_back(si);
{
int res = parse_int("10 ", "test");
- CHECK(res == 10);
+ CHECK((res == 10));
}
SECTION("not a number")
int res = parse_int(data, "test");
- CHECK(res == 65535);
+ CHECK((res == 65535));
CHECK(errno == ERANGE);
}
int res = parse_int(data, "test");
- CHECK(res == -65535);
+ CHECK((res == -65535));
CHECK(errno == ERANGE);
}
{
int res = parse_int("1", "test", 2, 3);
- CHECK(res == 2);
+ CHECK((res == 2));
}
SECTION("above the limit")
{
int res = parse_int("4", "test", 2, 3);
- CHECK(res == 3);
+ CHECK((res == 3));
}
}
struct PolicyRuleStats
{
- const char* file;
- int loaded;
- int shared;
- int enabled;
+ const char* file = nullptr;
+ int loaded = 0;
+ int shared = 0;
+ int enabled = 0;
};
//-------------------------------------------------------------------------
var_modifier = var_name[p+1];
var_aux = var_name.substr(p+2);
}
- var_name = var_name.substr(0, p);
+ var_name.resize(p);
}
std::string var_contents = VarSearch(var_name);
{
case '-':
if (var_contents.empty())
- var_contents = var_aux.c_str();
+ var_contents = var_aux;
break;
case '?':
TEST_GROUP(payload_injector_translate_test)
{
- uint8_t* http2_payload;
- uint32_t payload_len;
- InjectionReturnStatus status;
+ uint8_t* http2_payload; // cppcheck-suppress unusedVariable
+ uint32_t payload_len; // cppcheck-suppress unusedVariable
+ InjectionReturnStatus status; // cppcheck-suppress unusedVariable
};
TEST(payload_injector_translate_test, basic_hdr_translation)
};
AddressSpaceSelector::AddressSpaceSelector(const PolicySelectorApi* api_in,
- std::vector<AddressSpaceSelection>& psv) : PolicySelector(api_in)
+ std::vector<AddressSpaceSelection>& psv) : PolicySelector(api_in), policy_selections(std::move(psv))
{
- policy_selections = std::move(psv);
for (auto i = policy_selections.rbegin(); i != policy_selections.rend(); ++i)
{
std::sort((*i).addr_spaces.begin(), (*i).addr_spaces.end());
bool AddressSpaceSelector::select_default_policies(uint32_t key, const SnortConfig* sc)
{
+ // cppcheck-suppress unreadVariable
Profile profile(address_space_selectPerfStats);
address_space_select_stats.packets++;
};
TenantSelector::TenantSelector(const PolicySelectorApi* api_in, std::vector<TenantSelection>& psv)
- : PolicySelector(api_in)
+ : PolicySelector(api_in), policy_selections(std::move(psv))
{
- policy_selections = std::move(psv);
for (auto i = policy_selections.rbegin(); i != policy_selections.rend(); ++i)
{
std::sort((*i).tenants.begin(), (*i).tenants.end());
bool TenantSelector::select_default_policies(uint32_t key, const SnortConfig* sc)
{
+ // cppcheck-suppress unreadVariable
Profile profile(tenant_select_perf_stats);
tenant_select_stats.packets++;
RuleGroup::~RuleGroup()
{
for ( int sect = snort::PS_NONE; sect <= snort::PS_MAX; sect++)
- for ( auto* it : pm_list[sect] )
+ for ( const auto* it : pm_list[sect] )
delete it;
delete_nfp_rules();
node != nullptr && k < (int)rh->get_count();
node = rh->find_next() )
{
- if ( int* prid = (int*)node->data )
+ if ( const int* prid = (int*)node->data )
ra[k++] = *prid;
}
active.get_fallback() = fallback;
- CHECK( !active.is_set() );
+ CHECK( false == active.is_set() );
CHECK( active.get() == nullptr );
CHECK( active.get_default() == fallback );
CHECK( active.get_default() == fallback );
CHECK( active.set(&a) == nullptr );
- CHECK( active.is_set() );
+ CHECK( true == active.is_set() );
CHECK( active.get() == &a );
CHECK( active.get_default() == a );
CHECK( active.set(&b) == &a );
- CHECK( active.is_set() );
+ CHECK( true == active.is_set() );
CHECK( active.get() == &b );
CHECK( active.get_default() == b );
}
#include "profiler.h"
#include <cassert>
+#include <numeric>
#include "framework/module.h"
#include "main/snort_config.h"
auto children = root.get_children();
hr_duration runtime = root.get_stats().time.elapsed;
- hr_duration sum = 0_ticks;
s_profiler_nodes.clear_flex();
- for ( auto pn : children )
- sum += pn->get_stats().time.elapsed;
+ hr_duration sum = std::accumulate(children.cbegin(), children.cend(), 0_ticks,
+ [](const hr_duration& s, const ProfilerNode* pn){ return s + pn->get_stats().time.elapsed; });
otherPerfStats.time.checks = root.get_stats().time.checks;
otherPerfStats.time.elapsed = (runtime > sum) ? (runtime - sum) : 0_ticks;
}
void ProfilerNode::reset(ProfilerType type)
-{
+{
if ( is_set() )
{
auto* local_stats = (*getter)();
static ProfilerNode find_node(const ProfilerNodeMap& tree, const std::string& name)
{
for ( const auto& it : tree )
+ {
if ( it.first == name )
return it.second;
+ }
return ProfilerNode("");
}
ProfileStats* get_stats() { return stats; }
void set_stats(ProfileStats* ps) { stats = ps; }
- bool get_multi() { return multi; }
void set_multi(bool b) { multi = b; }
ProfileStats* get_profile() const override
{
RulePause pause(ctx);
- CHECK_FALSE( ctx.active() );
+ CHECK( false == ctx.active() );
}
- CHECK( ctx.active() );
+ CHECK( true == ctx.active() );
RuleContext::set_enabled(false);
}
{
{
TimeContext ctx(stats);
- CHECK( ctx.active() );
+ CHECK( true == ctx.active() );
CHECK( stats.ref_count == 0 );
}
{
{
TimeContext ctx(stats);
- CHECK( ctx.active() );
+ CHECK( true == ctx.active() );
CHECK( stats.ref_count == 0 );
ctx.stop();
- CHECK( ctx.active() );
+ CHECK( true == ctx.active() );
CHECK( stats.ref_count == 0 );
}
{
{
TimeContext ctx(stats);
- CHECK( ctx.active() );
+ CHECK( true == ctx.active() );
CHECK( stats.ref_count == 1 );
}
{
{
TimeContext ctx(stats);
- CHECK( ctx.active() );
+ CHECK( true == ctx.active() );
CHECK( stats.ref_count == 1 );
ctx.stop();
- CHECK_FALSE( ctx.active() );
+ CHECK( false == ctx.active() );
CHECK( stats.ref_count == 0 );
}
return 0;
}
-static inline bool is_loopback(uint32_t addr)
-{ return (addr >> 24) == 0x7F; }
-
-static bool is_loopback(const snort_in6_addr* const ip)
-{
- const uint32_t* p = ip->u6_addr32;
-
- /* Check the first 64 bits in an IPv6 address, and
- verify they're zero. If not, it's not a loopback */
- if (p[0] || p[1])
- return false;
-
- /* Check if the 3rd 32-bit int is zero */
- if ( p[2] == 0 )
- {
- /* ::7F00:0/104 is ipv4 compatible ipv6 */
- /* ::1 is the IPv6 loopback */
- return ( (ip->u6_addr8[12] == 0x7F) || (ntohl(p[3]) == 0x1) );
- }
-
- /* Check the 3rd 32-bit int for a mapped IPv4 address */
- if ( ntohl(p[2]) == 0xffff )
- {
- /* ::ffff:127.0.0.0/104 is IPv4 loopback mapped over IPv6 */
- return ( ip->u6_addr8[12] == 0x7F );
- }
- return false;
-}
-
-bool IpApi::is_src_loopback() const
-{
- switch ( type )
- {
- case IAT_4: return is_loopback(ntohl(((const IP4Hdr*)iph)->get_src()));
- case IAT_6: return is_loopback(((const IP6Hdr*)iph)->get_src());
- default: break;
- }
- return false;
-}
-
-// true if the current source address ia the loopback address
-bool IpApi::is_dst_loopback() const
-{
- switch ( type )
- {
- case IAT_4: return ((ntohl(((const IP4Hdr*)iph)->get_dst())) >> 24) == 0x7F;
- case IAT_6: return is_loopback(((const IP6Hdr*)iph)->get_dst());
- default: break;
- }
- return false;
-}
} // namespace ip
} // namespace snort
uint16_t pay_len() const;
// return the ip_len field in host byte order
uint16_t actual_ip_len() const;
- // true if the current source address ia the loopback address
- bool is_src_loopback() const;
- // true if the current source address ia the loopback address
- bool is_dst_loopback() const;
// overloaded == operators.
friend bool operator==(const IpApi& lhs, const IpApi& rhs);
uint8_t ver() const;
private:
- SfIp src;
- SfIp dst;
- const void* iph;
- Type type;
+ SfIp src = {};
+ SfIp dst = {};
+ const void* iph = nullptr;
+ Type type = IAT_NONE;
};
} // namespace ip
void set_packet_pointer(const Packet* const p)
{ curr_pkt = p; }
-const uint8_t* get_inner_layer(const Packet* p, ProtocolId prot_id)
-{ return find_inner_layer(p->layers, p->num_layers, prot_id); }
-
-const uint8_t* get_outer_layer(const Packet* p, ProtocolId prot_id)
-{ return find_outer_layer(p->layers, p->num_layers, prot_id); }
-
const arp::EtherARP* get_arp_layer(const Packet* const p)
{
uint8_t num_layers = p->num_layers;
find_inner_layer(lyr, num_layers, ProtocolId::GRE));
}
-const eapol::EtherEapol* get_eapol_layer(const Packet* const p)
-{
- uint8_t num_layers = p->num_layers;
- const Layer* lyr = p->layers;
-
- return reinterpret_cast<const eapol::EtherEapol*>(
- find_inner_layer(lyr, num_layers, ProtocolId::ETHERTYPE_EAPOL));
-}
-
const Layer* get_mpls_layer(const Packet* const p)
{
uint8_t num_layers = p->num_layers;
SO_PUBLIC const uint8_t* get_root_layer(const Packet* const);
-SO_PUBLIC const uint8_t* get_inner_layer(const Packet*, ProtocolId proto);
-SO_PUBLIC const uint8_t* get_outer_layer(const Packet*, ProtocolId proto);
-
SO_PUBLIC const arp::EtherARP* get_arp_layer(const Packet*);
SO_PUBLIC const cisco_meta_data::CiscoMetaDataHdr* get_cisco_meta_data_layer(const Packet* const);
-SO_PUBLIC const eapol::EtherEapol* get_eapol_layer(const Packet*);
SO_PUBLIC const eth::EtherHdr* get_eth_layer(const Packet*);
SO_PUBLIC const geneve::GeneveLyr* get_geneve_layer(const Packet*, bool inner);
SO_PUBLIC const gre::GREHdr* get_gre_layer(const Packet*);
pkt = new uint8_t[Codec::PKT_MAX];
}
- obfuscator = nullptr;
- endianness = nullptr;
active_inst = new Active();
- action_inst = nullptr;
reset();
}
Packet& operator=(const Packet&) = delete;
Flow* flow; /* for session tracking */
- Endianness* endianness;
- Obfuscator* obfuscator;
+ Endianness* endianness = nullptr;
+ Obfuscator* obfuscator = nullptr;
uint32_t packet_flags; /* special flags for the packet */
uint32_t xtradata_mask;
PduSection sect;
// nothing after this point is zeroed by reset() ...
- IpsContext* context;
- Active* active;
+ IpsContext* context = nullptr;
+ Active* active = nullptr;
Active* active_inst;
- ActiveAction** action;
- ActiveAction* action_inst;
+ ActiveAction** action = nullptr;
+ ActiveAction* action_inst = nullptr;
DAQ_Msg_h daq_msg; // DAQ message this packet came from
- SFDAQInstance* daq_instance; // DAQ instance the message came from
+ SFDAQInstance* daq_instance = nullptr; // DAQ instance the message came from
// Everything beyond this point is set by PacketManager::decode()
const DAQ_PktHdr_t* pkth; // packet meta data
const uint8_t* pkt; // raw packet data
- uint32_t pktlen; // raw packet data length
+ uint32_t pktlen = 0; // raw packet data length
// These are both set before PacketManager::decode() returns
- const uint8_t* data; /* packet payload pointer */
- uint16_t dsize; /* packet payload size */
+ const uint8_t* data = nullptr; /* packet payload pointer */
+ uint16_t dsize = 0; /* packet payload size */
DecodeData ptrs; // convenience pointers used throughout Snort++
Layer* layers; /* decoded encapsulations */
- PseudoPacketType pseudo_type; // valid only when PKT_PSEUDO is set
+ PseudoPacketType pseudo_type = PSEUDO_PKT_MAX; // valid only when PKT_PSEUDO is set
uint64_t user_inspection_policy_id;
uint64_t user_ips_policy_id;
typedef std::bitset<APPID_MAX_BIT> AppidChangeBits;
-inline void change_bits_to_string(AppidChangeBits& change_bits, std::string& str)
+inline void change_bits_to_string(const AppidChangeBits& change_bits, std::string& str)
{
size_t n = change_bits.count();
return alpn;
}
- void set_alpn(std::vector<std::string>& alpn_vec)
+ void set_alpn(const std::vector<std::string>& alpn_vec)
{
if(alpn_vec.size())
alpn = alpn_vec;
using namespace snort;
using namespace std;
-SipEvent::SipEvent(const Packet* p, const SIPMsg* msg, const SIP_DialogData* dialog)
-{
- this->p = p;
- this->msg = msg;
- this->dialog = dialog;
-
- from_len = msg->fromLen;
- from = msg->from;
- user_name_len = msg->userNameLen;
- user_name = msg->userName;
- user_agent_len = msg->userAgentLen;
- user_agent = msg->userAgent;
- server_len = msg->serverLen;
- server = msg->server;
-}
+SipEvent::SipEvent(const Packet* p, const SIPMsg& msg, const SIP_DialogData* dialog) :
+ p(p),
+ msg(msg),
+ dialog(dialog),
+ from(msg.from),
+ from_len(msg.fromLen),
+ user_name(msg.userName),
+ user_name_len(msg.userNameLen),
+ user_agent(msg.userAgent),
+ user_agent_len(msg.userAgentLen),
+ server(msg.server),
+ server_len(msg.serverLen)
+{ }
SipEvent::~SipEvent()
{
}
bool SipEvent::is_invite() const
-{ return msg->methodFlag == SIP_METHOD_INVITE; }
+{ return msg.methodFlag == SIP_METHOD_INVITE; }
bool SipEvent::is_media_updated() const
-{ return msg->mediaUpdated; }
+{ return msg.mediaUpdated; }
bool SipEvent::has_dialog() const
{ return dialog; }
class SipEvent : public snort::DataEvent
{
public:
- SipEvent(const snort::Packet*, const SIPMsg*, const SIP_DialogData*);
+ SipEvent(const snort::Packet*, const SIPMsg&, const SIP_DialogData*);
~SipEvent() override;
const snort::Packet* get_packet() const override
private:
const snort::Packet* p;
- const SIPMsg* msg;
+ const SIPMsg& msg;
const SIP_DialogData* dialog;
const char* from = nullptr;
using namespace snort;
-Packet::Packet(bool) { }
+Packet::Packet(bool)
+ : flow(nullptr), packet_flags(0), xtradata_mask(0), proto_bits(0), alt_dsize(0), num_layers(0),
+ disable_inspect(true), sect(PS_NONE), active_inst(nullptr), pkth(nullptr), pkt(nullptr), layers(nullptr),
+ user_inspection_policy_id(0), user_ips_policy_id(0), user_network_policy_id(0), vlan_idx(0),
+ ts_packet_flags(0), allocated(false)
+{ }
Packet::~Packet() = default;
TEST_GROUP(pub_sub_eve_process_event_test)
source_id(source_id_),
version_id(VERS__NOT_PRESENT),
method_id(METH__NOT_PRESENT),
- tcp_close(false)
-{}
+ tcp_close(false),
+ request(nullptr),
+ status(nullptr)
+{
+ memset(header, 0, sizeof(header));
+ memset(trailer, 0, sizeof(trailer));
+}
void HttpMsgSection::update_depth() const{}
bool HttpMsgSection::run_detection(snort::Packet*) { return true; }
return 0;
}
-void acsmx2_print_qinfo()
-{
-}
-
/*
* Full format DFA search
* Do not change anything here without testing, caching and prefetching
int acsmPrintDetailInfo2(ACSM_STRUCT2*);
int acsmPrintSummaryInfo2();
-void acsmx2_print_qinfo();
void acsm_init_summary();
#endif
return p;
}
-void bnfaSetCase(bnfa_struct_t* p, int flag)
-{
- if ( flag == BNFA_PER_PAT_CASE )
- p->bnfaCaseMode = flag;
- if ( flag == BNFA_CASE )
- p->bnfaCaseMode = flag;
- if ( flag == BNFA_NOCASE )
- p->bnfaCaseMode = flag;
-}
-
/*
* Fee all memory
*/
bnfa_struct_t* bnfaNew(const MpseAgent*);
-void bnfaSetCase(bnfa_struct_t* p, int flag);
void bnfaFree(bnfa_struct_t* pstruct);
int bnfaAddPattern(
std::stringstream ss;
- for ( auto& p : pvector )
+ for ( const auto& p : pvector )
ss << p.pat << p.flags;
std::string str = ss.str();
TEST_GROUP(search_tool_full)
{
Module* mod = nullptr;
- SearchTool* stool;
+ SearchTool* stool; // cppcheck-suppress variableScope
const MpseApi* mpse_api = (const MpseApi*)se_hyperscan;
void setup() override
{
- mod = mpse_api->base.mod_ctor();
+ mod = mpse_api->base.mod_ctor(); // cppcheck-suppress unreadVariable
stool = new SearchTool;
CHECK(stool->mpsegrp->normal_mpse);
void setup() override
{
CHECK(se_hyperscan);
- mod = mpse_api->base.mod_ctor();
+ mod = mpse_api->base.mod_ctor(); // cppcheck-suppress unreadVariable
hs = mpse_api->ctor(snort_conf, nullptr, &s_agent);
CHECK(hs);
hits = 0;
{
CHECK(se_hyperscan);
- mod = mpse_api->base.mod_ctor();
+ mod = mpse_api->base.mod_ctor(); // cppcheck-suppress unreadVariable
hs1 = mpse_api->ctor(snort_conf, nullptr, &s_agent);
CHECK(hs1);
void setup() override
{
CHECK(se_hyperscan);
- mod = mpse_api->base.mod_ctor();
+ mod = mpse_api->base.mod_ctor(); // cppcheck-suppress unreadVariable
hs1 = mpse_api->ctor(snort_conf, nullptr, nullptr);
hs2 = mpse_api->ctor(snort_conf, nullptr, nullptr);
CHECK(hs1);
{ return snort_conf; }
SnortConfig::SnortConfig(const SnortConfig* const, const char*)
-{
- state = &s_state;
- num_slots = 1;
- fast_pattern_config = new FastPatternConfig();
-}
+ : daq_config(nullptr), fast_pattern_config(new FastPatternConfig()), state(&s_state), num_slots(1),
+ thread_config(nullptr)
+{ }
SnortConfig::~SnortConfig() = default;
FastPatternConfig::FastPatternConfig()
{ search_api = get_test_api(); }
-const char* FastPatternConfig::get_search_method()
+const char* FastPatternConfig::get_search_method() const
{ return search_api ? search_api->base.name : nullptr; }
using namespace snort;
TEST_GROUP(search_tool_full)
{
- SearchTool* stool;
+ SearchTool* stool; // cppcheck-suppress variableScope
void setup() override
{
*/
static int BoGetDirection(Packet* p, const char* pkt_data)
{
- uint32_t len = 0;
- uint32_t id = 0;
- uint32_t l, i;
- char type;
- char plaintext;
-
/* Check for the default port on either side */
if ( p->ptrs.dp == BO_DEFAULT_PORT )
{
/* Didn't find default port, so look for ping packet */
+ uint32_t len = 0;
+
/* Get length from BO header - 32 bit int */
- for ( i = 0; i < 4; i++ )
+ for ( uint32_t i = 0; i < 4; i++ )
{
- plaintext = (char)(*pkt_data ^ BoRand());
- l = (uint32_t)plaintext;
+ char plaintext = (char)(*pkt_data ^ BoRand());
+ uint32_t l = (uint32_t)plaintext;
len += l << (8*i);
pkt_data++;
}
/* Get ID from BO header - 32 bit int */
- for ( i = 0; i < 4; i++ )
- {
- plaintext = (char)(*pkt_data ^ BoRand() );
- l = ((uint32_t)plaintext) & 0x000000FF;
- id += l << (8*i);
- pkt_data++;
- }
+ pkt_data += 4;
/* Do more len checking */
}
/* Continue parsing BO header */
- type = (char)(*pkt_data ^ BoRand());
+ char type = (char)(*pkt_data ^ BoRand());
pkt_data++;
/* check to make sure we don't run off end of packet */
}
char buf1[BO_BUF_SIZE];
- for (i=0; i<len; i++ ) /* start at 0 to advance the BoRand() function properly */
+ for (uint32_t i=0; i<len; i++ ) /* start at 0 to advance the BoRand() function properly */
{
buf1[i] = (char)(pkt_data[i] ^ BoRand());
void BackOrifice::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(boPerfStats);
const char* const magic_cookie = "*!*QWTY?";
static void publish_data_to_appId(Packet* packet, CipCurrentData& current_data)
{
- CipEventData cip_event_data;
+ CipEventData cip_event_data = {};
CipEvent cip_event(packet, &cip_event_data);
bool publish_appid = true;
static void snort_cip(CipProtoConf* config, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_perf_stats);
if (p->has_tcp_data() && !p->is_full_pdu())
{
if (unconnected_list->list[i].slot_active)
{
+ // cppcheck-suppress unreadVariable
TIMERSUB(timestamp, &unconnected_list->list[i].timestamp, ×tamp_diff);
// Round up to the nearest whole second.
{
if (connection_list->list[i].slot_active)
{
+ // cppcheck-suppress unreadVariable
TIMERSUB(timestamp, &connection_list->list[i].ot_timestamp, &ot_timestamp_diff);
+ // cppcheck-suppress unreadVariable
TIMERSUB(timestamp, &connection_list->list[i].to_timestamp, &to_timestamp_diff);
// If either OT or TO connection timeouts have been exceeded, remove the connection
return valid;
}
-void set_unconnected_timeout(uint32_t unconnected_timeout)
-{
- f_unconnected_timeout_ms = unconnected_timeout;
-}
-
const EnipSessionData* enip_data,
CipRequestType* request_type);
-// Set timeout (milliseconds) to use for unconnected messages that don't have a built-in timeout.
-void set_unconnected_timeout(uint32_t unconnected_timeout);
-
#endif // CIP_SESSION_H
class CipAttributeOption : public IpsOption
{
public:
- CipAttributeOption(const RangeCheck& v) : IpsOption(s_name)
- { cip_attr = v; }
+ CipAttributeOption(const RangeCheck& v) : IpsOption(s_name), cip_attr(v)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus CipAttributeOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_attribute_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
class CipClassOption : public IpsOption
{
public:
- CipClassOption(const RangeCheck& v) : IpsOption(s_name)
- { cip_class = v; }
+ CipClassOption(const RangeCheck& v) : IpsOption(s_name), cip_class(v)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus CipClassOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_class_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
class CipConnpathclassOption : public IpsOption
{
public:
- CipConnpathclassOption(const RangeCheck& v) : IpsOption(s_name)
- { cip_cpc = v; }
+ CipConnpathclassOption(const RangeCheck& v) : IpsOption(s_name), cip_cpc(v)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus CipConnpathclassOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_connpathclass_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
class CipEnipCommandOption : public IpsOption
{
public:
- CipEnipCommandOption(const RangeCheck& v) : IpsOption(s_name)
- { cip_enip_cmd = v; }
+ CipEnipCommandOption(const RangeCheck& v) : IpsOption(s_name), cip_enip_cmd(v)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus CipEnipCommandOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_enipcommand_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
IpsOption::EvalStatus CipEnipreqOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_enipreq_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
IpsOption::EvalStatus CipEnipRspOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_eniprsp_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
class CipInstanceOption : public IpsOption
{
public:
- CipInstanceOption(const RangeCheck& v) : IpsOption(s_name)
- { cip_inst = v; }
+ CipInstanceOption(const RangeCheck& v) : IpsOption(s_name), cip_inst(v)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus CipInstanceOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_instance_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
IpsOption::EvalStatus CipReqOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_req_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
IpsOption::EvalStatus CipRspOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_rsp_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
class CipServiceOption : public IpsOption
{
public:
- CipServiceOption(const RangeCheck& v) : IpsOption(s_name)
- { cip_serv = v; }
+ CipServiceOption(const RangeCheck& v) : IpsOption(s_name), cip_serv(v)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus CipServiceOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_service_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
class CipStatusOption : public IpsOption
{
public:
- CipStatusOption(const RangeCheck& v) : IpsOption(s_name)
- { cip_status = v; }
+ CipStatusOption(const RangeCheck& v) : IpsOption(s_name), cip_status(v)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus CipStatusOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(cip_status_perf_stats);
if ( !p->flow || !p->is_full_pdu() )
DceHttpProxySplitter* splitter = new DceHttpProxySplitter(true);
uint32_t fp;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"RPC", 3, PKT_FROM_CLIENT, &fp) ==
StreamSplitter::SEARCH);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
DceHttpProxySplitter* splitter = new DceHttpProxySplitter(true);
uint32_t fp;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"RPC", 3, 0, &fp) == StreamSplitter::ABORT);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"xxx", 1, PKT_FROM_CLIENT, &fp) ==
StreamSplitter::ABORT);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"RPC", 3, PKT_FROM_CLIENT, &fp) ==
StreamSplitter::SEARCH);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"R", 1, PKT_FROM_CLIENT, &fp) ==
StreamSplitter::ABORT);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
StreamSplitter::SEARCH);
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"_CON", 4, PKT_FROM_CLIENT, &fp) ==
StreamSplitter::SEARCH);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
REQUIRE(fp == strlen(HTTP_PROXY_REQUEST));
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"0", 1, PKT_FROM_CLIENT, &fp) ==
StreamSplitter::FLUSH);
- REQUIRE(splitter->cutover_inspector() == true);
+ REQUIRE(true == splitter->cutover_inspector());
delete splitter;
}
REQUIRE(fp == strlen(HTTP_PROXY_REQUEST));
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"0", 1, PKT_FROM_CLIENT, &fp) ==
StreamSplitter::FLUSH);
- REQUIRE(splitter->cutover_inspector() == true);
+ REQUIRE(true == splitter->cutover_inspector());
delete splitter;
delete[] string;
}
DceHttpProxySplitter* splitter = new DceHttpProxySplitter(false);
uint32_t fp;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"xxx", 3, PKT_FROM_SERVER, &fp) ==
StreamSplitter::ABORT);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
DceHttpProxySplitter* splitter = new DceHttpProxySplitter(false);
uint32_t fp = 0;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"HTTP/1.xxx\n\n", 12,
PKT_FROM_SERVER, &fp) == StreamSplitter::FLUSH);
REQUIRE((fp == 12));
- REQUIRE(splitter->cutover_inspector() == true);
+ REQUIRE(true == splitter->cutover_inspector());
delete splitter;
}
DceHttpProxySplitter* splitter = new DceHttpProxySplitter(false);
uint32_t fp = 0;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"HTTP/1.xxx\nxx\n\n", 15,
PKT_FROM_SERVER, &fp) == StreamSplitter::FLUSH);
REQUIRE((fp == 15));
- REQUIRE(splitter->cutover_inspector() == true);
+ REQUIRE(true == splitter->cutover_inspector());
delete splitter;
}
TEST_CASE("DceHttpProxySplitter-scan - good_3_proxy_response", "[http_proxy_splitter]")
DceHttpProxySplitter* splitter = new DceHttpProxySplitter(false);
uint32_t fp = 0;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"HTTP/1.xxx\nxx\n\nyyy", 18,
PKT_FROM_SERVER, &fp) == StreamSplitter::FLUSH);
REQUIRE((fp == 18));
- REQUIRE(splitter->cutover_inspector() == true);
+ REQUIRE(true == splitter->cutover_inspector());
delete splitter;
}
DceHttpProxySplitter* splitter = new DceHttpProxySplitter(false);
uint32_t fp;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"HTTP/1.xxx\nx\n", 13, PKT_FROM_SERVER, &fp) ==
StreamSplitter::SEARCH);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
DceHttpProxySplitter* splitter = new DceHttpProxySplitter(false);
uint32_t fp;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"HTTP/1.xxx\nx", 12, PKT_FROM_SERVER, &fp) ==
StreamSplitter::SEARCH);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
DceHttpProxySplitter* splitter = new DceHttpProxySplitter(false);
uint32_t fp;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"HTTP/1.", 7, PKT_FROM_SERVER, &fp) ==
StreamSplitter::SEARCH);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
DceHttpServerSplitter* splitter = new DceHttpServerSplitter(false);
uint32_t fp;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"n", 1, PKT_FROM_SERVER, &fp) ==
StreamSplitter::SEARCH);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
DceHttpServerSplitter* splitter = new DceHttpServerSplitter(false);
uint32_t fp;
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"n", 1, PKT_FROM_CLIENT, &fp) ==
StreamSplitter::ABORT);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"x", 1, PKT_FROM_SERVER, &fp) ==
StreamSplitter::ABORT);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"n", 1, PKT_FROM_SERVER, &fp) ==
StreamSplitter::SEARCH);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"n", 1, PKT_FROM_SERVER, &fp) ==
StreamSplitter::ABORT);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
StreamSplitter::SEARCH);
REQUIRE(splitter->scan(nullptr, (const uint8_t*)"c", 1, PKT_FROM_SERVER, &fp) ==
StreamSplitter::SEARCH);
- REQUIRE(splitter->cutover_inspector() == false);
+ REQUIRE(false == splitter->cutover_inspector());
delete splitter;
}
REQUIRE(splitter->scan(nullptr, (const uint8_t*)HTTP_SERVER_MARKER,
strlen(HTTP_SERVER_MARKER), PKT_FROM_SERVER, &fp) == StreamSplitter::FLUSH);
REQUIRE(fp == strlen(HTTP_SERVER_MARKER));
- REQUIRE(splitter->cutover_inspector() == true);
+ REQUIRE(true == splitter->cutover_inspector());
delete splitter;
}
REQUIRE(splitter->scan(nullptr, (const uint8_t*)string,
strlen(string), PKT_FROM_SERVER, &fp) == StreamSplitter::FLUSH);
REQUIRE(fp == strlen(HTTP_SERVER_MARKER));
- REQUIRE(splitter->cutover_inspector() == true);
+ REQUIRE(true == splitter->cutover_inspector());
delete splitter;
}
void Dce2SmbInspector::eval(Packet* p)
{
+ Profile profile(dce2_smb_pstat_main); // cppcheck-suppress unreadVariable
+
DCE2_SmbSsnData* dce2_smb_sess = nullptr;
DCE2_Smb2SsnData* dce2_smb2_sess = nullptr;
DCE2_SmbVersion smb_version = DCE2_SMB_VERSION_NULL;
- Profile profile(dce2_smb_pstat_main);
if (p == nullptr)
return;
SMB_DEBUG(dce_smb_trace, DEFAULT_TRACE_OPTION_ID, TRACE_DEBUG_LEVEL,
nullptr, "File tracker with file id: 0x%" PRIx64 " tracker terminating\n", file_id);
auto all_conn_trackers = str->conn_trackers.get_all_entry();
- for ( auto& h : all_conn_trackers )
+ for ( const auto& h : all_conn_trackers )
{
if (h.second->ftracker_tcp)
{
nullptr, "Session tracker 0x%" PRIx64 " terminating\n", session_id);
removeSessionFromAllConnection();
auto all_tree_trackers = tree_trackers.get_all_entry();
- for ( auto& h : all_tree_trackers )
+ for ( const auto& h : all_tree_trackers )
{
removeTtracker(h.first);
}
return session_ptr;
}
-inline bool DCE2_SmbSessionCacheRemove(Smb2SidHashKey& key)
+inline bool DCE2_SmbSessionCacheRemove(const Smb2SidHashKey& key)
{
return smb2_session_cache->remove(key);
}
using namespace snort;
-Dce2TcpFlowData::Dce2TcpFlowData() : FlowData(inspector_id)
+Dce2TcpFlowData::Dce2TcpFlowData() : FlowData(inspector_id)
{
dce2_tcp_stats.concurrent_sessions++;
if (dce2_tcp_stats.max_concurrent_sessions < dce2_tcp_stats.concurrent_sessions)
void Dce2Tcp::eval(Packet* p)
{
DCE2_TcpSsnData* dce2_tcp_sess;
+ // cppcheck-suppress unreadVariable
Profile profile(dce2_tcp_pstat_main);
assert(p->has_tcp_data());
{ return true; }
private:
- dce2TcpProtoConf config;
+ dce2TcpProtoConf config = {};
};
void print_dce2_tcp_conf(const dce2TcpProtoConf& config);
//-------------------------------------------------------------------------
// class stuff
//-------------------------------------------------------------------------
-Dce2UdpFlowData::Dce2UdpFlowData() : FlowData(inspector_id)
+Dce2UdpFlowData::Dce2UdpFlowData() : FlowData(inspector_id)
{
dce2_udp_stats.concurrent_sessions++;
if (dce2_udp_stats.max_concurrent_sessions < dce2_udp_stats.concurrent_sessions)
};
Dce2Udp::Dce2Udp(const dce2UdpProtoConf& pc) : config(pc)
-{
-}
+{ }
void Dce2Udp::show(const SnortConfig*) const
{
void Dce2Udp::eval(Packet* p)
{
DCE2_UdpSsnData* dce2_udp_sess;
+ // cppcheck-suppress unreadVariable
Profile profile(dce2_udp_pstat_main);
assert(p->flow);
const snort::TraceOption* get_trace_options() const override;
private:
- dce2UdpProtoConf config;
+ dce2UdpProtoConf config = {};
};
void print_dce2_udp_conf(const dce2UdpProtoConf&);
return DCE2_RET__SUCCESS;
}
-const char* DCE2_UuidToStr(
- const Uuid* uuid, DceRpcBoFlag byte_order, char (& uuid_buf)[50])
-{
- snprintf(uuid_buf, DCE2_UUID_BUF_SIZE,
- "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
- DceRpcHtonl(&uuid->time_low, byte_order),
- DceRpcHtons(&uuid->time_mid, byte_order),
- DceRpcHtons(&uuid->time_high_and_version, byte_order),
- uuid->clock_seq_and_reserved, uuid->clock_seq_low,
- uuid->node[0], uuid->node[1], uuid->node[2],
- uuid->node[3], uuid->node[4], uuid->node[5]);
-
- uuid_buf[DCE2_UUID_BUF_SIZE - 1] = '\0';
- return uuid_buf;
-}
-
DCE2_Buffer* DCE2_BufferNew(uint32_t initial_size, uint32_t min_add_size)
{
DCE2_Buffer* buf = (DCE2_Buffer*)snort_calloc(sizeof(DCE2_Buffer));
uint32_t, uint32_t, DCE2_BufferMinAddFlag);
void DCE2_BufferDestroy(DCE2_Buffer* buf);
-#define DCE2_UUID_BUF_SIZE 50
-const char* DCE2_UuidToStr(
- const Uuid*, DceRpcBoFlag, char (& buf)[DCE2_UUID_BUF_SIZE]);
-
// Determines if the character passed in is a character that
// the inspector considers a to be a space character.
inline bool DCE2_IsSpaceChar(const char c)
IpsOption::EvalStatus Dce2IfaceOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(dce2_iface_perf_stats);
if (p->dsize == 0)
IpsOption::EvalStatus Dce2OpnumOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(dce2_opnum_perf_stats);
if (p->dsize == 0)
IpsOption::EvalStatus Dce2StubDataOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(dce2_stub_data_perf_stats);
if (p->dsize == 0)
void Dnp3::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(dnp3_perf_stats);
assert (p->has_tcp_data() || p->has_udp_data());
struct dnp3_reassembly_data_t
{
- uint8_t buffer[DNP3_BUFFER_SIZE];
+ uint8_t buffer[DNP3_BUFFER_SIZE] = {0};
uint16_t buflen = 0;
dnp3_reassembly_state_t state = DNP3_REASSEMBLY_STATE__IDLE;
uint8_t last_seq = 0;
void get_data(dnp3ProtoConf&);
private:
- dnp3ProtoConf config;
+ dnp3ProtoConf config = {};
};
#endif
IpsOption::EvalStatus Dnp3DataOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(dnp3_data_perf_stats);
if ((p->has_tcp_data() && !p->is_full_pdu()) || !p->flow || !p->dsize)
IpsOption::EvalStatus Dnp3FuncOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(dnp3_func_perf_stats);
if ((p->has_tcp_data() && !p->is_full_pdu()) || !p->flow || !p->dsize)
{ return DETECT; }
public:
- uint16_t func;
+ uint16_t func = 0;
};
ProfileStats* Dnp3FuncModule::get_profile() const
IpsOption::EvalStatus Dnp3IndOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(dnp3_ind_perf_stats);
if ((p->has_tcp_data() && !p->is_full_pdu()) || !p->flow || !p->dsize)
{ return DETECT; }
public:
- uint16_t flags;
+ uint16_t flags = 0;
};
bool Dnp3IndModule::set(const char*, Value& v, SnortConfig*)
IpsOption::EvalStatus Dnp3ObjOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(dnp3_obj_perf_stats);
size_t header_size;
{ return DETECT; }
public:
- uint8_t group;
- uint8_t var;
+ uint8_t group = 0;
+ uint8_t var = 0;
};
bool Dnp3ObjModule::begin(const char*, int, SnortConfig*)
if ( !--bytes_unused )
return 0;
}
- dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_RDLENGTH;
// Fall through
case DNS_RESP_STATE_RR_RDLENGTH:
static void snort_dns(Packet* p, const DnsConfig* dns_config)
{
+ // cppcheck-suppress unreadVariable
Profile profile(dnsPerfStats);
// For TCP, do a few extra checks...
static int SnortFTP(
FTP_SESSION* FTPsession, Packet* p, int iInspectMode)
{
+ // cppcheck-suppress unreadVariable
Profile profile(ftpPerfStats);
if ( !FTPsession || !FTPsession->server_conf || !FTPsession->client_conf )
void FtpData::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(ftpdataPerfStats);
// precondition - what we registered for
FtpClientModule::FtpClientModule() :
Module(FTP_CLIENT_NAME, ftp_client_help, ftp_client_params)
-{
- conf = nullptr;
-}
+{ }
FtpClientModule::~FtpClientModule()
{
return true;
}
-BounceTo::BounceTo(const string& a, Port l, Port h)
-{
- address = a;
- low = l;
- high = h;
-}
+BounceTo::BounceTo(const string& a, Port l, Port h) : address(a), low(l), high(h)
+{ }
const BounceTo* FtpClientModule::get_bounce(unsigned idx)
{
if ( strcmp(fqn, "ftp_client.bounce_to") )
return true;
- if ( idx && !strcmp(fqn, "ftp_client.bounce_to") )
+ if ( idx )
{
if ( address.empty() || (last_port && (port > last_port)) )
{
// server stuff
//-------------------------------------------------------------------------
-FtpCmd::FtpCmd(const std::string& key, uint32_t flg, int num)
-{
- name = key;
- flags = flg;
- number = num;
-}
+FtpCmd::FtpCmd(const std::string& key, uint32_t flg, int num) : name(key), flags(flg), number(num)
+{ }
FtpCmd::FtpCmd(const std::string& key, const std::string& fmt, int num)
+ : name(key), format(fmt), flags(CMD_VALID), number(0)
{
- name = key;
- format = fmt;
-
- flags = CMD_VALID;
- number = 0;
-
if ( num >= 0 )
{
number = num;
FtpServerModule::FtpServerModule() :
Module(FTP_SERVER_NAME, ftp_server_help, ftp_server_params)
-{
- conf = nullptr;
-}
+{ }
FtpServerModule::~FtpServerModule()
{
if ( !idx && !strcmp(fqn, "ftp_server") )
{
cmds.emplace_back(new FtpCmd("PROT", CMD_PROT, 0));
- for( auto cmd : cmds)
- {
- if ( FTPP_SUCCESS != ProcessFTPDataChanCmdsList(conf, cmd) )
- return false;
- }
- return true;
+ return std::none_of(cmds.cbegin(), cmds.cend(),
+ [this](const FtpCmd* cmd)
+ { return FTPP_SUCCESS != ProcessFTPDataChanCmdsList(conf, cmd); });
}
if ( !strcmp(fqn, "ftp_server.cmd_validity") )
{ return true; }
private:
- FTP_CLIENT_PROTO_CONF* conf;
+ FTP_CLIENT_PROTO_CONF* conf = nullptr;
std::vector<BounceTo*> bounce_to;
std::string address;
- Port port, last_port;
+ Port port = 0;
+ Port last_port = 0;
};
//-------------------------------------------------------------------------
void add_commands(snort::Value&, uint32_t flags, int num = 0);
private:
- FTP_SERVER_PROTO_CONF* conf;
+ FTP_SERVER_PROTO_CONF* conf = nullptr;
std::vector<FtpCmd*> cmds;
std::string names;
std::string format;
- int number;
+ int number = 0;
};
#endif
DetectionEngine::get_alt_buffer(p).len = 0;
}
-const uint8_t* get_telnet_buffer(Packet* p, unsigned& len)
-{
- const DataBuffer& buf = DetectionEngine::get_alt_buffer(p);
- len = buf.len;
- return len ? buf.data : nullptr;
-}
-
int normalize_telnet(
TELNET_SESSION* tnssn, Packet* p, DataBuffer& buf,
int iMode, char ignoreEraseCmds, bool on_ftp_channel)
TELNET_SESSION*, snort::Packet*, DataBuffer&, int iMode, char ignoreEraseCmd, bool on_ftp_channel);
void reset_telnet_buffer(snort::Packet*);
-const uint8_t* get_telnet_buffer(snort::Packet*, unsigned&);
#endif
static int SnortTelnet(TELNET_PROTO_CONF* telnet_config, TELNET_SESSION* Telnetsession,
Packet* p, int iInspectMode)
{
+ // cppcheck-suppress unreadVariable
Profile profile(telnetPerfStats);
if ( !Telnetsession )
class GtpInspect : public Inspector
{
public:
- GtpInspect(std::vector<GtpStuff>&);
+ GtpInspect(const std::vector<GtpStuff>&);
void eval(Packet*) override;
GTPConfig config;
};
-GtpInspect::GtpInspect(std::vector<GtpStuff>& v)
+GtpInspect::GtpInspect(const std::vector<GtpStuff>& v)
{
for ( unsigned i = 0; i < v.size(); ++i )
{
- GtpStuff& gs = v[i];
+ const GtpStuff& gs = v[i];
if ( gs.length < 0 )
{
void GtpInspect::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(gtp_inspect_prof);
// preconditions - what we registered for
struct GtpStuff
{
std::string name;
- int version;
- int type;
- int length;
+ int version = 0;
+ int type = 0;
+ int length = 0;
};
class GtpInspectModule : public snort::Module
IpsOption::EvalStatus GtpInfoOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(gtp_info_prof);
if ( !p or !p->flow )
{ return DETECT; }
public:
- uint8_t types[MAX_GTP_VERSION_CODE + 1];
+ uint8_t types[MAX_GTP_VERSION_CODE + 1] = {0};
};
bool GtpInfoModule::set_types(long t)
class GtpTypeOption : public IpsOption
{
public:
- GtpTypeOption(ByteBitSet*);
+ GtpTypeOption(const ByteBitSet*);
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
ByteBitSet types[MAX_GTP_VERSION_CODE + 1];
};
-GtpTypeOption::GtpTypeOption(ByteBitSet* t) : IpsOption(s_name)
+GtpTypeOption::GtpTypeOption(const ByteBitSet* t) : IpsOption(s_name)
{
for ( int v = 0; v <= MAX_GTP_VERSION_CODE; ++v )
types[v] = t[v];
IpsOption::EvalStatus GtpTypeOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(gtp_type_prof);
if ( !p or !p->flow )
IpsOption::EvalStatus GtpVersionOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(gtp_ver_prof);
if ( !p->flow )
{ return DETECT; }
public:
- uint8_t version;
+ uint8_t version = 0;
};
bool GtpVersionModule::set(const char*, Value& v, SnortConfig*)
const HttpCommon::SourceId source_id;
// total per frame - scan
- uint32_t data_len;
+ uint32_t data_len = 0;
// accumulating - scan
uint32_t frame_bytes_seen = 0;
uint32_t bytes_sent_http = 0;
- uint32_t data_bytes_read;
+ uint32_t data_bytes_read = 0;
// total per frame - reassemble
- uint32_t reassemble_data_len;
+ uint32_t reassemble_data_len = 0;
// accumulating - reassemble
uint32_t reassemble_bytes_sent = 0;
uint32_t reassemble_hdr_bytes_read = 0;
Http2Stream* Http2FlowData::find_stream(const uint32_t key)
{
- for (Http2Stream& stream : streams)
- {
- if (stream.get_stream_id() == key)
- return &stream;
- }
-
- return nullptr;
+ auto it = std::find_if(streams.begin(), streams.end(),
+ [key](const Http2Stream &stream){ return stream.get_stream_id() == key; });
+ return (it != streams.end()) ? &(*it) : nullptr;
}
Http2Stream* Http2FlowData::get_processing_stream(const SourceId source_id, uint32_t concurrent_streams_limit)
return nullptr;
uint32_t dlen;
- const uint8_t* data = get_frame_data(dlen);
- if (!data or (hlen + dlen > UINT16_MAX))
+ const uint8_t* frame_data = get_frame_data(dlen);
+ if (!frame_data or (hlen + dlen > UINT16_MAX))
return nullptr;
length = (uint16_t)(hlen + dlen);
uint8_t* pdu = new uint8_t[length];
memcpy(pdu, header.start(), hlen);
if (dlen)
- memcpy(&pdu[hlen], data, dlen);
+ memcpy(&pdu[hlen], frame_data, dlen);
pdu[0] = (dlen >> 16) & 0xff;
pdu[1] = (dlen >> 8) & 0xff;
void cleanup();
private:
- Http2StartLine* start_line;
- bool pseudo_headers_allowed;
+ Http2StartLine* start_line = nullptr;
+ bool pseudo_headers_allowed = false;
uint8_t* decoded_headers = nullptr; // working buffer to store decoded headers
Http2FlowData* session_data;
Http2EventGen* const events;
void Http2Inspect::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(Http2Module::get_profile_stats());
const SourceId source_id = p->is_from_client() ? SRC_CLIENT : SRC_SERVER;
if (bad_frame)
fprintf(output, " Error in settings frame.");
else if (FLAG_ACK & get_flags())
- fprintf(output, " ACK, Header Table Size: %d.",
+ fprintf(output, " ACK, Header Table Size: %u.",
session_data->connection_settings[1 - source_id].get_param(SFID_HEADER_TABLE_SIZE));
else
fprintf(output, " Parameters in current frame - %d.", (data.length()/6)) ;
{
public:
~Http2ConnectionSettingsQueue() { delete queue; }
- auto size() { return queue ? queue->size() : 0; }
+ auto size() const { return queue ? queue->size() : 0; }
bool extend(Http2ConnectionSettings& item) { return size() ? extend() : init(item); }
void pop();
auto& front() { assert(size()); return queue->front(); }
StreamSplitter::Status Http2StreamSplitter::scan(Packet* pkt, const uint8_t* data, uint32_t length,
uint32_t, uint32_t* flush_offset)
{
+ // cppcheck-suppress unreadVariable
Profile profile(Http2Module::get_profile_stats());
Flow* const flow = pkt->flow;
const StreamBuffer Http2StreamSplitter::reassemble(Flow* flow, unsigned total, unsigned offset,
const uint8_t* data, unsigned len, uint32_t flags, unsigned& copied)
{
+ // cppcheck-suppress unreadVariable
Profile profile(Http2Module::get_profile_stats());
copied = len;
IpsOption::EvalStatus Http2IpsOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(Http2CursorModule::http2_ps[psi]);
if (!p->flow || !p->flow->gadget)
Http2EventGen events;
Http2Infractions inf;
Http2HpackStringDecode* const decode = new Http2HpackStringDecode();
- Http2HpackIntDecode decode_int7{7};
+ Http2HpackIntDecode decode_int7{7}; // cppcheck-suppress unreadVariable
void teardown() override
{
if (infractions[source_id] != nullptr)
return infractions[source_id];
assert(transaction[source_id] != nullptr);
- assert(transaction[source_id]->get_infractions(source_id) != nullptr);
- return transaction[source_id]->get_infractions(source_id);
+ HttpInfractions* tmp_infractions = transaction[source_id]->get_infractions(source_id);
+ assert(nullptr != tmp_infractions);
+ return tmp_infractions;
}
void HttpFlowData::finish_hx_body(HttpCommon::SourceId source_id, HttpCommon::HXBodyState state,
void HttpInspect::eval(Packet* p, SourceId source_id, const uint8_t* data, uint16_t dsize)
{
+ // cppcheck-suppress unreadVariable
Profile profile(HttpModule::get_profile_stats());
HttpFlowData* session_data = http_get_flow_data(p->flow);
void HttpInspect::clear(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(HttpModule::get_profile_stats());
HttpFlowData* const session_data = http_get_flow_data(p->flow);
const uint32_t xtra_host_id;
const uint32_t xtra_jsnorm_id;
- unsigned pub_id; // for inspection events
+ unsigned pub_id = 0; // for inspection events
};
#endif
if (true_ip_addr.length() != STAT_NOT_COMPUTE)
return true_ip_addr;
- const Field& true_ip = get_true_ip();
- if (true_ip.length() <= 0)
+ const Field& tmp_true_ip = get_true_ip();
+ if (tmp_true_ip.length() <= 0)
{
true_ip_addr.set(STAT_NOT_PRESENT);
return true_ip_addr;
{
KeyValue* fields = query_kv[query_index];
- Field& key = fields->key;
- Field& value = fields->value;
+ const Field& key = fields->key;
+ const Field& value = fields->value;
++query_index;
{
KeyValue* fields = body_kv[body_index];
- Field& key = fields->key;
- Field& value = fields->value;
+ const Field& key = fields->key;
+ const Field& value = fields->value;
++body_index;
add_infraction(INF_BAD_VERSION);
create_event(EVENT_BAD_VERS);
}
- else if ((version.start()[5] > '1') && (version.start()[5] <= '9'))
+ else if ((version.start()[5] > '1'))
{
version_id = VERS__OTHER;
add_infraction(INF_VERSION_HIGHER_THAN_1);
#include "http_msg_trailer.h"
+#include <array>
+
#include "http_api.h"
#include "http_common.h"
#include "http_enum.h"
void HttpMsgTrailer::gen_events()
{
// Trailers not allowed by RFC 7230
- static const HeaderId bad_trailer[] =
+ static const std::array<HeaderId, 27> bad_trailer =
{
HEAD_AGE,
HEAD_AUTHORIZATION,
HEAD_WWW_AUTHENTICATE
};
- for (HeaderId id: bad_trailer)
+ if (std::any_of(bad_trailer.cbegin(), bad_trailer.cend(),
+ [this](HeaderId id){ return get_header_count(id) > 0; }))
{
- if (get_header_count(id) > 0)
- {
- add_infraction(INF_ILLEGAL_TRAILER);
- create_event(EVENT_ILLEGAL_TRAILER);
- break;
- }
+ add_infraction(INF_ILLEGAL_TRAILER);
+ create_event(EVENT_ILLEGAL_TRAILER);
}
}
uint8_t* const norm_value = new uint8_t[buffer_length];
uint8_t* const temp_space = new uint8_t[buffer_length];
+ // cppcheck-suppress uninitdata
uint8_t* const norm_start = (num_normalizers%2 == 0) ? norm_value : temp_space;
uint8_t* working = norm_start;
int32_t data_length = 0;
return norm;
}
-const Field& NormalizedHeader::get_comma_separated_raw(HttpMsgHeadShared& msg_head,
+const Field& NormalizedHeader::get_comma_separated_raw(const HttpMsgHeadShared& msg_head,
HttpInfractions* infractions, HttpEventGen* events, const HttpEnums::HeaderId header_name_id[],
const Field header_value[], const int32_t num_headers)
{
const Field& get_norm(HttpInfractions* infractions, HttpEventGen* events,
const HttpEnums::HeaderId header_name_id[], const Field header_value[],
const int32_t num_headers);
- const Field& get_comma_separated_raw(HttpMsgHeadShared& msg_head, HttpInfractions* infractions,
+ const Field& get_comma_separated_raw(const HttpMsgHeadShared& msg_head, HttpInfractions* infractions,
HttpEventGen* events, const HttpEnums::HeaderId header_name_id[], const Field header_value[],
const int32_t num_headers);
const uint8_t* norm_buffer;
unsigned norm_buffer_len;
- unsigned index;
+ unsigned index = 0;
static const unsigned MAX_REPEAT_PARAMS = 100;
bool HttpStreamSplitter::finish(Flow* flow)
{
+ // cppcheck-suppress unreadVariable
Profile profile(HttpModule::get_profile_stats());
HttpFlowData* session_data = HttpInspect::http_get_flow_data(flow);
void HttpStreamSplitter::prep_partial_flush(Flow* flow, uint32_t num_flush)
{
+ // cppcheck-suppress unreadVariable
Profile profile(HttpModule::get_profile_stats());
HttpFlowData* session_data = HttpInspect::http_get_flow_data(flow);
const StreamBuffer HttpStreamSplitter::reassemble(Flow* flow, unsigned total,
unsigned, const uint8_t* data, unsigned len, uint32_t flags, unsigned& copied)
{
+ // cppcheck-suppress unreadVariable
Profile profile(HttpModule::get_profile_stats());
copied = len;
StreamSplitter::Status HttpStreamSplitter::scan(Flow* flow, const uint8_t* data, uint32_t length,
uint32_t* flush_offset)
{
- Profile profile(HttpModule::get_profile_stats());
+ Profile profile(HttpModule::get_profile_stats()); // cppcheck-suppress unreadVariable
// This is the session state information we share with HttpInspect and store with stream. A
// session is defined by a TCP connection. Since scan() is the first to see a new TCP
private:
FILE* test_data_file;
// FIXIT-E Figure out how big this buf needs to be and revise value
- uint8_t msg_buf[2][2 * HttpEnums::MAX_OCTETS];
+ uint8_t msg_buf[2][2 * HttpEnums::MAX_OCTETS] = {{0}, {0}};
std::queue<uint32_t> segments[2];
FILE* include_file[2] = { nullptr, nullptr };
{ return DETECT; }
protected:
- snort::PduSection pdu_section;
+ snort::PduSection pdu_section = snort::PduSection::PS_NONE;
const HttpEnums::HTTP_RULE_OPT rule_opt_index;
const char* const key;
- uint64_t sub_id;
+ uint64_t sub_id = 0;
private:
friend class HttpIpsOption;
const snort::CursorActionType cat;
- uint64_t form;
+ uint64_t form = 0;
};
class HttpIpsOption : public snort::IpsOption
// URI related params. These affect the sub_id while parsed.
// These values are saved to alert on conflicts, only used by ::end
- bool scheme;
- bool host;
- bool port;
- bool path;
- bool query;
- bool fragment;
+ bool scheme = false;
+ bool host = false;
+ bool port = false;
+ bool path = false;
+ bool query = false;
+ bool fragment = false;
};
class HttpBufferIpsOption : public HttpIpsOption
IpsOption::EvalStatus HttpRangeIpsOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(ps);
const HttpInspect* const hi = eval_helper(p);
IpsOption::EvalStatus HttpParamIpsOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(HttpParamRuleOptModule::http_param_ps);
const HttpInspect* const hi = eval_helper(p);
else
is_numeric = NV_FALSE;
- const bool absent_passed = !absent || (absent && is_absent);
+ const bool absent_passed = !absent || is_absent;
const bool numeric_passed = (numeric == NumericValue::NV_UNDEFINED) ||
(is_numeric == numeric);
const bool range_passed = !check.is_set() || (is_numeric == NV_TRUE && check.eval(num));
IpsOption::EvalStatus HttpTestIpsOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(HttpTestRuleOptModule::http_test_ps[idx]);
const HttpInspect* const hi = eval_helper(p);
static THREAD_LOCAL std::array<snort::ProfileStats, TEST_PSI_MAX> http_test_ps;
const TestPsIdx idx;
snort::RangeCheck check;
- enum NumericValue numeric;
- bool absent;
+ enum NumericValue numeric = NV_UNDEFINED;
+ bool absent = false;
};
class HttpTestIpsOption : public HttpIpsOption
IpsOption::EvalStatus HttpVersionIpsOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(HttpVersionRuleOptModule::http_version_ps);
const HttpInspect* const hi = eval_helper(p);
TEST_GROUP(get_next_code)
{
enum Color { COLOR_OTHER=1, COLOR_GREEN, COLOR_BLUE, COLOR_RED, COLOR_YELLOW, COLOR_PURPLE };
- int32_t offset = 0;
+ int32_t offset = 0; // cppcheck-suppress unreadVariable
+ // cppcheck-suppress unreadVariable
const StrCode color_table[6] =
{
{ COLOR_GREEN, "green" },
{
// Stubs whose sole purpose is to make the test code link
unsigned FlowData::flow_data_id = 0;
-FlowData::FlowData(unsigned, Inspector*) {}
+FlowData::FlowData(unsigned, Inspector*) : next(nullptr), prev(nullptr), handler(nullptr), id(0)
+{}
FlowData::~FlowData() = default;
int DetectionEngine::queue_event(unsigned int, unsigned int) { return 0; }
fd_status_t File_Decomp_StopFree(fd_session_t*) { return File_Decomp_OK; }
void setup() override
{
- uri_param.percent_u = true;
- uri_param.iis_unicode = true;
- uri_param.utf8_bare_byte = true;
- uri_param.iis_double_decode = true;
- uri_param.backslash_to_slash = true;
+ uri_param.percent_u = true; // cppcheck-suppress unreadVariable
+ uri_param.iis_unicode = true; // cppcheck-suppress unreadVariable
+ uri_param.utf8_bare_byte = true; // cppcheck-suppress unreadVariable
+ uri_param.iis_double_decode = true; // cppcheck-suppress unreadVariable
+ uri_param.backslash_to_slash = true; // cppcheck-suppress unreadVariable
}
};
void Iec104::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(iec104_prof);
// preconditions - what we registered for
IpsOption::EvalStatus Iec104ApciTypeOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(iec104_apci_type_prof);
if (!p->flow)
IpsOption::EvalStatus Iec104AsduFuncOption::eval(Cursor&, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(iec104_asdu_func_prof);
if (!p->flow)
void Imap::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(imapPerfStats);
// precondition - what we registered for
IpsOption::EvalStatus MmsDataOption::eval(Cursor& c, Packet* p)
{
+ // cppcheck-suppress unreadVariable
RuleProfile profile(mms_data_prof);
if (!p->flow)
void Mms::eval(Packet* p)
{
+ // cppcheck-suppress unreadVariable
Profile profile(mms_prof);
// preconditions - what we registered for
struct OsiSessionSpduSessionRequirement
{
OsiSessionSpduParameterHdr param_hdr;
- uint16_t flags;
+ uint16_t flags; // cppcheck-suppress unusedStructMember
};
// overlay the appropriate struct
struct OsiSessionSpduCallingSessionSelector
{
OsiSessionSpduParameterHdr param_hdr;
- uint16_t calling_session_selector;
+ uint16_t calling_session_selector; // cppcheck-suppress unusedStructMember
};
// overlay the appropriate struct
struct OsiSessionSpduCalledSessionSelector
{
OsiSessionSpduParameterHdr param_hdr;
- uint16_t called_session_selector;
+ uint16_t called_session_selector; // cppcheck-suppress unusedStructMember
};
// overlay the appropriate struct
// if it turns out not to be a partial it will get caught on the
// next loop
const uint8_t tpkt_version = *(c->start());
- if (tpkt_version == 0x03 and remaining_bytes > 0x00 and remaining_bytes < sizeof(TpktHdr))
+ if (tpkt_version == 0x03 and remaining_bytes < sizeof(TpktHdr))
{
return TPKT_ENCAP_LAYER_SEARCH_STATE__PARTIAL;
}
IpsOption::EvalStatus ModbusDataOption::eval(Cursor& c, Packet* p)
{
- RuleProfile profile(modbus_data_prof);
+ RuleProfile profile(modbus_data_prof); // cppcheck-suppress unreadVariable
if ( !p->flow )
return NO_MATCH;
IpsOption::EvalStatus ModbusFuncOption::eval(Cursor&, Packet* p)
{
- RuleProfile profile(modbus_func_prof);
+ RuleProfile profile(modbus_func_prof); // cppcheck-suppress unreadVariable
if ( !p->flow )
return NO_MATCH;
{ return DETECT; }
public:
- uint8_t func;
+ uint8_t func = 0;
};
bool ModbusFuncModule::set(const char*, Value& v, SnortConfig*)
IpsOption::EvalStatus ModbusUnitOption::eval(Cursor&, Packet* p)
{
- RuleProfile profile(modbus_unit_prof);
+ RuleProfile profile(modbus_unit_prof); // cppcheck-suppress unreadVariable
if ( !p->flow )
return NO_MATCH;
{ return DETECT; }
public:
- uint8_t unit;
+ uint8_t unit = 0;
};
bool ModbusUnitModule::set(const char*, Value& v, SnortConfig*)
void Modbus::eval(Packet* p)
{
- Profile profile(modbus_prof);
+ Profile profile(modbus_prof); // cppcheck-suppress unreadVariable
// preconditions - what we registered for
assert(p->has_tcp_data());
struct modbus_header_t
{
/* MBAP Header */
- uint16_t transaction_id;
+ uint16_t transaction_id; // cppcheck-suppress unusedStructMember
uint16_t protocol_id;
- uint16_t length;
+ uint16_t length; // cppcheck-suppress unusedStructMember
uint8_t unit_id;
/* PDU Start */
for( auto const & address : addr )
{
- for( auto const& rule : rules->exclude )
- {
- if ( rule.filter_match(address, zone) )
- return match_vec;
- }
+ if (std::any_of(rules->exclude.cbegin(), rules->exclude.cend(),
+ [address, zone](const NetFlowRule& rule){ return rule.filter_match(address, zone); }))
+ return match_vec;
}
for( auto const & address : addr )
{
std::sort(dump_cache->begin(), dump_cache->end(), IpCompare());
- std::string str;
SfIpString ip_str;
uint32_t i = 0;
for (auto& elem : *dump_cache)
{
NetFlowSessionRecord& record = elem.second;
- str = "NetFlow Record #";
+ std::string str = "NetFlow Record #";
str += std::to_string(++i);
str += "\n";
void NetFlowModule::parse_service_id_file(const std::string& serv_id_file_path)
{
- std::string serv_line;
std::ifstream serv_id_file;
serv_id_file.open(serv_id_file_path);
if ( serv_id_file.is_open() )
{
+ std::string serv_line;
while ( std::getline(serv_id_file, serv_line) )
{
std::stringstream ss(serv_line);
bool filter_match(const snort::SfIp* ip, const int zone) const
{
- bool zone_match = false;
- if ( zones.empty() )
- zone_match = true;
- else
- {
- for( int z : zones)
- {
- if ( z == NETFLOW_ANY_ZONE or z == zone )
- {
- zone_match = true;
- break;
- }
- }
- }
- if ( !zone_match )
+ if ( !zones.empty()
+ and std::none_of(zones.cbegin(), zones.cend(),
+ [zone](int z){ return z == NETFLOW_ANY_ZONE or z == zone; }))
return false;
- if ( networks.empty() )
- return true;
- for( auto const &net : networks )
- if ( net.contains(ip) == SFIP_CONTAINS )
- return true;
-
- return false;
+ return networks.empty()
+ or std::any_of(networks.cbegin(), networks.cend(),
+ [ip](const snort::SfCidr& net){ return SFIP_CONTAINS == net.contains(ip);});
}
std::vector <snort::SfCidr> networks;
void Pop::eval(Packet* p)
{
- Profile profile(popPerfStats);
+ Profile profile(popPerfStats); // cppcheck-suppress unreadVariable
// precondition - what we registered for
assert(p->has_tcp_data());
*/
void RpcDecode::eval(Packet* p)
{
- Profile profile(rpcdecodePerfStats);
+ Profile profile(rpcdecodePerfStats); // cppcheck-suppress unreadVariable
// preconditions - what we registered for
assert(p->has_tcp_data());
IpsOption::EvalStatus S7commplusContentOption::eval(Cursor& c, Packet* p)
{
- RuleProfile profile(s7commplus_content_prof);
+ RuleProfile profile(s7commplus_content_prof); // cppcheck-suppress unreadVariable
if ( !p->flow )
return NO_MATCH;
IpsOption::EvalStatus S7commplusFuncOption::eval(Cursor&, Packet* p)
{
- RuleProfile profile(s7commplus_func_prof);
+ RuleProfile profile(s7commplus_func_prof); // cppcheck-suppress unreadVariable
if ( !p->flow )
return NO_MATCH;
public:
//uint8_t func;
- uint16_t func;
+ uint16_t func = 0;
};
bool S7commplusFuncModule::set(const char*, Value& v, SnortConfig*)
IpsOption::EvalStatus S7commplusOpcodeOption::eval(Cursor&, Packet* p)
{
- RuleProfile profile(s7commplus_opcode_prof);
+ RuleProfile profile(s7commplus_opcode_prof); // cppcheck-suppress unreadVariable
if ( !p->flow )
return NO_MATCH;
{ return DETECT; }
public:
- uint8_t opcode;
+ uint8_t opcode = 0;
};
bool S7commplusOpcodeModule::set(const char*, Value& v, SnortConfig*)
void S7commplus::eval(Packet* p)
{
- Profile profile(s7commplus_prof);
+ Profile profile(s7commplus_prof); // cppcheck-suppress unreadVariable
// preconditions - what we registered for
assert(p->has_tcp_data());
IpsOption::EvalStatus SipMethodOption::eval(Cursor&, Packet* p)
{
- RuleProfile profile(sipMethodRuleOptionPerfStats);
+ RuleProfile profile(sipMethodRuleOptionPerfStats); // cppcheck-suppress unreadVariable
if ( !p->flow )
return NO_MATCH;
MethodMap methods;
private:
- bool negated;
+ bool negated = false;
};
bool SipMethodModule::begin(const char*, int, SnortConfig*)
class SipStatCodeOption : public IpsOption
{
public:
- SipStatCodeOption(const SipStatCodeRuleOptData& c) :
- IpsOption(s_name)
- { ssod = c; }
+ SipStatCodeOption(const SipStatCodeRuleOptData& c) : IpsOption(s_name), ssod(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus SipStatCodeOption::eval(Cursor&, Packet* p)
{
- RuleProfile profile(sipStatCodeRuleOptionPerfStats);
+ RuleProfile profile(sipStatCodeRuleOptionPerfStats); // cppcheck-suppress unreadVariable
if ((!p->has_tcp_data() && !p->is_udp()) || !p->flow || !p->dsize)
return NO_MATCH;
SipStatCodeRuleOptData ssod;
private:
- int num_tokens;
+ int num_tokens = 0;
};
bool SipStatCodeModule::begin(const char*, int, SnortConfig*)
if (true == status)
{
/*Update the dialog state*/
- SIP_updateDialog(&sipMsg, &(sessp->dialogs), p, config);
+ SIP_updateDialog(sipMsg, &(sessp->dialogs), p, config);
}
/*Update the session data*/
pRopts = &(sessp->ropts);
static void snort_sip(SIP_PROTO_CONF* config, Packet* p)
{
- Profile profile(sipPerfStats);
+ Profile profile(sipPerfStats); // cppcheck-suppress unreadVariable
/* Attempt to get a previously allocated SIP block. */
SIPData* sessp = get_sip_session_data(p->flow);
using namespace snort;
-static void SIP_updateMedias(SIP_MediaSession*, SIP_MediaList*);
+static void SIP_updateMedias(SIP_MediaSession*, SIP_MediaList&);
static int SIP_compareMedias(const SIP_MediaDataList, const SIP_MediaDataList);
-static bool SIP_checkMediaChange(const SIPMsg*, const SIP_DialogData*);
-static int SIP_processRequest(SIPMsg*, SIP_DialogData*, SIP_DialogList*, Packet*, SIP_PROTO_CONF*);
-static int SIP_processInvite(SIPMsg*, SIP_DialogData*, SIP_DialogList*);
-static int SIP_processACK(SIPMsg*, SIP_DialogData*, SIP_DialogList*, Packet*, SIP_PROTO_CONF*);
-static int SIP_processResponse(SIPMsg*, SIP_DialogData*, SIP_DialogList*, Packet*,
- SIP_PROTO_CONF*);
-static int SIP_ignoreChannels(SIP_DialogData*, Packet* p, SIP_PROTO_CONF*);
-static SIP_DialogData* SIP_addDialog(SIPMsg*, SIP_DialogData*, SIP_DialogList*);
+static bool SIP_checkMediaChange(const SIPMsg&, const SIP_DialogData*);
+static int SIP_processInvite(const SIPMsg&, SIP_DialogData*, SIP_DialogList*);
+static int SIP_processACK(SIPMsg&, SIP_DialogData*, SIP_DialogList*, Packet*, SIP_PROTO_CONF*);
+static int SIP_ignoreChannels(const SIP_DialogData&, Packet* p, SIP_PROTO_CONF*);
+static SIP_DialogData* SIP_addDialog(const SIPMsg&, SIP_DialogData*, SIP_DialogList*);
static int SIP_deleteDialog(SIP_DialogData*, SIP_DialogList*);
/********************************************************************
* Based on the new received sip request message, update the dialog information.
* Note: dialog is created through dialog
* Arguments:
- * SIPMsg * - sip request message
+ * SIPMsg & - sip request message
* SIP_DialogData* - dialog to be updated,
* Packet* - the packet
*
* true: request message has been processed correctly
* false: request message has not been processed correctly
********************************************************************/
-static int SIP_processRequest(SIPMsg* sipMsg, SIP_DialogData* dialog, SIP_DialogList* dList,
+static int SIP_processRequest(SIPMsg& sipMsg, SIP_DialogData* dialog, SIP_DialogList* dList,
Packet* p, SIP_PROTO_CONF* config)
{
SIPMethodsFlag methodFlag;
int ret = true;
- assert (nullptr != sipMsg);
-
/*If dialog not exist, create one */
- if ((nullptr == dialog)&&(SIP_METHOD_CANCEL != sipMsg->methodFlag))
+ if ((nullptr == dialog) && (SIP_METHOD_CANCEL != sipMsg.methodFlag))
{
// Clang analyzer is false positive, dlist->head is updated after free
// (Use of memory after it is freed)
dialog = SIP_addDialog(sipMsg, dList->head, dList); // ... FIXIT-W
}
- methodFlag = sipMsg->methodFlag;
+ methodFlag = sipMsg.methodFlag;
sip_stats.requests[TOTAL_REQUESTS]++;
if (methodFlag > 0 && methodFlag < NUM_OF_REQUEST_TYPES)
* Based on the new received sip invite request message, update the dialog information.
* Note: dialog is created through dialog
* Arguments:
- * SIPMsg * - sip request message
+ * SIPMsg & - sip request message
* SIP_DialogData* - dialog to be updated,
* SIP_DialogList*- dialog list
* Returns:
* true:
* false:
********************************************************************/
-static int SIP_processInvite(SIPMsg* sipMsg, SIP_DialogData* dialog, SIP_DialogList* dList)
+static int SIP_processInvite(const SIPMsg& sipMsg, SIP_DialogData* dialog, SIP_DialogList* dList)
{
bool ret = true;
/*Check for the invite replay attack: authenticated invite without challenge*/
// check whether this invite has authorization information
- if ((SIP_DLG_AUTHENCATING != dialog->state) && (nullptr != sipMsg->authorization))
+ if ((SIP_DLG_AUTHENCATING != dialog->state) && (nullptr != sipMsg.authorization))
{
DetectionEngine::queue_event(GID_SIP, SIP_EVENT_AUTH_INVITE_REPLAY_ATTACK);
return false;
ret = SIP_checkMediaChange(sipMsg, dialog);
if (false == ret)
DetectionEngine::queue_event(GID_SIP, SIP_EVENT_AUTH_INVITE_DIFF_SESSION);
- SIP_updateMedias(sipMsg->mediaSession, &dialog->mediaSessions);
+ SIP_updateMedias(sipMsg.mediaSession, dialog->mediaSessions);
}
else if (SIP_DLG_TERMINATED == dialog->state)
{
- SIP_updateMedias(sipMsg->mediaSession, &dialog->mediaSessions);
+ SIP_updateMedias(sipMsg.mediaSession, dialog->mediaSessions);
}
dialog->state = SIP_DLG_INVITING;
return ret;
*
* Based on the new received sip ACK request message, update the dialog information.
* Note: dialog is created through dialog
- * Arguments:
- * SIPMsg * - sip request message
- * SIP_DialogData* - dialog to be updated,
- * SIP_DialogList* - dialog list
- * Packet* - the packet
- * Returns:
- * true:
- * false:
********************************************************************/
-static int SIP_processACK(SIPMsg* sipMsg, SIP_DialogData* dialog, SIP_DialogList*, Packet* p,
+static int SIP_processACK(SIPMsg& sipMsg, SIP_DialogData* dialog, SIP_DialogList*, Packet* p,
SIP_PROTO_CONF* config)
{
if (nullptr == dialog)
if (SIP_DLG_ESTABLISHED == dialog->state)
{
- if ((SIP_METHOD_INVITE == dialog->creator)&&(SIP_checkMediaChange(sipMsg, dialog) ==
- false))
+ if ((SIP_METHOD_INVITE == dialog->creator) && !SIP_checkMediaChange(sipMsg, dialog))
{
- SIP_updateMedias(sipMsg->mediaSession, &dialog->mediaSessions);
- SIP_ignoreChannels(dialog, p, config);
- sipMsg->mediaUpdated = true;
+ SIP_updateMedias(sipMsg.mediaSession, dialog->mediaSessions);
+ SIP_ignoreChannels(*dialog, p, config);
+ sipMsg.mediaUpdated = true;
}
}
return true;
* Based on the new received sip response message, update the dialog information.
*
* Arguments:
- * SIPMsg * - sip response message
+ * SIPMsg & - sip response message
* SIP_DialogData* - dialog to be updated,
* Packet* - the packet
*
* true:
* false:
********************************************************************/
-static int SIP_processResponse(SIPMsg* sipMsg, SIP_DialogData* dialog, SIP_DialogList* dList,
+static int SIP_processResponse(SIPMsg& sipMsg, SIP_DialogData* dialog, SIP_DialogList* dList,
Packet* p, SIP_PROTO_CONF* config)
{
int statusType;
SIP_DialogData* currDialog = dialog;
- assert (nullptr != sipMsg);
-
- statusType = sipMsg->status_code / 100;
+ statusType = sipMsg.status_code / 100;
sip_stats.responses[TOTAL_RESPONSES]++;
if (statusType < NUM_OF_RESPONSE_TYPES)
sip_stats.responses[statusType]++;
if (nullptr == dialog)
return false;
- if (sipMsg->status_code > 0)
- dialog->status_code = sipMsg->status_code;
+ if (sipMsg.status_code > 0)
+ dialog->status_code = sipMsg.status_code;
switch (statusType)
{
// media session
if ( !SIP_checkMediaChange(sipMsg, dialog) )
{
- SIP_updateMedias(sipMsg->mediaSession, &dialog->mediaSessions);
- SIP_ignoreChannels(currDialog, p,config);
- sipMsg->mediaUpdated = true;
+ SIP_updateMedias(sipMsg.mediaSession, dialog->mediaSessions);
+ SIP_ignoreChannels(*currDialog, p,config);
+ sipMsg.mediaUpdated = true;
}
break;
case RESPONSE2XX:
SIP_deleteDialog(currDialog->nextD, dList);
if (SIP_checkMediaChange(sipMsg, dialog) == false)
{
- SIP_updateMedias(sipMsg->mediaSession, &dialog->mediaSessions);
- SIP_ignoreChannels(currDialog, p, config);
- sipMsg->mediaUpdated = true;
+ SIP_updateMedias(sipMsg.mediaSession, dialog->mediaSessions);
+ SIP_ignoreChannels(*currDialog, p, config);
+ sipMsg.mediaUpdated = true;
}
currDialog->state = SIP_DLG_ESTABLISHED;
}
if ((SIP_METHOD_INVITE == currDialog->creator)&&
(SIP_checkMediaChange(sipMsg, dialog) == false))
{
- SIP_updateMedias(sipMsg->mediaSession, &dialog->mediaSessions);
- SIP_ignoreChannels(currDialog, p, config);
- sipMsg->mediaUpdated = true;
+ SIP_updateMedias(sipMsg.mediaSession, dialog->mediaSessions);
+ SIP_ignoreChannels(*currDialog, p, config);
+ sipMsg.mediaUpdated = true;
}
currDialog->state = SIP_DLG_ESTABLISHED;
}
case RESPONSE6XX:
// If authentication is required
- if ((401 == sipMsg->status_code) || (407 == sipMsg->status_code))
+ if ((401 == sipMsg.status_code) || (407 == sipMsg.status_code))
{
currDialog->state = SIP_DLG_AUTHENCATING;
}
* Based on the new received sip invite request message, check whether SDP has been changed
*
* Arguments:
- * SIPMsg * - sip request message
+ * SIPMsg & - sip request message
* SIP_DialogData* - dialog to be updated,
*
* Returns:
* true: media not changed
* false: media changed
********************************************************************/
-static bool SIP_checkMediaChange(const SIPMsg* sipMsg, const SIP_DialogData* dialog)
+static bool SIP_checkMediaChange(const SIPMsg& sipMsg, const SIP_DialogData* dialog)
{
const SIP_MediaSession* medias;
// Compare the medias (SDP part)
- if (nullptr == sipMsg->mediaSession)
+ if (nullptr == sipMsg.mediaSession)
return true;
medias = dialog->mediaSessions;
while (nullptr != medias)
{
- if (sipMsg->mediaSession->sessionID == medias->sessionID)
+ if (sipMsg.mediaSession->sessionID == medias->sessionID)
break;
medias = medias->nextS;
}
return false;
}
// The media content has been changed
- if (0 != SIP_compareMedias(medias->medias, sipMsg->mediaSession->medias))
+ if (0 != SIP_compareMedias(medias->medias, sipMsg.mediaSession->medias))
return false;
return true;
* sessions, one from each side of conversation
*
* Arguments:
- * SIP_DialogData * - the current dialog
+ * SIP_DialogData & - the current dialog
*
*
* Returns:
* false: the channel has not been ignored
*
********************************************************************/
-static int SIP_ignoreChannels(SIP_DialogData* dialog, Packet* p, SIP_PROTO_CONF* config)
+static int SIP_ignoreChannels(const SIP_DialogData& dialog, Packet* p, SIP_PROTO_CONF* config)
{
- SIP_MediaData* mdataA,* mdataB;
-
if (0 == config->ignoreChannel)
return false;
// check the first media session
- if (nullptr == dialog->mediaSessions)
+ if (nullptr == dialog.mediaSessions)
return false;
// check the second media session
- if (nullptr == dialog->mediaSessions->nextS)
+ if (nullptr == dialog.mediaSessions->nextS)
return false;
- mdataA = dialog->mediaSessions->medias;
- mdataB = dialog->mediaSessions->nextS->medias;
+ SIP_MediaData* mdataA = dialog.mediaSessions->medias;
+ SIP_MediaData* mdataB = dialog.mediaSessions->nextS->medias;
sip_stats.ignoreSessions++;
while ((nullptr != mdataA)&&(nullptr != mdataB))
{
* Compare two media list
*
* Arguments:
- * SIPMsg * - the message used to create a dialog
+ * SIPMsg & - the message used to create a dialog
* SIP_DialogData * - the current dialog location
* SIP_DialogList * - the dialogs to be added.
*
*
* Arguments:
* SIP_MediaSession* - media session
- * SIP_MediaList* - media session list to be updated,
+ * SIP_MediaList& - media session list to be updated,
*
* Returns:
*
********************************************************************/
-static void SIP_updateMedias(SIP_MediaSession* mSession, SIP_MediaList* dList)
+static void SIP_updateMedias(SIP_MediaSession* mSession, SIP_MediaList& dList)
{
- SIP_MediaSession* currSession, * preSession = nullptr;
-
if (nullptr == mSession)
return;
mSession->savedFlag = SIP_SESSION_SAVED;
// Find out the media session based on session id
- currSession = *dList;
+ SIP_MediaSession* currSession = dList;
+ SIP_MediaSession* preSession = nullptr;
while (nullptr != currSession)
{
if (currSession->sessionID == mSession->sessionID)
// if this is a new session data, add to the list head
if (nullptr == currSession)
{
- mSession->nextS = *dList;
- *dList = mSession;
+ mSession->nextS = dList;
+ dList = mSession;
}
else
{
mSession->nextS = currSession->nextS;
// if this is the header, update the new header
if (nullptr == preSession)
- *dList = mSession;
+ dList = mSession;
else
preSession->nextS = mSession;
* Add a sip dialog before the current dialog
*
* Arguments:
- * SIPMsg * - the message used to create a dialog
+ * SIPMsg & - the message used to create a dialog
* SIP_DialogData * - the current dialog location
* SIP_DialogList * - the dialogs to be added.
*
* Returns: None
*
********************************************************************/
-static SIP_DialogData* SIP_addDialog(SIPMsg* sipMsg, SIP_DialogData* currDialog,
+static SIP_DialogData* SIP_addDialog(const SIPMsg& sipMsg, SIP_DialogData* currDialog,
SIP_DialogList* dList)
{
- SIP_DialogData* dialog;
-
sip_stats.dialogs++;
- dialog = (SIP_DialogData*)snort_calloc(sizeof(SIP_DialogData));
+ SIP_DialogData* dialog = (SIP_DialogData*)snort_calloc(sizeof(SIP_DialogData));
// Add to the head
dialog->nextD = currDialog;
dialog->prevD = nullptr;
dList->head = dialog;
}
- dialog->dlgID = sipMsg->dlgID;
- dialog->creator = sipMsg->methodFlag;
+ dialog->dlgID = sipMsg.dlgID;
+ dialog->creator = sipMsg.methodFlag;
dialog->state = SIP_DLG_CREATE;
- SIP_updateMedias(sipMsg->mediaSession, &dialog->mediaSessions);
+ SIP_updateMedias(sipMsg.mediaSession, dialog->mediaSessions);
dList->num_dialogs++;
return dialog;
}
return false;
// If this is the header
- if (nullptr == currDialog->prevD)
+ if (nullptr == currDialog->prevD)
{
if (nullptr != currDialog->nextD)
currDialog->nextD->prevD = nullptr;
}
static void sip_publish_data_bus(
- const Packet* p, const SIPMsg* sip_msg, const SIP_DialogData* dialog)
+ const Packet* p, const SIPMsg& sip_msg, const SIP_DialogData* dialog)
{
SipEvent event(p, sip_msg, dialog);
DataBus::publish(SIPData::pub_id, SipEventIds::DIALOG, event, p->flow);
* If not in the current list, created one and add it to the head.
*
* Arguments:
- * SIPMsg * - sip message
+ * SIPMsg & - sip message
* SIP_DialogList* - dialog list to be updated,
*
* Returns:
* true: dialog has been updated
* false: dialog has not been updated
********************************************************************/
-int SIP_updateDialog(SIPMsg* sipMsg, SIP_DialogList* dList, Packet* p, SIP_PROTO_CONF* config)
+int SIP_updateDialog(SIPMsg& sipMsg, SIP_DialogList* dList, Packet* p, SIP_PROTO_CONF* config)
{
- SIP_DialogData* dialog;
SIP_DialogData* oldDialog = nullptr;
int ret;
- if ((nullptr == sipMsg)||(0 == sipMsg->dlgID.callIdHash))
+ if (0 == sipMsg.dlgID.callIdHash)
return false;
- dialog = dList->head;
+ SIP_DialogData* dialog = dList->head;
/*Find out the dialog in the dialog list*/
while (nullptr != dialog)
{
- if (sipMsg->dlgID.callIdHash == dialog->dlgID.callIdHash)
+ if (sipMsg.dlgID.callIdHash == dialog->dlgID.callIdHash)
break;
oldDialog = dialog;
/*Update the dialog information*/
- if (sipMsg->status_code == 0)
+ if (sipMsg.status_code == 0)
ret = SIP_processRequest(sipMsg, dialog, dList, p, config);
- else if (sipMsg->status_code > 0)
- ret = SIP_processResponse(sipMsg, dialog, dList, p, config);
else
- ret = false;
+ ret = SIP_processResponse(sipMsg, dialog, dList, p, config);
for (dialog = dList->head; dialog; dialog = dialog->nextD)
{
- if (sipMsg->dlgID.callIdHash == dialog->dlgID.callIdHash)
+ if (sipMsg.dlgID.callIdHash == dialog->dlgID.callIdHash)
break;
}
sip_publish_data_bus(p, sipMsg, dialog);
uint32_t num_dialogs;
};
-int SIP_updateDialog(SIPMsg* sipMsg, SIP_DialogList* dList, snort::Packet* p, SIP_PROTO_CONF*);
+int SIP_updateDialog(SIPMsg& sipMsg, SIP_DialogList* dList, snort::Packet* p, SIP_PROTO_CONF*);
void sip_freeDialogs(SIP_DialogList* list);
#endif
while ((last < eolm) && isspace((int)*last))
last++;
+ // cppcheck-suppress knownConditionTrueFalse
if (((eolm - last) >= 4)
&& (strncasecmp("LAST", (const char*)last, 4) == 0))
{
bdat_last = true;
}
+ // cppcheck-suppress knownConditionTrueFalse
if (bdat_last || (dat_chunk == 0))
smtp_ssn->state_flags &= ~(SMTP_FLAG_BDAT);
else
void Smtp::eval(Packet* p)
{
- Profile profile(smtpPerfStats);
+ Profile profile(smtpPerfStats); // cppcheck-suppress unreadVariable
// precondition - what we registered for
assert(p->has_tcp_data());
using namespace snort;
using namespace std;
-SmtpCmd::SmtpCmd(const std::string& key, uint32_t flg, int num)
-{
- name = key;
- flags = flg;
- number = num;
-}
+SmtpCmd::SmtpCmd(const std::string& key, uint32_t flg, int num) : name(key), flags(flg), number(num)
+{ }
-SmtpCmd::SmtpCmd(const std::string& key, int num)
+SmtpCmd::SmtpCmd(const std::string& key, int num) : name(key), flags(PCMD_ALT), number(0)
{
- name = key;
-
- flags = PCMD_ALT;
- number = 0;
-
if ( num >= 0 )
{
number = num;
//-------------------------------------------------------------------------
SmtpModule::SmtpModule() : Module(SMTP_NAME, SMTP_HELP, s_params)
-{
- config = nullptr;
-}
+{ }
SmtpModule::~SmtpModule()
{
void add_commands(snort::Value&, uint32_t flags);
private:
- SmtpProtoConf* config;
+ SmtpProtoConf* config = nullptr;
std::vector<SmtpCmd*> cmds;
std::string names;
- int number;
+ int number = 0;
};
#endif
len = end - ptr;
- if (len > 5 && strncasecmp((const char*)ptr, "FIRST", 5) == 0)
+ // cppcheck-suppress knownConditionTrueFalse
+ if (len > 5)
{
- return XLINK_FIRST;
- }
- else if (len > 5 && strncasecmp((const char*)ptr, "CHUNK", 5) == 0)
- {
- return XLINK_CHUNK;
+ if (strncasecmp((const char*)ptr, "FIRST", 5) == 0)
+ return XLINK_FIRST;
+ if (strncasecmp((const char*)ptr, "CHUNK", 5) == 0)
+ return XLINK_CHUNK;
}
return XLINK_OTHER;
SshFlowData::SshFlowData() : FlowData(inspector_id)
{
- session = {};
sshstats.concurrent_sessions++;
if (sshstats.max_concurrent_sessions < sshstats.concurrent_sessions)
sshstats.max_concurrent_sessions = sshstats.concurrent_sessions;
public:
static unsigned inspector_id;
- SSHData session;
+ SSHData session = {};
};
#define SSH_BANNER "SSH-"
class SslStateOption : public IpsOption
{
public:
- SslStateOption(const SslStateRuleOptionData& c) :
- IpsOption(s_name)
- { ssod = c; }
+ SslStateOption(const SslStateRuleOptionData& c) : IpsOption(s_name), ssod(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
EvalStatus eval(Cursor&, Packet*) override;
private:
- SslStateRuleOptionData ssod = {};
+ SslStateRuleOptionData ssod;
};
//-------------------------------------------------------------------------
IpsOption::EvalStatus SslStateOption::eval(Cursor&, Packet* pkt)
{
- RuleProfile profile(sslStateRuleOptionPerfStats);
+ RuleProfile profile(sslStateRuleOptionPerfStats); // cppcheck-suppress unreadVariable
if ( !(pkt->packet_flags & PKT_REBUILT_STREAM) && !pkt->is_full_pdu() )
return NO_MATCH;
class SslVersionOption : public IpsOption
{
public:
- SslVersionOption(const SslVersionRuleOptionData& c) :
- IpsOption(s_name)
- { svod = c; }
+ SslVersionOption(const SslVersionRuleOptionData& c) : IpsOption(s_name), svod(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
EvalStatus eval(Cursor&, Packet*) override;
private:
- SslVersionRuleOptionData svod = {};
+ SslVersionRuleOptionData svod;
};
//-------------------------------------------------------------------------
IpsOption::EvalStatus SslVersionOption::eval(Cursor&, Packet* pkt)
{
- RuleProfile profile(sslVersionRuleOptionPerfStats);
+ RuleProfile profile(sslVersionRuleOptionPerfStats); // cppcheck-suppress unreadVariable
if ( !(pkt->packet_flags & PKT_REBUILT_STREAM) && !pkt->is_full_pdu() )
return NO_MATCH;
static void snort_ssl(SSL_PROTO_CONF* config, Packet* p)
{
- Profile profile(sslPerfStats);
+ Profile profile(sslPerfStats); // cppcheck-suppress unreadVariable
/* Attempt to get a previously allocated SSL block. */
SSLData* sd = SslBaseFlowData::get_ssl_session_data(p->flow);
#include "config.h"
#endif
+#include <algorithm>
+
#include "curse_book.h"
using namespace std;
// map between service and curse details
-vector<CurseDetails> CurseBook::curse_map =
+vector<CurseDetails> CurseBook::curse_map =
{
// name service alg is_tcp
{ "dce_udp" , "dcerpc" , CurseBook::dce_udp_curse , false },
bool CurseBook::add_curse(const char* key)
{
- for ( const CurseDetails& curse : curse_map )
- {
- if ( curse.name == key )
+ return std::cend(curse_map) != std::find_if(std::cbegin(curse_map), std::cend(curse_map),
+ [this, key](const CurseDetails& curse)
{
- if ( curse.is_tcp )
- tcp_curses.emplace_back(&curse);
- else
- non_tcp_curses.emplace_back(&curse);
-
- return true;
- }
- }
+ if ( curse.name == key )
+ {
+ if ( curse.is_tcp )
+ tcp_curses.emplace_back(&curse);
+ else
+ non_tcp_curses.emplace_back(&curse);
- return false;
+ return true;
+ }
+ return false;
+ });
}
const vector<const CurseDetails*>& CurseBook::get_curses(bool tcp) const
//-------------------------------------------------------------------------
void HexBook::add_spell(
- const char* key, const char* val, HexVector& hv, unsigned i, MagicPage* p)
+ const char* key, const char* val, const HexVector& hv, unsigned i, MagicPage* p)
{
while ( i < hv.size() )
{
private:
bool translate(const char*, HexVector&);
- void add_spell(const char*, const char*, HexVector&, unsigned, MagicPage*);
+ void add_spell(const char*, const char*, const HexVector&, unsigned, MagicPage*);
const MagicPage* find_spell(const uint8_t*, unsigned, const MagicPage*, unsigned,
const MagicPage*&) const override;
};
private:
bool translate(const char*, HexVector&);
- void add_spell(const char*, const char*, HexVector&, unsigned, MagicPage*);
+ void add_spell(const char*, const char*, const HexVector&, unsigned, MagicPage*);
const MagicPage* find_spell(const uint8_t*, unsigned, const MagicPage*, unsigned,
const MagicPage*&) const override;
};
}
void SpellBook::add_spell(
- const char* key, const char* val, HexVector& hv, unsigned i, MagicPage* p)
+ const char* key, const char* val, const HexVector& hv, unsigned i, MagicPage* p)
{
while ( i < hv.size() )
{
if ( (i + incr_by - 1) < max_detect )
{
CHECK(tracker.ssl.state == static_cast<SSL_State>(i));
- CHECK_FALSE(CurseBook::ssl_v2_curse(&ch[i],sizeof(uint8_t) * incr_by,&tracker));
+ CHECK(false == CurseBook::ssl_v2_curse(&ch[i],sizeof(uint8_t) * incr_by,&tracker));
}
else
{
- CHECK(CurseBook::ssl_v2_curse(&ch[i],sizeof(uint8_t) * incr_by,&tracker));
- CHECK(tracker.ssl.state == SSL_STATE__SSL_FOUND);
+ CHECK(true == CurseBook::ssl_v2_curse(&ch[i],sizeof(uint8_t) * incr_by,&tracker));
+ CHECK(SSL_STATE__SSL_FOUND == tracker.ssl.state);
}
i += incr_by;
}
// subsequent checks must return found
- CHECK(CurseBook::ssl_v2_curse(&ch[max_detect + 1],sizeof(uint8_t),&tracker));
- CHECK(tracker.ssl.state == SSL_STATE__SSL_FOUND);
+ CHECK(true == CurseBook::ssl_v2_curse(&ch[max_detect + 1],sizeof(uint8_t),&tracker));
+ CHECK(SSL_STATE__SSL_FOUND == tracker.ssl.state);
};
// sslv2 with ssl version 2
if ( i < fail_at_byte )
{
CHECK(tracker.ssl.state == static_cast<SSL_State>(i));
- CHECK_FALSE(CurseBook::ssl_v2_curse(&ch_data[i],sizeof(uint8_t),&tracker));
+ CHECK(false == CurseBook::ssl_v2_curse(&ch_data[i],sizeof(uint8_t),&tracker));
}
else
{
- CHECK_FALSE(CurseBook::ssl_v2_curse(&ch_data[i],sizeof(uint8_t),&tracker));
- CHECK(tracker.ssl.state == SSL_STATE__SSL_NOT_FOUND);
+ CHECK(false == CurseBook::ssl_v2_curse(&ch_data[i],sizeof(uint8_t),&tracker));
+ CHECK(SSL_STATE__SSL_NOT_FOUND == tracker.ssl.state);
}
}
// subsequent checks must return ssl not found
- CHECK_FALSE(CurseBook::ssl_v2_curse(&ch_data[max_detect + 1],sizeof(uint8_t),&tracker));
- CHECK(tracker.ssl.state == SSL_STATE__SSL_NOT_FOUND);
+ CHECK(false == CurseBook::ssl_v2_curse(&ch_data[max_detect + 1],sizeof(uint8_t),&tracker));
+ CHECK(SSL_STATE__SSL_NOT_FOUND == tracker.ssl.state);
};
SECTION("byte 0"){ test(0);}
std::string service;
std::vector<std::string> c2s_patterns;
std::vector<std::string> s2c_patterns;
- bool c2s;
+ bool c2s = false;
MagicBook* c2s_hexes = nullptr;
MagicBook* s2c_hexes = nullptr;
CurseBook* curses = nullptr;
uint16_t max_search_depth = 0;
- MagicBook::ArcaneType proto;
+ MagicBook::ArcaneType proto = MagicBook::ArcaneType::MAX;
};
#endif
Packet* pkt, const uint8_t* data, uint32_t len,
uint32_t, uint32_t*)
{
- Profile profile(wizPerfStats);
+ Profile profile(wizPerfStats); // cppcheck-suppress unreadVariable
count_scan(pkt->flow);
bytes_scanned += len;
void Wizard::eval(Packet* p)
{
- Profile profile(wizPerfStats);
+ Profile profile(wizPerfStats); // cppcheck-suppress unreadVariable
if ( !p->is_udp() )
return;
private:
SfIp addr;
- uint16_t bits;
+ uint16_t bits = 0;
} __attribute__((__packed__));
* into a number of bits to mask off */
static inline int _netmask_str_to_bit_count(char* mask, int family)
{
- uint32_t buf[4];
+ uint32_t buf[4] = {};
int bits, i, nBits, nBytes;
uint8_t* bytes = (uint8_t*)buf;
#define LIST_CLOSE ']'
static SfIpRet sfvar_list_compare(sfip_node_t*, sfip_node_t*);
-static inline void sfip_node_free(sfip_node_t*);
+static inline void sfip_node_free(sfip_node_t*&);
static inline void sfip_node_freelist(sfip_node_t*);
static inline sfip_var_t* _alloc_var()
return ret;
}
-static inline void sfip_node_free(sfip_node_t* node)
+static inline void sfip_node_free(sfip_node_t*& node)
{
if ( !node )
return;
delete node->ip;
snort_free(node);
+ node = nullptr;
}
static inline void sfip_node_freelist(sfip_node_t* root)
static sfip_node_t* merge_lists(sfip_node_t* list1, sfip_node_t* list2, uint16_t list1_len,
uint16_t list2_len, uint32_t& merge_len)
{
- sfip_node_t* listHead = nullptr, * merge_list = nullptr, * tmp = nullptr, * node = nullptr;
- uint32_t num_nodes = 0;
-
if (!list1 && !list2)
{
merge_len = 0;
return list2;
}
+ sfip_node_t* listHead = nullptr;
+ sfip_node_t* merge_list = nullptr;
+ uint32_t num_nodes = 0;
/*Iterate till one of the list is null. Append each node to merge_list*/
while (list1 && list2)
{
if ( num_nodes )
{
- tmp = list1->next;
+ sfip_node_t* tmp = list1->next;
if ( list_contains_node(listHead, merge_list, num_nodes, list1) )
{
list1 = tmp;
}
SfIpRet ret = list1->ip->compare(*(list2->ip));
+ sfip_node_t* node;
if (ret == SFIP_LESSER)
{
node = list1;
node = list1;
list1 = list1->next;
/*Free the duplicate node*/
- tmp = list2->next;
+ sfip_node_t* tmp = list2->next;
sfip_node_free(list2);
list2 = tmp;
/*list2 is null. Append list1*/
while ( list1 )
{
- tmp = list1->next;
+ sfip_node_t* tmp = list1->next;
if ( !list_contains_node(listHead, merge_list, num_nodes, list1) and merge_list )
{
merge_list->next = list1;
/*list1 is null. Append list2*/
while ( list2 )
{
- tmp = list2->next;
+ sfip_node_t* tmp = list2->next;
if ( !list_contains_node(listHead, merge_list, num_nodes, list2) and merge_list )
{
merge_list->next = list2;
SECTION("basic list merge")
{
table = sfvt_alloc_table();
- CHECK(sfvt_add_str(table, "foo [ 192.168.0.1, 192.168.5.0, 192.168.0.2, 255.255.248.0 ] ",
- &var1) == SFIP_SUCCESS);
- CHECK(sfvt_add_str(table, "goo [ 255.255.241.0, 192.168.2.1] ", &var2) == SFIP_SUCCESS);
+ SfIpRet ret = sfvt_add_str(table, "foo [ 192.168.0.1, 192.168.5.0, 192.168.0.2, 255.255.248.0 ] ", &var1);
+ CHECK( SFIP_SUCCESS == ret);
+ ret = sfvt_add_str(table, "goo [ 255.255.241.0, 192.168.2.1] ", &var2);
+ CHECK( SFIP_SUCCESS == ret);
print_var_list(var1->head);
CHECK(!strcmp("192.168.0.1,192.168.0.2,192.168.5.0,255.255.248.0", sfipvar_test_buff));
print_var_list(var2->head);
table = sfvt_alloc_table();
// 'foo' variable
- CHECK(sfvt_add_str(table, "foo 1.0.0.1", &var1) == SFIP_SUCCESS);
+ SfIpRet ret = sfvt_add_str(table, "foo 1.0.0.1", &var1);
+ CHECK(SFIP_SUCCESS == ret);
// no table used
- CHECK(sfvt_add_to_var(nullptr, var2, "1.0.0.2") == SFIP_SUCCESS);
- CHECK(sfvt_add_to_var(nullptr, var2, "$foo") == SFIP_LOOKUP_UNAVAILABLE);
- CHECK(sfvt_add_to_var(nullptr, var2, "$moo") == SFIP_LOOKUP_UNAVAILABLE);
+ ret = sfvt_add_to_var(nullptr, var2, "1.0.0.2");
+ CHECK(SFIP_SUCCESS == ret);
+ ret = sfvt_add_to_var(nullptr, var2, "$foo");
+ CHECK(SFIP_LOOKUP_UNAVAILABLE == ret);
+ ret = sfvt_add_to_var(nullptr, var2, "$moo");
+ CHECK(SFIP_LOOKUP_UNAVAILABLE == ret);
print_var_list(var2->head);
CHECK(!strcmp("1.0.0.2", sfipvar_test_buff));
snort_free(ip);
// using table
- CHECK(sfvt_add_to_var(table, var2, "$foo") == SFIP_SUCCESS);
- CHECK(sfvt_add_to_var(table, var2, "$moo") == SFIP_LOOKUP_FAILURE);
+ ret = sfvt_add_to_var(table, var2, "$foo");
+ CHECK(SFIP_SUCCESS == ret);
+ ret = sfvt_add_to_var(table, var2, "$moo");
+ CHECK(SFIP_LOOKUP_FAILURE == ret);
print_var_list(var2->head);
CHECK(!strcmp("1.0.0.1,1.0.0.2", sfipvar_test_buff));
sfip_node_t* node;
table = sfvt_alloc_table();
- CHECK(sfvt_add_str(table, "foo [ 192.168.0.1, 192.168.5.0, 192.168.0.2, 255.255.248.0 ] ",
- &var1) == SFIP_SUCCESS);
+ SfIpRet ret = sfvt_add_str(table, "foo [ 192.168.0.1, 192.168.5.0, 192.168.0.2, 255.255.248.0 ] ", &var1);
+ CHECK(SFIP_SUCCESS == ret);
print_var_list(var1->head);
CHECK(!strcmp("192.168.0.1,192.168.0.2,192.168.5.0,255.255.248.0", sfipvar_test_buff));
// deep copy the list
// add a negate node to original list
node = sfipnode_alloc("!192.168.3.2", nullptr);
CHECK(node != nullptr);
- CHECK(SFIP_SUCCESS == sfvar_add_node(var1, node, 1));
+ ret = sfvar_add_node(var1, node, 1);
+ CHECK(SFIP_SUCCESS == ret);
print_var_list(var1->neg_head);
CHECK(!strcmp("!192.168.3.2", sfipvar_test_buff));
// now compare should fail
// add a node
node = sfipnode_alloc("192.168.90.9", nullptr);
CHECK(node != nullptr);
- CHECK(SFIP_SUCCESS == sfvar_add_node(var1, node, 0));
+ ret = sfvar_add_node(var1, node, 0);
+ CHECK(SFIP_SUCCESS == ret);
print_var_list(var1->head);
CHECK(!strcmp("192.168.0.1,192.168.0.2,192.168.5.0,192.168.90.9,255.255.248.0",
sfipvar_test_buff));
table = sfvt_alloc_table();
- CHECK(sfvt_add_str(table, "foo [any] ", &var1) == SFIP_SUCCESS);
+ SfIpRet ret = sfvt_add_str(table, "foo [any] ", &var1);
+ CHECK(SFIP_SUCCESS == ret);
print_var_list(var1->head);
CHECK(!strcmp("any", sfipvar_test_buff));
// try to add list to any
- CHECK(sfvt_add_str(table, "goo [ 255.255.241.0, 192.168.2.1] ", &var2) == SFIP_SUCCESS);
- CHECK(SFIP_SUCCESS == sfvar_add(var1, var2));
+ ret = sfvt_add_str(table, "goo [ 255.255.241.0, 192.168.2.1] ", &var2);
+ CHECK(SFIP_SUCCESS == ret);
+ ret= sfvar_add(var1, var2);
+ CHECK(SFIP_SUCCESS == ret);
// adding something to any should not change any
print_var_list(var1->head);
CHECK(!strcmp("any", sfipvar_test_buff));
// create a list and add any to it
node = sfipnode_alloc("any", nullptr);
CHECK(node != nullptr);
- CHECK(SFIP_SUCCESS == sfvar_add_node(var1, node, 0));
+ ret = sfvar_add_node(var1, node, 0);
+ CHECK(SFIP_SUCCESS == ret);
// after adding any, the original list should have any only
print_var_list(var1->head);
//---------------------------------------------------------------
-static int FuncCheck(int i)
+static void print_func(int i, const char* status, const char* code, const FuncTest* f)
{
- FuncTest* f = ftests + i;
- int result;
+ if ( f->arg2 )
+ printf("[%d] %s: %s(%s, %s) = %s\n",
+ i, status, f->func, f->arg1, f->arg2, code);
+ else
+ printf("[%d] %s: %s(%s) = %s\n",
+ i, status, f->func, f->arg1, code);
+}
- const char* status = "Passed";
- const char* code;
+static int FuncCheck(int i)
+{
+ const FuncTest* f = ftests + i;
- result = RunFunc(f->func, f->arg1, f->arg2);
+ int result = RunFunc(f->func, f->arg1, f->arg2);
- code = (0 <= result && (size_t)result < sizeof(codes)/sizeof(codes[0])) ?
+ const char* code = (0 <= result && (size_t)result < sizeof(codes)/sizeof(codes[0])) ?
codes[result] : "uh oh";
if ( result != f->expected )
- {
- status = "Failed";
- }
-#ifndef SFIP_TEST_DEBUG
- if ( result != f->expected )
- {
-#endif
- if ( f->arg2 )
- printf("[%d] %s: %s(%s, %s) = %s\n",
- i, status, f->func, f->arg1, f->arg2, code);
- else
- printf("[%d] %s: %s(%s) = %s\n",
- i, status, f->func, f->arg1, code);
-#ifndef SFIP_TEST_DEBUG
- }
+ print_func(i, "Failed", code, f);
+#ifdef SFIP_TEST_DEBUG
+ else
+ print_func(i, "Passed", code, f);
#endif
+
return result == f->expected;
}
va_list ap;
int index;
TABLE_PTR table_ptr;
- dir_table_flat_t* table;
+ dir_table_flat_t* tmp_table;
uint8_t* base;
table_ptr = segment_snort_alloc(sizeof(dir_table_flat_t));
}
base = (uint8_t*)segment_basePtr();
- table = (dir_table_flat_t*)(&base[table_ptr]);
+ tmp_table = (dir_table_flat_t*)(&base[table_ptr]);
- table->allocated = 0;
+ tmp_table->allocated = 0;
- table->dim_size = count;
+ tmp_table->dim_size = count;
va_start(ap, count);
for (index=0; index < count; index++)
{
uint32_t val = va_arg(ap, int);
- table->dimensions[index] = val;
+ tmp_table->dimensions[index] = val;
}
va_end(ap);
- table->mem_cap = mem_cap;
+ tmp_table->mem_cap = mem_cap;
- table->cur_num = 0;
+ tmp_table->cur_num = 0;
- table->sub_table = _sub_table_flat_new(table, 0, 0, 0);
+ tmp_table->sub_table = _sub_table_flat_new(tmp_table, 0, 0, 0);
- if (!table->sub_table)
+ if (!tmp_table->sub_table)
{
segment_free(table_ptr);
return 0;
}
- table->allocated += sizeof(dir_table_flat_t) + sizeof(int)*count;
+ tmp_table->allocated += sizeof(dir_table_flat_t) + sizeof(int)*count;
return table_ptr;
}
{
h_addr[1] = ntohl(addr[1]);
h_addr[2] = ntohl(addr[2]);
- h_addr[3] = ntohl(addr[3]);
+ h_addr[3] = ntohl(addr[3]); // cppcheck-suppress unreadVariable
}
else if (len > 64)
{
h_addr[1] = ntohl(addr[1]);
h_addr[2] = ntohl(addr[2]);
- h_addr[3] = 0;
+ h_addr[3] = 0; // cppcheck-suppress unreadVariable
}
else if (len > 32)
{
h_addr[1] = ntohl(addr[1]);
h_addr[2] = 0;
- h_addr[3] = 0;
+ h_addr[3] = 0; // cppcheck-suppress unreadVariable
}
else
{
h_addr[1] = 0;
h_addr[2] = 0;
- h_addr[3] = 0;
+ h_addr[3] = 0; // cppcheck-suppress unreadVariable
}
/* Find the sub table in which to insert */
word index;
uint8_t* base = (uint8_t*)segment_basePtr();
DIR_Entry* entry;
- dir_sub_table_flat_t* table = (dir_sub_table_flat_t*)(&base[table_ptr]);
+ dir_sub_table_flat_t* tmp_table = (dir_sub_table_flat_t*)(&base[table_ptr]);
{
uint32_t local_index, i;
i=3;
}
local_index = ip->addr[i] << (ip->bits %32);
- index = local_index >> (ARCH_WIDTH - table->width);
+ index = local_index >> (ARCH_WIDTH - tmp_table->width);
}
- entry = (DIR_Entry*)(&base[table->entries]);
+ entry = (DIR_Entry*)(&base[tmp_table->entries]);
if ( !entry[index].value || entry[index].length )
{
return ret;
}
- ip->bits += table->width;
+ ip->bits += tmp_table->width;
return _dir_sub_flat_lookup(ip, entry[index].value);
}
uint32_t RtTable::sfrt_dir_flat_usage(TABLE_PTR table_ptr) const
{
- dir_table_flat_t* table;
+ dir_table_flat_t* tmp_table;
uint8_t* base;
if (!table_ptr)
{
return 0;
}
base = (uint8_t*)segment_basePtr();
- table = (dir_table_flat_t*)(&base[table_ptr]);
- return ((dir_table_flat_t*)(table))->allocated;
+ tmp_table = (dir_table_flat_t*)(&base[table_ptr]);
+ return ((dir_table_flat_t*)(tmp_table))->allocated;
}
#include <sys/time.h>
+#include <algorithm>
#include <cassert>
#include "framework/counts.h"
SideChannel* SideChannelManager::get_side_channel(SCPort port)
{
if ( tls_maps )
- for ( auto& scm : * tls_maps )
- {
- if ( ( port <= scm->ports.size() ) && ( scm->ports.test(port) ) )
- {
- return scm->sc;
- }
- }
-
+ {
+ auto it = std::find_if(tls_maps->begin(), tls_maps->end(),
+ [port](const SideChannelMapping* scm)
+ { return port <= scm->ports.size() && scm->ports.test(port); });
+ if (it != tls_maps->end())
+ return (*it)->sc;
+ }
return nullptr;
}
-SideChannel::SideChannel()
-{
- sequence = 0;
- default_port = 0;
- connector_receive = nullptr;
- connector_transmit = nullptr;
- receive_handler = nullptr;
-}
-
void SideChannel::set_message_port(SCMessage* msg, SCPort port)
{
assert ( msg );
class SideChannel
{
public:
- SideChannel();
+ SideChannel() = default;
void register_receive_handler(const SCProcessMsgFunc& handler);
void unregister_receive_handler();
void set_default_port(SCPort port);
snort::Connector::Direction get_direction();
- snort::Connector* connector_receive;
- snort::Connector* connector_transmit;
+ snort::Connector* connector_receive = nullptr;
+ snort::Connector* connector_transmit = nullptr;
private:
- SCSequence sequence;
- SCPort default_port;
+ SCSequence sequence = 0;
+ SCPort default_port = 0;
SCProcessMsgFunc receive_handler = nullptr;
};
StreamModuleConfig config;
};
-StreamBase::StreamBase(const StreamModuleConfig* c)
-{ config = *c; }
+StreamBase::StreamBase(const StreamModuleConfig* c) : config(*c)
+{ }
bool StreamBase::configure(SnortConfig*)
{
{
assert( proto_map );
- for( auto map : *proto_map )
- {
- if ( map.second == this )
- {
- proto_map->erase(map.first);
- break;
- }
- }
+ auto it = std::find_if(proto_map->cbegin(), proto_map->cend(),
+ [this](const std::pair<const int, ProtocolHA*>& map){ return map.second == this; });
+ if ( it != proto_map->cend() )
+ proto_map->erase((*it).first);
if ( proto_map->empty() )
- {
delete proto_map;
- }
}
void ProtocolHA::process_deletion(Flow& flow)
{ return true; }
public:
- bool upload;
+ bool upload = false;
};
#endif
int FileSession::process(Packet* p)
{
- Profile profile(file_ssn_stats);
+ Profile profile(file_ssn_stats); // cppcheck-suppress unreadVariable
p->flow->ssn_state.snort_protocol_id = SNORT_PROTO_FILE;
StreamFileConfig* c = get_file_cfg(p->flow->ssn_server);
void clear() override;
int process(snort::Packet*) override;
- bool is_sequenced(uint8_t /*dir*/) override
- { return true; }
-
- bool are_packets_missing(uint8_t /*dir*/) override
- { return false; }
-
- uint8_t missing_in_reassembled(uint8_t /*dir*/) override
- { return SSN_MISSING_NONE; }
-
private:
void start(snort::Packet*, snort::Flow*);
void update(snort::Packet*, snort::Flow*);
StreamIcmpModule::StreamIcmpModule() :
Module(MOD_NAME, MOD_HELP, s_params)
-{
- config = nullptr;
-}
+{ }
ProfileStats* StreamIcmpModule::get_profile() const
{
#include "flow/session.h"
#include "framework/module.h"
+#include "stream_icmp.h"
+
extern const PegInfo icmp_pegs[];
extern THREAD_LOCAL struct IcmpStats icmpStats;
extern THREAD_LOCAL snort::ProfileStats icmp_perf_stats;
#define MOD_NAME "stream_icmp"
#define MOD_HELP "stream inspector for ICMP flow tracking"
-struct StreamIcmpConfig;
-
class StreamIcmpModule : public snort::Module
{
public:
StreamIcmpModule();
+ ~StreamIcmpModule() override
+ { delete config; }
bool set(const char*, snort::Value&, snort::SnortConfig*) override;
bool begin(const char*, int, snort::SnortConfig*) override;
bool end(const char*, int, snort::SnortConfig*) override;
StreamIcmpConfig* get_data();
private:
- StreamIcmpConfig* config;
+ StreamIcmpConfig* config = nullptr;
};
#endif
void clear() override;
public:
- uint32_t echo_count;
- struct timeval ssn_time;
+ uint32_t echo_count = 0;
+ struct timeval ssn_time = {};
};
void icmp_stats();
const timeval* current_time, const timeval* start_time, FragEngine* engine)
{
struct timeval tv_diff;
- TIMERSUB(current_time, start_time, &tv_diff);
+ TIMERSUB(current_time, start_time, &tv_diff); // cppcheck-suppress unreadVariable
if (tv_diff.tv_sec >= (int)engine->frag_timeout)
return true;
trunc = 0;
overlap = frag_end - right->offset;
- if (overlap)
+ if (frag_end < ft->calculated_size ||
+ ((ft->frag_flags & FRAG_GOT_LAST) &&
+ frag_end != ft->calculated_size))
{
- if (frag_end < ft->calculated_size ||
- ((ft->frag_flags & FRAG_GOT_LAST) &&
- frag_end != ft->calculated_size))
+ if (!(p->ptrs.decode_flags & DECODE_MF))
{
- if (!(p->ptrs.decode_flags & DECODE_MF))
- {
- /*
- * teardrop attack...
- */
- debug_log(stream_ip_trace, p, "[..] Teardrop attack!\n");
+ /*
+ * teardrop attack...
+ */
+ debug_log(stream_ip_trace, p, "[..] Teardrop attack!\n");
- EventAttackTeardrop(fe);
+ EventAttackTeardrop(fe);
- ft->frag_flags |= FRAG_BAD;
+ ft->frag_flags |= FRAG_BAD;
- return FRAG_INSERT_ATTACK;
- }
+ return FRAG_INSERT_ATTACK;
}
}
int IpSession::process(Packet* p)
{
- Profile profile(ip_perf_stats);
+ Profile profile(ip_perf_stats); // cppcheck-suppress unreadVariable
if ( Stream::expired_flow(flow, p) )
{
bool check_alerted(snort::Packet*, uint32_t gid, uint32_t sid) override;
public:
- FragTracker tracker;
+ FragTracker tracker = {};
};
extern THREAD_LOCAL IpStats ip_stats;
const uint8_t* data, uint32_t len, uint32_t total,
uint32_t seq, uint32_t* flags)
{
- Profile profile(pafPerfStats);
+ Profile profile(pafPerfStats); // cppcheck-suppress unreadVariable
PafAux px;
if ( !paf_initialized(ps) )
if (n == 0)
return { nullptr, 0 };
- unsigned max;
- uint8_t* pdu_buf = DetectionEngine::get_next_buffer(max);
- max = max > Packet::max_dsize ? Packet::max_dsize : max;
+ unsigned tmp_max;
+ uint8_t* pdu_buf = DetectionEngine::get_next_buffer(tmp_max);
+ tmp_max = tmp_max > Packet::max_dsize ? Packet::max_dsize : tmp_max;
- n = std::min(n, max - offset);
+ n = std::min(n, tmp_max - offset);
/*
FIXIT:
- Extra bytes will be lost and will pass without inspection
class ReassembleOption : public IpsOption
{
public:
- ReassembleOption(const StreamReassembleRuleOptionData& c) :
- IpsOption(s_name)
- { srod = c; }
+ ReassembleOption(const StreamReassembleRuleOptionData& c) : IpsOption(s_name), srod(c)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
IpsOption::EvalStatus ReassembleOption::eval(Cursor&, Packet* pkt)
{
- RuleProfile profile(streamReassembleRuleOptionPerfStats);
+ RuleProfile profile(streamReassembleRuleOptionPerfStats); // cppcheck-suppress unreadVariable
if (!pkt->flow || !pkt->ptrs.tcph)
return NO_MATCH;
{ return DETECT; }
public:
- StreamReassembleRuleOptionData srod;
+ StreamReassembleRuleOptionData srod = {};
};
bool ReassembleModule::begin(const char*, int, SnortConfig*)
TEST_CASE("IPS Stream Reassemble", "[ips_stream_reassemble][stream_tcp]")
{
// initialization code here
- REQUIRE( ( ips_stream_reassemble->api_version == ((BASE_API_VERSION << 16) | 0) ) );
+ REQUIRE( ( ips_stream_reassemble->api_version == (BASE_API_VERSION << 16) ) );
REQUIRE( ( strcmp(ips_stream_reassemble->name, s_name) == 0 ) );
ReassembleModule* reassembler = ( ReassembleModule* )ips_stream_reassemble->mod_ctor();
REQUIRE( reassembler != nullptr );
class SizeOption : public IpsOption
{
public:
- SizeOption(const RangeCheck& c, int dir) :
- IpsOption(s_name)
- { ssod = c; direction = dir; }
+ SizeOption(const RangeCheck& c, int dir) : IpsOption(s_name), ssod(c), direction(dir)
+ { }
uint32_t hash() const override;
bool operator==(const IpsOption&) const override;
public:
RangeCheck ssod;
- int direction;
+ int direction = 0;
};
bool SizeModule::begin(const char*, int, SnortConfig*)
session->client.reassembler.purge_alerts();
}
-bool TcpReassembler::is_segment_pending_flush(TcpReassemblerState& trs)
+bool TcpReassembler::is_segment_pending_flush(const TcpReassemblerState& trs) const
{
return ( get_pending_segment_count(trs, 1) > 0 );
}
-uint32_t TcpReassembler::get_pending_segment_count(TcpReassemblerState& trs, unsigned max)
+uint32_t TcpReassembler::get_pending_segment_count(const TcpReassemblerState& trs, unsigned max) const
{
uint32_t n = trs.sos.seg_count - trs.flush_count;
- TcpSegmentNode* tsn;
if ( !n || max == 1 )
return n;
n = 0;
- tsn = trs.sos.seglist.head;
+ const TcpSegmentNode* tsn = trs.sos.seglist.head;
while ( tsn )
{
if ( tsn->c_len && SEQ_LT(tsn->c_seq, trs.tracker->r_win_base) )
bool TcpReassembler::check_alerted(TcpReassemblerState& trs, uint32_t gid, uint32_t sid)
{
- for ( auto& alert : trs.alerts )
- if (alert.gid == gid && alert.sid == sid)
- return true;
-
- return false;
+ return std::any_of(trs.alerts.cbegin(), trs.alerts.cend(),
+ [gid, sid](const StreamAlertInfo& alert){ return alert.gid == gid && alert.sid == sid; });
}
int TcpReassembler::update_alert(TcpReassemblerState& trs, uint32_t gid, uint32_t sid,
// FIXIT-M comparison of seq_num is wrong, compare value is always 0, should be seq_num of wire packet
uint32_t seq_num = 0;
- for ( auto& alert : trs.alerts )
- if (alert.gid == gid && alert.sid == sid && SEQ_EQ(alert.seq, seq_num))
- {
- alert.event_id = event_id;
- alert.event_second = event_second;
- return 0;
- }
+ auto it = std::find_if(trs.alerts.begin(), trs.alerts.end(),
+ [gid, sid, seq_num](const StreamAlertInfo& alert)
+ { return alert.gid == gid && alert.sid == sid && SEQ_EQ(alert.seq, seq_num); });
+ if (it != trs.alerts.end())
+ {
+ (*it).event_id = event_id;
+ (*it).event_second = event_second;
+ return 0;
+ }
return -1;
}
// FIXIT-L: consolidate these 3
bool to_server = splitter->to_server();
- assert(splitter && server_side == to_server && server_side == !trk.client_tracker);
+ assert(server_side == to_server && server_side == !trk.client_tracker);
#endif
trk.set_splitter(new AtomSplitter(server_side, max));
TcpReassemblerState&, snort::Flow* flow, bool clear, const snort::Packet* = nullptr);
void finish_and_final_flush(
TcpReassemblerState&, snort::Flow* flow, bool clear, snort::Packet*);
- virtual bool is_segment_pending_flush(TcpReassemblerState&);
+ virtual bool is_segment_pending_flush(const TcpReassemblerState&) const;
virtual int flush_on_data_policy(TcpReassemblerState&, snort::Packet*);
virtual int flush_on_ack_policy(TcpReassemblerState&, snort::Packet*);
virtual bool add_alert(TcpReassemblerState&, uint32_t gid, uint32_t sid);
int delete_reassembly_segment(TcpReassemblerState&, TcpSegmentNode*) override;
virtual void insert_segment_in_empty_seglist(TcpReassemblerState&, TcpSegmentDescriptor&);
virtual void insert_segment_in_seglist(TcpReassemblerState&, TcpSegmentDescriptor&);
- virtual uint32_t get_pending_segment_count(TcpReassemblerState&, unsigned max);
+ virtual uint32_t get_pending_segment_count(const TcpReassemblerState&, unsigned max) const;
int trim_delete_reassembly_segment(TcpReassemblerState&, TcpSegmentNode*, uint32_t flush_seq);
void queue_reassembly_segment(TcpReassemblerState&, TcpSegmentNode* prev, TcpSegmentNode*);
void init_overlap_editor(TcpReassemblerState&, TcpSegmentDescriptor&);
void flush_queued_segments(snort::Flow* flow, bool clear, const snort::Packet* p = nullptr)
{ reassembler->flush_queued_segments(trs, flow, clear, p); }
- bool is_segment_pending_flush()
+ bool is_segment_pending_flush() const
{ return reassembler->is_segment_pending_flush(trs); }
int flush_on_data_policy(snort::Packet* p)
private:
TcpReassembler* reassembler = nullptr;
- TcpReassemblerState trs;
+ TcpReassemblerState trs = {};
friend inline void TraceSegments(const TcpReassemblerPolicy&, const snort::Packet* p);
};
#endif
return TF_NONE;
}
-bool TcpSegmentDescriptor::has_wscale()
-{
- uint16_t wscale;
-
- if ( !(pkt->ptrs.decode_flags & DECODE_TCP_WS) )
- return false;
-
- return ( init_wscale(&wscale) & TF_WSCALE ) != TF_NONE;
-}
-
void TcpSegmentDescriptor::set_retransmit_flag()
{
if ( PacketTracer::is_active() )
uint32_t init_mss(uint16_t* value);
uint32_t init_wscale(uint16_t* value);
- bool has_wscale();
void set_retransmit_flag();
snort::Flow* get_flow() const
int TcpSession::process(Packet* p)
{
- Profile profile(s5TcpPerfStats);
+ Profile profile(s5TcpPerfStats); // cppcheck-suppress unreadVariable
assert(flow->ssn_server && flow->pkt_type == PktType::TCP);
if ( ignore_this_packet(p) )
void flush_server(snort::Packet*) override;
void flush_talker(snort::Packet*, bool final_flush = false) override;
void flush_listener(snort::Packet*, bool final_flush = false) override;
+ // cppcheck-suppress virtualCallInConstructor
void clear_session(bool free_flow_data, bool flush_segments, bool restart, snort::Packet* p = nullptr) override;
void set_extra_data(snort::Packet*, uint32_t /*flag*/) override;
void update_perf_base_state(char new_state) override;
uint32_t paf_max = 16384;
int hs_timeout = -1;
- bool no_ack;
+ bool no_ack = false;
uint32_t embryonic_timeout = STREAM_DEFAULT_SSN_TIMEOUT;
- uint32_t idle_timeout;
+ uint32_t idle_timeout = 3600;
};
#endif
server.finalize_held_packet(f);
}
-uint8_t TcpStreamSession::get_reassembly_direction()
+uint8_t TcpStreamSession::get_reassembly_direction() const
{
uint8_t dir = SSN_DIR_NONE;
return dir;
}
-bool TcpStreamSession::is_sequenced(uint8_t dir)
+bool TcpStreamSession::is_sequenced(uint8_t dir) const
{
if ( dir & SSN_DIR_FROM_CLIENT )
{
/* This will falsely return SSN_MISSING_BEFORE on the first reassembled
* packet if reassembly for this direction was set mid-session */
-uint8_t TcpStreamSession::missing_in_reassembled(uint8_t dir)
+uint8_t TcpStreamSession::missing_in_reassembled(uint8_t dir) const
{
if ( dir & SSN_DIR_FROM_CLIENT )
{
return SSN_MISSING_NONE;
}
-bool TcpStreamSession::are_packets_missing(uint8_t dir)
+bool TcpStreamSession::are_packets_missing(uint8_t dir) const
{
if ( dir & SSN_DIR_FROM_CLIENT )
{
return false;
}
-bool TcpStreamSession::are_client_segments_queued()
+bool TcpStreamSession::are_client_segments_queued() const
{
return client.reassembler.is_segment_pending_flush();
}
void set_splitter(bool, snort::StreamSplitter*) override;
snort::StreamSplitter* get_splitter(bool) override;
- bool is_sequenced(uint8_t dir) override;
- bool are_packets_missing(uint8_t dir) override;
+ bool is_sequenced(uint8_t dir) const override;
+ bool are_packets_missing(uint8_t dir) const override;
void disable_reassembly(snort::Flow*) override;
- uint8_t get_reassembly_direction() override;
- uint8_t missing_in_reassembled(uint8_t dir) override;
- bool are_client_segments_queued() override;
+ uint8_t get_reassembly_direction() const override;
+ uint8_t missing_in_reassembled(uint8_t dir) const override;
+ bool are_client_segments_queued() const override;
bool add_alert(snort::Packet*, uint32_t gid, uint32_t sid) override;
bool check_alerted(snort::Packet*, uint32_t gid, uint32_t sid) override;
bool free_flow_data, bool flush_segments, bool restart, snort::Packet* p = nullptr) = 0;
virtual TcpStreamTracker::TcpState get_talker_state(TcpSegmentDescriptor&) = 0;
virtual TcpStreamTracker::TcpState get_listener_state(TcpSegmentDescriptor&) = 0;
- TcpStreamTracker::TcpState get_peer_state(TcpStreamTracker* me)
+ TcpStreamTracker::TcpState get_peer_state(const TcpStreamTracker* me)
{ return me == &client ? server.get_tcp_state() : client.get_tcp_state(); }
virtual void init_new_tcp_session(TcpSegmentDescriptor&);
uint32_t r_win_base = 0; // remote side window base sequence number (the last ack we got)
uint32_t small_seg_count = 0;
- uint32_t max_queue_seq_nxt; // next expected sequence once queue limit is exceeded
+ uint32_t max_queue_seq_nxt = 0; // next expected sequence once queue limit is exceeded
uint8_t max_queue_exceeded = MQ_NONE;
uint8_t order = 0;
FinSeqNumStatus fin_seq_status = TcpStreamTracker::FIN_NOT_SEEN;
void TcpSession::set_splitter(bool, StreamSplitter*){ }
StreamSplitter* TcpSession::get_splitter(bool){ return nullptr; }
void TcpSession::set_extra_data(Packet*, unsigned int){ }
-bool TcpSession::is_sequenced(unsigned char){ return true; }
-bool TcpSession::are_packets_missing(unsigned char){ return false; }
-uint8_t TcpSession::get_reassembly_direction(){ return 0; }
-uint8_t TcpSession::missing_in_reassembled(unsigned char){ return 0; }
+bool TcpSession::is_sequenced(unsigned char) const { return true; }
+bool TcpSession::are_packets_missing(unsigned char) const { return false; }
+uint8_t TcpSession::get_reassembly_direction() const { return 0; }
+uint8_t TcpSession::missing_in_reassembled(unsigned char) const { return 0; }
class TcpSessionMock : public TcpSession
{
{ nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr }
};
-StreamUdpModule::StreamUdpModule() :
- Module(MOD_NAME, MOD_HELP, s_params)
-{
- config = nullptr;
-}
+StreamUdpModule::StreamUdpModule() : Module(MOD_NAME, MOD_HELP, s_params)
+{ }
ProfileStats* StreamUdpModule::get_profile() const
{
#include "flow/session.h"
#include "framework/module.h"
+#include "stream_udp.h"
+
namespace snort
{
struct SnortConfig;
#define MOD_NAME "stream_udp"
#define MOD_HELP "stream inspector for UDP flow tracking"
-struct StreamUdpConfig;
-
class StreamUdpModule : public snort::Module
{
public:
StreamUdpModule();
+ ~StreamUdpModule() override
+ { delete config; }
bool set(const char*, snort::Value&, snort::SnortConfig*) override;
bool begin(const char*, int, snort::SnortConfig*) override;
bool end(const char*, int, snort::SnortConfig*) override;
{ return true; }
private:
- StreamUdpConfig* config;
+ StreamUdpConfig* config = nullptr;
};
#endif
int UdpSession::process(Packet* p)
{
- Profile profile(udp_perf_stats);
+ Profile profile(udp_perf_stats); // cppcheck-suppress unreadVariable
StreamUdpConfig* pc = get_udp_cfg(flow->ssn_server);
// Check if the session is expired.
unsigned UserSegment::avail()
{
- unsigned size = offset + len;
- return (BUCKET > size) ? BUCKET - size : 0;
+ unsigned tmp_size = offset + len;
+ return (BUCKET > tmp_size) ? BUCKET - tmp_size : 0;
}
void UserSegment::copy(const uint8_t* p, unsigned n)
int UserSession::process(Packet* p)
{
- Profile profile(user_perf_stats);
+ Profile profile(user_perf_stats); // cppcheck-suppress unreadVariable
if ( Stream::expired_flow(flow, p) )
{
uint32_t /*event_id*/, uint32_t /*event_second*/)
{ return 0; }
-uint8_t UserSession::get_reassembly_direction()
-{ return SSN_DIR_NONE; }
-
#include "flow/session.h"
#include "stream/paf.h"
+// cppcheck-suppress noConstructor
struct UserSegment
{
static UserSegment* init(const uint8_t*, unsigned);
int update_alert(
snort::Packet*, uint32_t gid, uint32_t sid, uint32_t event_id, uint32_t event_second) override;
- uint8_t get_reassembly_direction() override;
-
public:
UserTracker client;
UserTracker server;
};
template<typename Key, typename Value, typename Hash>
-class HostLruSegmentedCache : public SegmentedLruCache<Key, Value, Hash>
+class HostLruSegmentedCache : public SegmentedLruCache<Key, Value, Hash>
{
public:
HostLruSegmentedCache(const size_t initial_size, std::size_t seg_count = DEFAULT_SEGMENT_COUNT)
: SegmentedLruCache<Key, Value, Hash>(initial_size, seg_count)
- { }
+ { }
};
typedef HostLruSegmentedCache<snort::SfIp, HostAttributesDescriptor, HostAttributesCacheKey> HostAttributesSegmentedCache;
{
std::lock_guard<std::mutex> lck(host_attributes_lock);
- for ( auto& s : services)
+ auto it = std::find_if(services.begin(), services.end(),
+ [port, protocol](const HostServiceDescriptor& s){ return s.ipproto == protocol && s.port == port; });
+ if (it != services.cend())
{
- if ( s.ipproto == protocol && (uint16_t)s.port == port )
+ HostServiceDescriptor& s = *it;
+ if ( s.snort_protocol_id != snort_protocol_id )
{
- if ( s.snort_protocol_id != snort_protocol_id )
- {
- s.snort_protocol_id = snort_protocol_id;
- s.appid_service = is_appid_service;
- }
- updated = true;
- return true;
+ s.snort_protocol_id = snort_protocol_id;
+ s.appid_service = is_appid_service;
}
+ updated = true;
+ return true;
}
// service not found, add it
host_info->frag_policy = policies.fragPolicy;
host_info->stream_policy = policies.streamPolicy;
host_info->snort_protocol_id = UNKNOWN_PROTOCOL_ID;
- for ( auto& s : services )
- {
- if ( s.port == port )
- {
- host_info->snort_protocol_id = s.snort_protocol_id;
- return;
- }
- }
+ auto it = std::find_if(services.cbegin(), services.cend(),
+ [port](const HostServiceDescriptor &s){ return s.port == port; });
+ if (it != services.cend())
+ host_info->snort_protocol_id = (*it).snort_protocol_id;
}
bool HostAttributesManager::load_hosts_file(snort::SnortConfig* sc, const char* fname)
{
{
if ( active_cache )
{
- LruCacheSharedStats* cache_stats = (LruCacheSharedStats*) active_cache->get_counts();
+ const LruCacheSharedStats* cache_stats = (const LruCacheSharedStats*) active_cache->get_counts();
host_attribute_stats.hosts_pruned = cache_stats->alloc_prunes;
host_attribute_stats.total_hosts = active_cache->size();
}
Stopwatch<Clock> sw;
Clock::reset();
- REQUIRE_FALSE( sw.active() );
+ REQUIRE( false == sw.active() );
REQUIRE( (sw.get() == 0_ticks) );
SECTION( "start" )
SECTION( "sets clock to active" )
{
- CHECK( sw.active() );
+ CHECK( true == sw.active() );
}
SECTION( "running elapsed time should be non-zero" )
SECTION( "start on running clock has no effect" )
{
sw.start();
- CHECK( sw.active() );
+ CHECK( true == sw.active() );
}
}
SECTION( "sets clock to be dead" )
{
- CHECK_FALSE( sw.active() );
+ CHECK( false == sw.active() );
}
SECTION( "ticks should not increase after death" )
auto val = sw.get();
sw.stop();
Clock::inc();
- CHECK_FALSE( sw.active() );
+ CHECK( false == sw.active() );
CHECK( val == sw.get() );
}
}
SECTION( "reset on running clock" )
{
sw.reset();
- CHECK_FALSE( sw.active() );
+ CHECK( false == sw.active() );
CHECK( (sw.get() == 0_ticks) );
}
{
sw.stop();
sw.reset();
- CHECK_FALSE( sw.active() );
+ CHECK( false == sw.active() );
CHECK( (sw.get() == 0_ticks) );
}
}
SECTION( "cancel on running clock that has no lap time" )
{
sw.cancel();
- CHECK_FALSE( sw.active() );
+ CHECK( false == sw.active() );
CHECK( (sw.get() == 0_ticks) );
}
auto val = sw.get();
sw.cancel();
- CHECK_FALSE( sw.active() );
+ CHECK( false == sw.active() );
CHECK( val == sw.get() );
}
}
#include "catch/catch.hpp"
-Module::Module(const char* s, const char* h) : name(s), help(h)
+Module::Module(const char* s, const char* h) : name(s), help(h), params(nullptr), list(false)
{}
-Module::Module(const char*, const char*, const Parameter*, bool)
+Module::Module(const char* s, const char* h, const Parameter* p, bool l) : name(s), help(h), params(p), list(l)
{}
PegCount Module::get_global_count(char const*) const { return 0; }
void Module::show_interval_stats(std::vector<unsigned int, std::allocator<unsigned int> >&, FILE*) {}
bool result = trace.set(DEFAULT_TRACE_OPTION_NAME, DEFAULT_TRACE_LOG_LEVEL);
CHECK(result == true);
- CHECK(trace.enabled(DEFAULT_TRACE_OPTION_ID));
+ CHECK(true == trace.enabled(DEFAULT_TRACE_OPTION_ID));
}
TEST_CASE("multiple options", "[Trace]")
bool result = trace.set("option1", DEFAULT_TRACE_LOG_LEVEL);
CHECK(result == true);
- CHECK(trace.enabled(TEST_TRACE_OPTION1));
+ CHECK(true == trace.enabled(TEST_TRACE_OPTION1));
result = trace.set("option2", DEFAULT_TRACE_LOG_LEVEL);
CHECK(result == true);
- CHECK(trace.enabled(TEST_TRACE_OPTION1));
- CHECK(trace.enabled(TEST_TRACE_OPTION2));
+ CHECK(true == trace.enabled(TEST_TRACE_OPTION1));
+ CHECK(true == trace.enabled(TEST_TRACE_OPTION2));
result = trace.set("option3", DEFAULT_TRACE_LOG_LEVEL);
CHECK(result == true);
- CHECK(trace.enabled(TEST_TRACE_OPTION1));
- CHECK(trace.enabled(TEST_TRACE_OPTION2));
- CHECK(trace.enabled(TEST_TRACE_OPTION3));
+ CHECK(true == trace.enabled(TEST_TRACE_OPTION1));
+ CHECK(true == trace.enabled(TEST_TRACE_OPTION2));
+ CHECK(true == trace.enabled(TEST_TRACE_OPTION3));
result = trace.set("option4", DEFAULT_TRACE_LOG_LEVEL);
CHECK(result == true);
- CHECK(trace.enabled(TEST_TRACE_OPTION1));
- CHECK(trace.enabled(TEST_TRACE_OPTION2));
- CHECK(trace.enabled(TEST_TRACE_OPTION3));
- CHECK(trace.enabled(TEST_TRACE_OPTION4));
+ CHECK(true == trace.enabled(TEST_TRACE_OPTION1));
+ CHECK(true == trace.enabled(TEST_TRACE_OPTION2));
+ CHECK(true == trace.enabled(TEST_TRACE_OPTION3));
+ CHECK(true == trace.enabled(TEST_TRACE_OPTION4));
}
TEST_CASE("invalid option", "[Trace]")
enum { OPT_1, OPT_2 };
-static const TraceOption trace_options[] =
+static const TraceOption s_trace_options[] =
{
{ "option1", OPT_1, "test option 1" },
{ "option2", OPT_2, "test option 2" },
public:
Module1() : Module("mod_1", "testing trace parser module 1") { }
void set_trace(const Trace* t) const override { m1_trace = t; }
- const TraceOption* get_trace_options() const override { return trace_options; }
+ const TraceOption* get_trace_options() const override { return s_trace_options; }
};
public:
Module2() : Module("mod_2", "testing trace parser module 2") { }
void set_trace(const Trace* t) const override { m2_trace = t; }
- const TraceOption* get_trace_options() const override { return trace_options; }
+ const TraceOption* get_trace_options() const override { return s_trace_options; }
};
SECTION("invalid module")
{
MODULE_OPTION(all, 10);
- CHECK(!tp.set_traces("invalid_module", all));
+ CHECK(false == tp.set_traces("invalid_module", all));
}
SECTION("invalid option")
{
MODULE_OPTION(invalid_option, 10);
- CHECK(!tp.set_traces("mod_1", invalid_option));
+ CHECK(false == tp.set_traces("mod_1", invalid_option));
}
SECTION("unset")
REQUIRE(m1_trace != nullptr);
REQUIRE(m2_trace != nullptr);
- CHECK(!m1_trace->enabled(OPT_1));
- CHECK(!m1_trace->enabled(OPT_2));
- CHECK(!m2_trace->enabled(OPT_1));
- CHECK(!m2_trace->enabled(OPT_2));
+ CHECK(false == m1_trace->enabled(OPT_1));
+ CHECK(false == m1_trace->enabled(OPT_2));
+ CHECK(false == m2_trace->enabled(OPT_1));
+ CHECK(false == m2_trace->enabled(OPT_2));
}
SECTION("all modules")
{
MODULE_OPTION(all, 3);
- CHECK(tp.set_traces("all", all));
+ CHECK(true == tp.set_traces("all", all));
REQUIRE(m1_trace != nullptr);
REQUIRE(m2_trace != nullptr);
- CHECK(m1_trace->enabled(OPT_1, 3));
- CHECK(m1_trace->enabled(OPT_2, 3));
- CHECK(m2_trace->enabled(OPT_1, 3));
- CHECK(m2_trace->enabled(OPT_2, 3));
+ CHECK(true == m1_trace->enabled(OPT_1, 3));
+ CHECK(true == m1_trace->enabled(OPT_2, 3));
+ CHECK(true == m2_trace->enabled(OPT_1, 3));
+ CHECK(true == m2_trace->enabled(OPT_2, 3));
- CHECK(!m1_trace->enabled(OPT_1, 4));
- CHECK(!m1_trace->enabled(OPT_2, 4));
- CHECK(!m2_trace->enabled(OPT_1, 4));
- CHECK(!m2_trace->enabled(OPT_2, 4));
+ CHECK(false == m1_trace->enabled(OPT_1, 4));
+ CHECK(false == m1_trace->enabled(OPT_2, 4));
+ CHECK(false == m2_trace->enabled(OPT_1, 4));
+ CHECK(false == m2_trace->enabled(OPT_2, 4));
}
SECTION("module all")
{
MODULE_OPTION(all, 3);
- CHECK(tp.set_traces("mod_1", all));
+ CHECK(true == tp.set_traces("mod_1", all));
REQUIRE(m1_trace != nullptr);
REQUIRE(m2_trace != nullptr);
- CHECK(m1_trace->enabled(OPT_1, 3));
- CHECK(m1_trace->enabled(OPT_2, 3));
- CHECK(!m2_trace->enabled(OPT_1, 3));
- CHECK(!m2_trace->enabled(OPT_2, 3));
+ CHECK(true == m1_trace->enabled(OPT_1, 3));
+ CHECK(true == m1_trace->enabled(OPT_2, 3));
+ CHECK(false == m2_trace->enabled(OPT_1, 3));
+ CHECK(false == m2_trace->enabled(OPT_2, 3));
}
SECTION("options")
{
MODULE_OPTION(option1, 1);
MODULE_OPTION(option2, 5);
- CHECK(tp.set_traces("mod_1", option1));
- CHECK(tp.set_traces("mod_1", option2));
- CHECK(tp.set_traces("mod_2", option1));
- CHECK(tp.set_traces("mod_2", option2));
+ CHECK(true == tp.set_traces("mod_1", option1));
+ CHECK(true == tp.set_traces("mod_1", option2));
+ CHECK(true == tp.set_traces("mod_2", option1));
+ CHECK(true == tp.set_traces("mod_2", option2));
REQUIRE(m1_trace != nullptr);
REQUIRE(m2_trace != nullptr);
- CHECK(m1_trace->enabled(OPT_1, 1));
- CHECK(m1_trace->enabled(OPT_2, 1));
- CHECK(m2_trace->enabled(OPT_1, 1));
- CHECK(m2_trace->enabled(OPT_2, 1));
+ CHECK(true == m1_trace->enabled(OPT_1, 1));
+ CHECK(true == m1_trace->enabled(OPT_2, 1));
+ CHECK(true == m2_trace->enabled(OPT_1, 1));
+ CHECK(true == m2_trace->enabled(OPT_2, 1));
- CHECK(!m1_trace->enabled(OPT_1, 5));
- CHECK(m1_trace->enabled(OPT_2, 5));
- CHECK(!m2_trace->enabled(OPT_1, 5));
- CHECK(m2_trace->enabled(OPT_2, 5));
+ CHECK(false == m1_trace->enabled(OPT_1, 5));
+ CHECK(true == m1_trace->enabled(OPT_2, 5));
+ CHECK(false == m2_trace->enabled(OPT_1, 5));
+ CHECK(true == m2_trace->enabled(OPT_2, 5));
}
SECTION("override all modules")
MODULE_OPTION(option1, 1);
MODULE_OPTION(option2, 2);
MODULE_OPTION(all, 3);
- CHECK(tp.set_traces("mod_1", option1));
- CHECK(tp.set_traces("mod_2", option2));
- CHECK(tp.set_traces("all", all));
+ CHECK(true == tp.set_traces("mod_1", option1));
+ CHECK(true == tp.set_traces("mod_2", option2));
+ CHECK(true == tp.set_traces("all", all));
REQUIRE(m1_trace != nullptr);
REQUIRE(m2_trace != nullptr);
- CHECK(m1_trace->enabled(OPT_1, 1));
- CHECK(m1_trace->enabled(OPT_2, 1));
- CHECK(m2_trace->enabled(OPT_1, 1));
- CHECK(m2_trace->enabled(OPT_2, 1));
+ CHECK(true == m1_trace->enabled(OPT_1, 1));
+ CHECK(true == m1_trace->enabled(OPT_2, 1));
+ CHECK(true == m2_trace->enabled(OPT_1, 1));
+ CHECK(true == m2_trace->enabled(OPT_2, 1));
- CHECK(!m1_trace->enabled(OPT_1, 2));
- CHECK(m1_trace->enabled(OPT_2, 2));
- CHECK(m2_trace->enabled(OPT_1, 2));
- CHECK(m2_trace->enabled(OPT_2, 2));
+ CHECK(false == m1_trace->enabled(OPT_1, 2));
+ CHECK(true == m1_trace->enabled(OPT_2, 2));
+ CHECK(true == m2_trace->enabled(OPT_1, 2));
+ CHECK(true == m2_trace->enabled(OPT_2, 2));
- CHECK(!m1_trace->enabled(OPT_1, 3));
- CHECK(m1_trace->enabled(OPT_2, 3));
- CHECK(m2_trace->enabled(OPT_1, 3));
- CHECK(!m2_trace->enabled(OPT_2, 3));
+ CHECK(false == m1_trace->enabled(OPT_1, 3));
+ CHECK(true == m1_trace->enabled(OPT_2, 3));
+ CHECK(true == m2_trace->enabled(OPT_1, 3));
+ CHECK(false == m2_trace->enabled(OPT_2, 3));
}
auto sc = SnortConfig::get_conf();
const PacketConstraints exp = { IpProtocol::TCP, 0, 0,
SfIp(), SfIp(), PacketConstraints::IP_PROTO };
- CHECK(tp.set_constraints(ip_proto));
+ CHECK(true == tp.set_constraints(ip_proto));
tp.finalize_constraints();
REQUIRE(tc.constraints != nullptr);
const PacketConstraints exp = { IpProtocol::PROTO_NOT_SET, 0, 0,
SfIp(&exp_ip, AF_INET), SfIp(), PacketConstraints::SRC_IP };
- CHECK(tp.set_constraints(src_ip));
+ CHECK(true == tp.set_constraints(src_ip));
tp.finalize_constraints();
REQUIRE(tc.constraints != nullptr);
SECTION("invalid src_ip")
{
ADDR_OPTION(src_ip, "10.1.2.300");
- CHECK(!tp.set_constraints(src_ip));
+ CHECK(false == tp.set_constraints(src_ip));
}
SECTION("src_port")
SfIp(), SfIp(), PacketConstraints::SRC_PORT };
PORT_OPTION(src_port, 100);
- CHECK(tp.set_constraints(src_port));
+ CHECK(true == tp.set_constraints(src_port));
tp.finalize_constraints();
REQUIRE(tc.constraints != nullptr);
const PacketConstraints exp = { IpProtocol::PROTO_NOT_SET, 0, 0,
SfIp(), SfIp(&exp_ip, AF_INET), PacketConstraints::DST_IP };
- CHECK(tp.set_constraints(dst_ip));
+ CHECK(true == tp.set_constraints(dst_ip));
tp.finalize_constraints();
REQUIRE(tc.constraints != nullptr);
SECTION("invalid dst_ip")
{
ADDR_OPTION(dst_ip, "10.300.2.1");
- CHECK(!tp.set_constraints(dst_ip));
+ CHECK(false == tp.set_constraints(dst_ip));
}
SECTION("dst_port")
const PacketConstraints exp = { IpProtocol::PROTO_NOT_SET, 0, 200,
SfIp(), SfIp(), PacketConstraints::DST_PORT };
- CHECK(tp.set_constraints(dst_port));
+ CHECK(true == tp.set_constraints(dst_port));
tp.finalize_constraints();
REQUIRE(tc.constraints != nullptr);
SECTION("invalid option")
{
CONFIG_OPTION(invalid_option, (uint64_t)5, Parameter::PT_INT, "0:8");
- CHECK(!tp.set_constraints(invalid_option));
+ CHECK(false == tp.set_constraints(invalid_option));
}
}
int type = 0;
const unsigned char* P = (unsigned char*)key;
- std::string xkey;
+ std::string xkey; // cppcheck-suppress variableScope
if ( km->nocase )
{
{
assert(n > 0);
- std::string xkey;
+ std::string xkey; // cppcheck-suppress variableScope
const unsigned char* T = (unsigned char*)key;
if ( ks->nocase )
T = (const unsigned char*)xkey.c_str();
}
+
//printf("finding key='%.*s'\n",n,T);
/* Check if any keywords start with this character */
PrimedAllocator() noexcept
{ state = new State; }
- PrimedAllocator(const PrimedAllocator& other) noexcept
+ // cppcheck-suppress copyCtorPointerCopying
+ PrimedAllocator(const PrimedAllocator& other) noexcept : state(other.state)
{
- state = other.state;
state->ref_count++;
}
{
bool head = false;
- for ( auto& i : peg_idxs)
+ for ( const auto& i : peg_idxs)
head = show_stat(head, pegs[i], info[i].name, module_name, fh);
}
const char* ostreambuf_infl::take_data()
{
- auto data = pbase();
+ auto d = pbase();
setp(nullptr, nullptr);
gen.s = states[0].s;
gen.n = states[0].n;
- return data;
+ return d;
}
const char* ostreambuf_infl::take_data(streamsize& n)
{
- auto data = pbase();
+ auto d = pbase();
- n = pptr() - data;
+ n = pptr() - d;
setp(nullptr, nullptr);
gen.s = states[0].s;
gen.n = states[0].n;
- return data;
+ return d;
}
streambuf* ostreambuf_infl::setbuf(char* s, streamsize n)
return n;
}
-// cppcheck-suppress unusedFunction
streamsize ostreambuf_infl::xsgetn(char* s, streamsize n)
{
assert(n >= 0);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
CHECK(c == EOF);
- CHECK(avail_1 == -1);
- CHECK(avail_2 == -1);
- CHECK(off_b == -1);
- CHECK(off_c == -1);
- CHECK(off_e == -1);
+ CHECK((avail_1 == -1));
+ CHECK((avail_2 == -1));
+ CHECK((off_b == -1));
+ CHECK((off_c == -1));
+ CHECK((off_e == -1));
}
SECTION("get char")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(c == 'E');
- CHECK(avail_1 == len);
- CHECK(avail_2 == len);
+ CHECK((c == 'E'));
+ CHECK((avail_1 == len));
+ CHECK((avail_2 == len));
CHECK(off_b == 0);
CHECK(off_c == 0);
- CHECK(off_e == len);
+ CHECK((off_e == len));
}
SECTION("get char and bump")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(c == 'E');
- CHECK(avail_1 == len);
- CHECK(avail_2 == len - 1);
+ CHECK((c == 'E'));
+ CHECK((avail_1 == len));
+ CHECK((avail_2 == (len - 1)));
CHECK(off_b == 0);
CHECK(off_c == 1);
- CHECK(off_e == len);
+ CHECK((off_e == len));
}
SECTION("advance and get char")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(c == 'a');
- CHECK(avail_1 == len);
- CHECK(avail_2 == len - 1);
+ CHECK((c == 'a'));
+ CHECK((avail_1 == len));
+ CHECK((avail_2 == (len - 1)));
CHECK(off_b == 0);
CHECK(off_c == 1);
- CHECK(off_e == len);
+ CHECK((off_e == len));
}
SECTION("get chars")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(nread_1 == 10);
- CHECK(nread_2 == 10);
- CHECK(avail_1 == len);
- CHECK(avail_2 == len - 10);
- CHECK(avail_3 == len - 20);
+ CHECK((nread_1 == 10));
+ CHECK((nread_2 == 10));
+ CHECK((avail_1 == len));
+ CHECK((avail_2 == (len - 10)));
+ CHECK((avail_3 == (len - 20)));
CHECK(off_b == 0);
- CHECK(off_c == 20);
- CHECK(off_e == len);
+ CHECK((off_c == 20));
+ CHECK((off_e == len));
CHECK(!memcmp(exp, act, 20));
}
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(nread_1 == 10);
- CHECK(nread_2 == 10);
- CHECK(nread_3 == 3);
- CHECK(avail_1 == len);
- CHECK(avail_2 == len - 10);
- CHECK(avail_3 == len - 20);
+ CHECK((nread_1 == 10));
+ CHECK((nread_2 == 10));
+ CHECK((nread_3 == 3));
+ CHECK((avail_1 == len));
+ CHECK((avail_2 == (len - 10)));
+ CHECK((avail_3 == (len - 20)));
CHECK(avail_4 == 0);
CHECK(off_b == 0);
- CHECK(off_c == 23);
- CHECK(off_e == len);
+ CHECK((off_c == 23));
+ CHECK((off_e == len));
CHECK(!memcmp(exp, act, len));
}
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(c == 'y');
- CHECK(avail_1 == len - 5);
- CHECK(avail_2 == len - 4);
- CHECK(off_o == 5);
+ CHECK((c == 'y'));
+ CHECK((avail_1 == (len - 5)));
+ CHECK((avail_2 == (len - 4)));
+ CHECK((off_o == 5));
CHECK(off_b == 0);
- CHECK(off_c == 4);
- CHECK(off_e == len);
+ CHECK((off_c == 4));
+ CHECK((off_e == len));
}
SECTION("put another char back")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(c1 == -1);
- CHECK(c2 == 'y');
- CHECK(avail_1 == len - 5);
- CHECK(avail_2 == len - 4);
- CHECK(off_o == 5);
+ CHECK((c1 == -1));
+ CHECK((c2 == 'y'));
+ CHECK((avail_1 == (len - 5)));
+ CHECK((avail_2 == (len - 4)));
+ CHECK((off_o == 5));
CHECK(off_b == 0);
- CHECK(off_c == 4);
- CHECK(off_e == len);
+ CHECK((off_c == 4));
+ CHECK((off_e == len));
}
}
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(c == 'E');
+ CHECK((c == 'E'));
CHECK(avail_1 == dat1_len);
CHECK(avail_2 == dat1_len);
CHECK(off_b == 0);
CHECK(off_c == 0);
- CHECK(off_e == len);
+ CHECK((off_e == len));
}
SECTION("get char and bump")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(c == 'E');
+ CHECK((c == 'E'));
CHECK(avail_1 == dat1_len);
CHECK(avail_2 == dat1_len - 1);
CHECK(off_b == 0);
CHECK(off_c == 1);
- CHECK(off_e == len);
+ CHECK((off_e == len));
}
SECTION("advance and get char")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(c == 'a');
+ CHECK((c == 'a'));
CHECK(avail_1 == dat1_len);
CHECK(avail_2 == dat1_len - 1);
CHECK(off_b == 0);
CHECK(off_c == 1);
- CHECK(off_e == len);
+ CHECK((off_e == len));
}
SECTION("get chars")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(nread_1 == 10);
- CHECK(nread_2 == 10);
+ CHECK((nread_1 == 10));
+ CHECK((nread_2 == 10));
CHECK(avail_1 == dat1_len);
- CHECK(avail_2 == len - 10);
- CHECK(avail_3 == len - 20);
+ CHECK((avail_2 == (len - 10)));
+ CHECK((avail_3 == (len - 20)));
CHECK(off_b == 0);
- CHECK(off_c == 20);
- CHECK(off_e == len);
+ CHECK((off_c == 20));
+ CHECK((off_e == len));
CHECK(!memcmp(exp, act, 20));
}
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(nread_1 == 10);
- CHECK(nread_2 == 10);
- CHECK(nread_3 == 3);
+ CHECK((nread_1 == 10));
+ CHECK((nread_2 == 10));
+ CHECK((nread_3 == 3));
CHECK(avail_1 == dat1_len);
- CHECK(avail_2 == len - 10);
- CHECK(avail_3 == len - 20);
+ CHECK((avail_2 == (len - 10)));
+ CHECK((avail_3 == (len - 20)));
CHECK(avail_4 == 0);
CHECK(off_b == 0);
- CHECK(off_c == 23);
- CHECK(off_e == len);
+ CHECK((off_c == 23));
+ CHECK((off_e == len));
CHECK(!memcmp(exp, act, len));
}
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(c == 'y');
+ CHECK((c == 'y'));
CHECK(avail_1 == dat1_len - 5);
CHECK(avail_2 == dat1_len - 4);
- CHECK(off_o == 5);
+ CHECK((off_o == 5));
CHECK(off_b == 0);
- CHECK(off_c == 4);
- CHECK(off_e == len);
+ CHECK((off_c == 4));
+ CHECK((off_e == len));
}
SECTION("put another char back")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(c1 == -1);
- CHECK(c2 == 'y');
+ CHECK((c1 == -1));
+ CHECK((c2 == 'y'));
CHECK(avail_1 == dat1_len - 5);
CHECK(avail_2 == dat1_len - 4);
- CHECK(off_o == 5);
+ CHECK((off_o == 5));
CHECK(off_b == 0);
- CHECK(off_c == 4);
- CHECK(off_e == len);
+ CHECK((off_c == 4));
+ CHECK((off_e == len));
}
}
{
const char* exp = "Early bird gets a corn.";
const int len = strlen(exp);
- char dat[] = "Early bird gets a corn.";
+ char dat[] = "Early bird gets a corn."; // cppcheck-suppress variableScope
char dat1[] = "Early ";
char dat2[] = "bird ";
char dat3[] = "gets ";
int r1 = b1.pubsync();
int r2 = b2.pubsync();
- CHECK(r1 == -1);
- CHECK(r2 == -1);
+ CHECK((r1 == -1));
+ CHECK((r2 == -1));
}
SECTION("chain of buffers")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::in);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(off_b == -1);
- CHECK(off_c == -1);
- CHECK(off_e == -1);
+ CHECK((off_b == -1));
+ CHECK((off_c == -1));
+ CHECK((off_e == -1));
}
SECTION("wrong argument")
int off_e = b.pubseekoff(0, ios_base::end, ios_base::out);
int off_a = b.pubseekoff(0, static_cast<std::ios_base::seekdir>(0x5a5a), ios_base::in);
- CHECK(off_b == -1);
- CHECK(off_c == -1);
- CHECK(off_e == -1);
- CHECK(off_a == -1);
+ CHECK((off_b == -1));
+ CHECK((off_c == -1));
+ CHECK((off_e == -1));
+ CHECK((off_a == -1));
}
SECTION("begin")
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 + len + len, ios_base::beg, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0, ios_base::beg, ios_base::in);
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 + len1d3, ios_base::beg, ios_base::in);
- CHECK(off == len1d3);
+ CHECK((off == len1d3));
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 + len2d3, ios_base::beg, ios_base::in);
- CHECK(off == len2d3);
+ CHECK((off == len2d3));
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 + len - 1, ios_base::beg, ios_base::in);
- CHECK(off == len - 1);
+ CHECK((off == (len - 1)));
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 + len, ios_base::beg, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
}
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 + len + len, ios_base::end, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 - 1, ios_base::end, ios_base::in);
- CHECK(off == len - 1);
+ CHECK((off == (len - 1)));
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 + 1, ios_base::end, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 - len1d3, ios_base::end, ios_base::in);
- CHECK(off == len2d3);
+ CHECK((off == len2d3));
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 - len2d3, ios_base::end, ios_base::in);
- CHECK(off == len1d3);
+ CHECK((off == len1d3));
EXP_AVAIL1(b, exp, len, off);
off = b.pubseekoff(0 - len + 1, ios_base::end, ios_base::in);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len + len, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0, ios_base::cur, ios_base::in);
- CHECK(off == len1d3);
+ CHECK((off == len1d3));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 - 1, ios_base::cur, ios_base::in);
- CHECK(off == len1d3 - 1);
+ CHECK((off == (len1d3 - 1)));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + 1, ios_base::cur, ios_base::in);
- CHECK(off == len1d3 + 1);
+ CHECK((off == (len1d3 + 1)));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len1d3, ios_base::cur, ios_base::in);
- CHECK(off == len1d3 + len1d3);
+ CHECK((off == (len1d3 + len1d3)));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len2d3, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
}
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len + len, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0, ios_base::cur, ios_base::in);
- CHECK(off == len2d3);
+ CHECK((off == len2d3));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 - 1, ios_base::cur, ios_base::in);
- CHECK(off == len2d3 - 1);
+ CHECK((off == (len2d3 - 1)));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + 1, ios_base::cur, ios_base::in);
- CHECK(off == len2d3 + 1);
+ CHECK((off == (len2d3 + 1)));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len1d3, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len2d3, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL1(b, exp, len, off);
}
}
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::out);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::out);
- CHECK(off_b == -1);
- CHECK(off_c == -1);
- CHECK(off_e == -1);
+ CHECK((off_b == -1));
+ CHECK((off_c == -1));
+ CHECK((off_e == -1));
}
SECTION("begin")
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 + len + len, ios_base::beg, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0, ios_base::beg, ios_base::in);
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 + len1d3, ios_base::beg, ios_base::in);
- CHECK(off == len1d3);
+ CHECK((off == len1d3));
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 + len2d3, ios_base::beg, ios_base::in);
- CHECK(off == len2d3);
+ CHECK((off == len2d3));
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 + len - 1, ios_base::beg, ios_base::in);
- CHECK(off == len - 1);
+ CHECK((off == (len - 1)));
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 + len, ios_base::beg, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
}
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 + len + len, ios_base::end, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0, ios_base::end, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 - 1, ios_base::end, ios_base::in);
- CHECK(off == len - 1);
+ CHECK((off == (len - 1)));
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 + 1, ios_base::end, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 - len1d3, ios_base::end, ios_base::in);
- CHECK(off == len2d3);
+ CHECK((off == len2d3));
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 - len2d3, ios_base::end, ios_base::in);
- CHECK(off == len1d3);
+ CHECK((off == len1d3));
EXP_AVAIL2(b, exp, len, off, dat1_len);
off = b.pubseekoff(0 - len + 1, ios_base::end, ios_base::in);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len + len, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0, ios_base::cur, ios_base::in);
- CHECK(off == len1d3);
+ CHECK((off == len1d3));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 - 1, ios_base::cur, ios_base::in);
- CHECK(off == len1d3 - 1);
+ CHECK((off == (len1d3 - 1)));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + 1, ios_base::cur, ios_base::in);
- CHECK(off == len1d3 + 1);
+ CHECK((off == (len1d3 + 1)));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len1d3, ios_base::cur, ios_base::in);
- CHECK(off == len1d3 + len1d3);
+ CHECK((off == (len1d3 + len1d3)));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len2d3, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len1d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
}
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len + len, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0, ios_base::cur, ios_base::in);
- CHECK(off == len2d3);
+ CHECK((off == len2d3));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 - 1, ios_base::cur, ios_base::in);
- CHECK(off == len2d3 - 1);
+ CHECK((off == (len2d3 - 1)));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + 1, ios_base::cur, ios_base::in);
- CHECK(off == len2d3 + 1);
+ CHECK((off == (len2d3 + 1)));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len1d3, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len2d3, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
b.pubseekoff(len2d3, ios_base::beg, ios_base::in);
off = b.pubseekoff(0 + len, ios_base::cur, ios_base::in);
- CHECK(off == len);
+ CHECK((off == len));
EXP_AVAIL2(b, exp, len, off, dat1_len);
}
}
int pos_b = b.pubseekpos(0, ios_base::in);
int pos_e = b.pubseekpos(len, ios_base::in);
- CHECK(pos_b == -1);
- CHECK(pos_c == -1);
- CHECK(pos_e == -1);
+ CHECK((pos_b == -1));
+ CHECK((pos_c == -1));
+ CHECK((pos_e == -1));
}
SECTION("wrong buffer")
int pos_b = b.pubseekpos(0, ios_base::out);
int pos_e = b.pubseekpos(len, ios_base::out);
- CHECK(pos_b == -1);
- CHECK(pos_c == -1);
- CHECK(pos_e == -1);
+ CHECK((pos_b == -1));
+ CHECK((pos_c == -1));
+ CHECK((pos_e == -1));
}
SECTION("out of range")
EXP_AVAIL1(b, exp, len, pos);
pos = b.pubseekpos(len + len, ios_base::in);
- CHECK(pos == len);
+ CHECK((pos == len));
EXP_AVAIL1(b, exp, len, pos);
}
EXP_AVAIL1(b, exp, len, pos);
pos = b.pubseekpos(len, ios_base::in);
- CHECK(pos == len);
+ CHECK((pos == len));
EXP_AVAIL1(b, exp, len, pos);
pos = b.pubseekpos(len - 1, ios_base::in);
- CHECK(pos == len - 1);
+ CHECK((pos == (len - 1)));
EXP_AVAIL1(b, exp, len, pos);
pos = b.pubseekpos(len + 1, ios_base::in);
- CHECK(pos == len);
+ CHECK((pos == len));
EXP_AVAIL1(b, exp, len, pos);
}
b.pubsetbuf(dat, len);
pos = b.pubseekpos(len1d3, ios_base::in);
- CHECK(pos == len1d3);
+ CHECK((pos == len1d3));
EXP_AVAIL1(b, exp, len, pos);
pos = b.pubseekpos(len2d3, ios_base::in);
- CHECK(pos == len2d3);
+ CHECK((pos == len2d3));
EXP_AVAIL1(b, exp, len, pos);
}
}
int pos_b = b.pubseekpos(0, ios_base::out);
int pos_e = b.pubseekpos(len, ios_base::out);
- CHECK(pos_b == -1);
- CHECK(pos_c == -1);
- CHECK(pos_e == -1);
+ CHECK((pos_b == -1));
+ CHECK((pos_c == -1));
+ CHECK((pos_e == -1));
}
SECTION("out of range")
EXP_AVAIL2(b, exp, len, pos, dat1_len);
pos = b.pubseekpos(len + len, ios_base::in);
- CHECK(pos == len);
+ CHECK((pos == len));
EXP_AVAIL2(b, exp, len, pos, dat1_len);
}
EXP_AVAIL2(b, exp, len, pos, dat1_len);
pos = b.pubseekpos(len, ios_base::in);
- CHECK(pos == len);
+ CHECK((pos == len));
EXP_AVAIL2(b, exp, len, pos, dat1_len);
pos = b.pubseekpos(len - 1, ios_base::in);
- CHECK(pos == len - 1);
+ CHECK((pos == (len - 1)));
EXP_AVAIL2(b, exp, len, pos, dat1_len);
pos = b.pubseekpos(len + 1, ios_base::in);
- CHECK(pos == len);
+ CHECK((pos == len));
EXP_AVAIL2(b, exp, len, pos, dat1_len);
}
b.pubsetbuf(dat1, dat1_len)->pubsetbuf(dat2, dat2_len);
pos = b.pubseekpos(len1d3, ios_base::in);
- CHECK(pos == len1d3);
+ CHECK((pos == len1d3));
EXP_AVAIL2(b, exp, len, pos, dat1_len);
pos = b.pubseekpos(len2d3, ios_base::in);
- CHECK(pos == len2d3);
+ CHECK((pos == len2d3));
EXP_AVAIL2(b, exp, len, pos, dat1_len);
pos = b.pubseekpos(dat1_len, ios_base::in);
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::out);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::out);
- CHECK(c == 'A');
+ CHECK((c == 'A'));
CHECK(off_b == 0);
CHECK(off_c == 1);
- CHECK(off_e == 2048);
+ CHECK((off_e == 2048));
EXP_RES(b, exp, 1, 2048);
}
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::out);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::out);
- CHECK(c1 == 'A');
- CHECK(c2 == 'B');
+ CHECK((c1 == 'A'));
+ CHECK((c2 == 'B'));
CHECK(off_b == 0);
CHECK(off_1 == 1);
- CHECK(off_2 == 2);
- CHECK(off_e == 2048);
+ CHECK((off_2 == 2));
+ CHECK((off_e == 2048));
EXP_RES(b, exp, 2, 2048);
}
int off_2 = b.pubseekoff(0, ios_base::cur, ios_base::out);
int off_z = b.pubseekoff(0, ios_base::end, ios_base::out);
- CHECK(c1 == 'A');
- CHECK(c2 == 'Z');
+ CHECK((c1 == 'A'));
+ CHECK((c2 == 'Z'));
CHECK(off_b == 0);
CHECK(off_1 == 1);
- CHECK(off_2 == 2049);
- CHECK(off_e == 2048);
- CHECK(off_z == 6144);
+ CHECK((off_2 == 2049));
+ CHECK((off_e == 2048));
+ CHECK((off_z == 6144));
}
SECTION("put sequence of chars")
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::out);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::out);
- CHECK(n == len);
+ CHECK((n == len));
CHECK(off_b == 0);
- CHECK(off_c == len);
- CHECK(off_e == 4096);
+ CHECK((off_c == len));
+ CHECK((off_e == 4096));
EXP_RES(b, exp, len, 4096);
}
int off_b = b.pubseekoff(0, ios_base::beg, ios_base::out);
int off_e = b.pubseekoff(0, ios_base::end, ios_base::out);
- CHECK(n == len);
- CHECK(c1 == 'A');
- CHECK(c2 == 'Z');
+ CHECK((n == len));
+ CHECK((c1 == 'A'));
+ CHECK((c2 == 'Z'));
CHECK(off_b == 0);
- CHECK(off_c == len + 2);
- CHECK(off_e == 4096 + 2048);
+ CHECK((off_c == (len + 2)));
+ CHECK((off_e == (4096 + 2048)));
}
SECTION("get char sequence")
delete[] act_seq;
int new_off = b.pubseekoff(0, ios_base::cur, ios_base::out);
- CHECK(new_off == exp_len);
+ CHECK((new_off == exp_len));
}
SECTION("get char sequence from the end")
b.pubsetbuf(buf, exp_len);
int data_off = b.pubseekoff(exp_len, ios_base::beg, ios_base::out);
- CHECK(data_off == exp_len);
+ CHECK((data_off == exp_len));
char* act_seq = new char[exp_len];
memset(act_seq, '\0', exp_len);
delete[] act_seq;
int new_off = b.pubseekoff(0, ios_base::cur, ios_base::out);
- CHECK(new_off == exp_len);
+ CHECK((new_off == exp_len));
}
SECTION("get char sequence more than available")
delete[] act_seq;
int new_off = b.pubseekoff(0, ios_base::cur, ios_base::out);
- CHECK(new_off == exp_len);
+ CHECK((new_off == exp_len));
}
}
b.pubsetbuf(buf, dat1_len);
int r = b.pubsync();
- CHECK(r == -1);
+ CHECK((r == -1));
}
SECTION("changing buffer")
int pos_b = b.pubseekpos(0, ios_base::in);
int pos_e = b.pubseekpos(len, ios_base::in);
- CHECK(pos_b == -1);
- CHECK(pos_c == -1);
- CHECK(pos_e == -1);
+ CHECK((pos_b == -1));
+ CHECK((pos_c == -1));
+ CHECK((pos_e == -1));
}
SECTION("out of range")
b.sputn(exp, len);
pos = b.pubseekpos(len + len, ios_base::out);
- CHECK(pos == len);
+ CHECK((pos == len));
EXP_RES(b, exp, len, len);
}
pos = b.pubseekpos(0 + 1, ios_base::out);
CHECK(pos == 1);
pos = b.pubseekpos(len, ios_base::out);
- CHECK(pos == len);
+ CHECK((pos == len));
pos = b.pubseekpos(len - 1, ios_base::out);
- CHECK(pos == len - 1);
+ CHECK((pos == (len - 1)));
pos = b.pubseekpos(len + 1, ios_base::out);
- CHECK(pos == len);
+ CHECK((pos == len));
pos = b.pubseekpos(0, ios_base::out);
CHECK(pos == 0);
b.sputn(exp, len);
pos = b.pubseekpos(len1d3, ios_base::out);
- CHECK(pos == len1d3);
+ CHECK((pos == len1d3));
pos = b.pubseekpos(len2d3, ios_base::out);
- CHECK(pos == len2d3);
+ CHECK((pos == len2d3));
}
}
int off_e = b.pubseekoff(0, ios_base::end, ios_base::in);
int off_a = b.pubseekoff(0, static_cast<std::ios_base::seekdir>(0x5a5a), ios_base::out);
- CHECK(off_b == -1);
- CHECK(off_c == -1);
- CHECK(off_e == -1);
- CHECK(off_a == -1);
+ CHECK((off_b == -1));
+ CHECK((off_c == -1));
+ CHECK((off_e == -1));
+ CHECK((off_a == -1));
}
SECTION("begin")
CHECK(off == 0);
off = b.pubseekoff(0 + len + len, ios_base::beg, ios_base::out);
- CHECK(off == len);
+ CHECK((off == len));
off = b.pubseekoff(0 - 1, ios_base::beg, ios_base::out);
CHECK(off == 0);
CHECK(off == 1);
off = b.pubseekoff(0 + len1d3, ios_base::beg, ios_base::out);
- CHECK(off == len1d3);
+ CHECK((off == len1d3));
off = b.pubseekoff(0 + len2d3, ios_base::beg, ios_base::out);
- CHECK(off == len2d3);
+ CHECK((off == len2d3));
off = b.pubseekoff(0 + len - 1, ios_base::beg, ios_base::out);
- CHECK(off == len - 1);
+ CHECK((off == (len - 1)));
off = b.pubseekoff(0 + len, ios_base::beg, ios_base::out);
- CHECK(off == len);
+ CHECK((off == len));
off = b.pubseekoff(0, ios_base::beg, ios_base::out);
CHECK(off == 0);
CHECK(off == 0);
off = b.pubseekoff(0 + len + len, ios_base::end, ios_base::out);
- CHECK(off == len);
+ CHECK((off == len));
off = b.pubseekoff(0, ios_base::end, ios_base::out);
- CHECK(off == len);
+ CHECK((off == len));
off = b.pubseekoff(0 - 1, ios_base::end, ios_base::out);
- CHECK(off == len - 1);
+ CHECK((off == (len - 1)));
off = b.pubseekoff(0 + 1, ios_base::end, ios_base::out);
- CHECK(off == len);
+ CHECK((off == len));
off = b.pubseekoff(0 - len1d3, ios_base::end, ios_base::out);
- CHECK(off == len2d3);
+ CHECK((off == len2d3));
off = b.pubseekoff(0 - len2d3, ios_base::end, ios_base::out);
- CHECK(off == len1d3);
+ CHECK((off == len1d3));
off = b.pubseekoff(0 - len + 1, ios_base::end, ios_base::out);
CHECK(off == 1);
b.pubsetbuf(new char[len], len);
b.sputn(exp, len);
off = b.pubseekoff(- 1, ios_base::end, ios_base::out);
- CHECK(off == len - 1);
+ CHECK((off == (len - 1)));
b.sputn("!", 1);
off = b.pubseekoff(0, ios_base::end, ios_base::out);
- CHECK(off == len);
+ CHECK((off == len));
EXP_RES(b, exp_alt, len, len);
}
b.pubseekoff(len1d3, ios_base::beg, ios_base::out);
off = b.pubseekoff(0 + len + len, ios_base::cur, ios_base::out);
- CHECK(off == len);
+ CHECK((off == len));
b.pubseekoff(len1d3, ios_base::beg, ios_base::out);
off = b.pubseekoff(0, ios_base::cur, ios_base::out);
- CHECK(off == len1d3);
+ CHECK((off == len1d3));
b.pubseekoff(len1d3, ios_base::beg, ios_base::out);
off = b.pubseekoff(0 - 1, ios_base::cur, ios_base::out);
- CHECK(off == len1d3 - 1);
+ CHECK((off == (len1d3 - 1)));
b.pubseekoff(len1d3, ios_base::beg, ios_base::out);
off = b.pubseekoff(0 + 1, ios_base::cur, ios_base::out);
- CHECK(off == len1d3 + 1);
+ CHECK((off == (len1d3 + 1)));
b.pubseekoff(len1d3, ios_base::beg, ios_base::out);
off = b.pubseekoff(0 + len1d3, ios_base::cur, ios_base::out);
- CHECK(off == len1d3 + len1d3);
+ CHECK((off == (len1d3 + len1d3)));
b.pubseekoff(len1d3, ios_base::beg, ios_base::out);
off = b.pubseekoff(0 + len2d3, ios_base::cur, ios_base::out);
- CHECK(off == len);
+ CHECK((off == len));
b.pubseekoff(len1d3, ios_base::beg, ios_base::out);
off = b.pubseekoff(0 + len, ios_base::cur, ios_base::out);
- CHECK(off == len);
+ CHECK((off == len));
b.pubsetbuf(new char[len], len);
b.sputn(exp, len);
CHECK(off == len - off_alt);
b.sputn(ovr_alt, off_alt);
off = b.pubseekoff(0, ios_base::end, ios_base::out);
- CHECK(off == len);
+ CHECK((off == len));
EXP_RES(b, exp_alt, len, len);
}
}
return p;
}
-const uint8_t* snort_memrchr(const uint8_t* buf, char c, size_t len)
-{
-#ifdef HAVE_MEMRCHR
- return (const uint8_t*)memrchr(buf, c, len);
-#else
- size_t n = len;
- const uint8_t* tmp = buf;
- const uint8_t* ptr = nullptr;
-
- while ( n > 0 && (tmp = (const uint8_t*)memchr(tmp, c, n)) )
- {
- ptr = tmp++;
- n = len - (tmp - buf);
- }
-
- return ptr;
-#endif
-}
-
void ts_print(const struct timeval* tvp, char* timebuf, bool yyyymmdd)
{
struct timeval tv;
inline pid_t gettid()
{
#if defined(__linux__) && defined(SYS_gettid)
- return syscall(SYS_gettid);
+ return syscall(SYS_gettid); // cppcheck-suppress ConfigurationNotChecked
#else
return getpid();
#endif
SO_PUBLIC const char* get_error(int errnum);
SO_PUBLIC char* snort_strdup(const char*);
SO_PUBLIC char* snort_strndup(const char*, size_t);
-SO_PUBLIC const uint8_t* snort_memrchr(const uint8_t*, char, size_t);
SO_PUBLIC void ts_print(const struct timeval*, char*, bool yyyymmdd = false);
void uint8_to_printable_str(const uint8_t* buff, unsigned len, std::string& print_str);
}
struct JSNorm
{
- uint8_t state;
+ uint8_t state; // cppcheck-suppress unusedStructMember
uint8_t event;
uint8_t match;
uint8_t other;
if (s->unicode_map && (s->iNorm <= 0xffff))
{
s->iNorm = s->unicode_map[s->iNorm];
- if (s->iNorm == -1)
+ if (s->iNorm == -1) // cppcheck-suppress knownConditionTrueFalse
s->iNorm = NON_ASCII_CHAR;
}
else
if (s->unicode_map && (s->iNorm <= 0xffff))
{
s->iNorm = s->unicode_map[s->iNorm];
- if (s->iNorm == -1)
+ if (s->iNorm == -1) // cppcheck-suppress knownConditionTrueFalse
s->iNorm = NON_ASCII_CHAR;
}
else
}
};
#endif // HAVE_NUMA
-#endif // NUMA_UTILS_H
\ No newline at end of file
+#endif // NUMA_UTILS_H
using namespace snort;
-UtfDecodeSession::UtfDecodeSession()
-{
- init_decode_utf_state();
-}
-
-/* init a new decode_utf_state_t */
-void UtfDecodeSession::init_decode_utf_state()
-{
- dstate.state = DSTATE_FIRST;
- dstate.charset = CHARSET_DEFAULT;
- dstate.charset_src = CHARSET_SET_BY_GUESS;
-}
-
/* setters & getters */
void UtfDecodeSession::set_decode_utf_state_charset(CharsetCode charset, CharsetSrc src)
{
// state between subsequent calls.
struct decode_utf_state_t
{
- int state;
- CharsetCode charset;
- CharsetSrc charset_src;
+ int state = 0;
+ CharsetCode charset = CHARSET_DEFAULT;
+ CharsetSrc charset_src = CHARSET_SET_BY_GUESS;
};
namespace snort
class SO_PUBLIC UtfDecodeSession
{
public:
- UtfDecodeSession();
+ UtfDecodeSession() = default;
virtual ~UtfDecodeSession() = default;
- void init_decode_utf_state();
void set_decode_utf_state_charset(CharsetCode charset, CharsetSrc src = CHARSET_SET_BY_APP);
CharsetCode get_decode_utf_state_charset();
CharsetSrc get_decode_utf_charset_src();
// found an option without a colon, so set stream to semi-colon
std::streamoff off = 1 + (std::streamoff)(pos) + (std::streamoff)(semi_colon_pos);
stream.seekg(off);
- keyword = keyword.substr(0, semi_colon_pos);
+ keyword.resize(semi_colon_pos);
}
// now, lets get the next option.
Option(const std::string& name, std::string val, int depth);
virtual ~Option() = default;
- inline const std::string& get_name()
+ inline const std::string& get_name() const
{ return name; }
- inline const std::string& get_value()
+ inline const std::string& get_value() const
{ return value; }
void set_print_whitespace(bool w)
#include "helpers/s2l_util.h"
#include "data/data_types/dt_rule_option.h"
+#include <algorithm>
+
Rule::Rule() : num_hdr_data(0),
is_bad_rule(false),
is_comment(false), old_http_rule(false)
std::string Rule::get_option(const std::string& keyword)
{
- for (auto option : options)
- {
- if (option->get_name() == keyword)
- return option->get_value();
- }
- return std::string();
+ auto it = std::find_if(options.cbegin(), options.cend(),
+ [&keyword](const RuleOption* option){ return option->get_name() == keyword; });
+ return (it != options.cend()) ? (*it)->get_value() : std::string();
}
void Rule::update_option(const std::string& keyword, const std::string& val)
{
- for (auto option : options)
- {
- if (option->get_name() == keyword)
- {
- option->update_value(val);
- break;
- }
- }
+ auto it = std::find_if(options.begin(), options.end(),
+ [&keyword](const RuleOption* option){ return option->get_name() == keyword; });
+ if (it != options.end())
+ (*it)->update_value(val);
}
void Rule::add_suboption(const std::string& keyword)
out << " (";
first_line = true;
- for (auto* r : rule.options)
+ for (const auto* r : rule.options)
{
if (first_line)
first_line = false;
out << ':' << opt.value;
}
- for (RuleSubOption* rso : opt.sub_options)
+ for (const RuleSubOption* rso : opt.sub_options)
{
if (first_print)
first_print = false;
RuleOption(const std::string& name, const std::string& val);
virtual ~RuleOption();
- inline const std::string& get_name() { return name; }
- inline const std::string& get_value() { return value; }
+ inline const std::string& get_name() const { return name; }
+ inline const std::string& get_value() const { return value; }
inline void update_value(const std::string& new_value) { value = new_value; }
bool add_suboption(const std::string& name);
#include "data/data_types/dt_var.h"
#include "data/data_types/dt_comment.h"
+#include <algorithm>
+
static inline Table* find_table(std::vector<Table*> vec, const std::string& name)
{
- for ( auto* t : vec)
- if (name == t->get_name())
- return t;
-
- return nullptr;
+ auto it = std::find_if(vec.begin(), vec.end(), [&name](const Table* t){ return name == t->get_name(); });
+ return (it != vec.end()) ? *it : nullptr;
}
Table::Table(int d)
delete comments;
}
-bool Table::has_differences()
+bool Table::has_differences() const
{
if (!comments->empty())
return true;
- for (Table* t : tables)
- if (t->has_differences())
- return true;
-
- return false;
+ return std::any_of(tables.cbegin(), tables.cend(), [](const Table* t){ return t->has_differences(); });
}
Table* Table::open_table()
bool Table::add_list(const std::string& list_name, const std::string& next_elem)
{
- for (auto l : lists)
- if (l->get_name() == list_name)
- return l->add_value(next_elem);
+ auto it = std::find_if(lists.begin(), lists.end(),
+ [&list_name](const Variable* l){ return l->get_name() == list_name; });
+ if (it != lists.end())
+ return (*it)->add_value(next_elem);
Variable* var = new Variable(list_name, depth + 1);
lists.push_back(var);
bool Table::has_option(const std::string& opt_name)
{
- for (Option* o : options)
- if (opt_name == o->get_name())
- return true;
-
- for (Option* a : append_options)
- if (opt_name == a->get_name())
- return true;
+ if (std::any_of(options.cbegin(), options.cend(),
+ [&opt_name](const Option* o){ return opt_name == o->get_name(); }))
+ return true;
- return false;
+ return std::any_of(append_options.cbegin(), append_options.cend(),
+ [&opt_name](const Option* a){ return opt_name == a->get_name(); });
}
bool Table::get_option(const std::string& opt_name, std::string& value)
{
- for (Option* o : options)
- if (opt_name == o->get_name())
- {
- value = o->get_value();
- return true;
- }
+ auto it = std::find_if(options.cbegin(), options.cend(),
+ [&opt_name](const Option* o){ return opt_name == o->get_name(); });
+ if (it != options.cend())
+ {
+ value = (*it)->get_value();
+ return true;
+ }
- for (Option* a : append_options)
- if (opt_name == a->get_name())
- {
- value = a->get_value();
- return true;
- }
+ auto a_it = std::find_if(append_options.cbegin(), append_options.cend(),
+ [&opt_name](const Option* a){ return opt_name == a->get_name(); });
+ if (a_it != append_options.cend())
+ {
+ value = (*it)->get_value();
+ return true;
+ }
return false;
}
bool Table::has_option(const Option& opt)
{
- for (Option* o : options)
- if ( (*o) == opt)
- return true;
-
- for (Option* a : append_options)
- if ( (*a) == opt)
- return true;
+ if (std::any_of(options.cbegin(), options.cend(),
+ [&opt](const Option* o){ return opt == *o; }))
+ return true;
- return false;
+ return std::any_of(append_options.cbegin(), append_options.cend(),
+ [&opt](const Option* a){ return opt == *a; });
}
bool Table::has_option(const std::string& opt_name, int val)
Table(const std::string& name, const std::string& key, int depth);
virtual ~Table();
- inline const std::string& get_name() { return name; }
+ inline const std::string& get_name() const { return name; }
void set_one_line(bool o) { one_line = o; }
void set_print_whitespace(bool w) { print_whitespace = w; }
- bool has_differences();
+ bool has_differences() const;
Table* open_table();
Table* open_table(const std::string&);
bool add_option(const std::string& val);
void DataApi::print_data(std::ostream& out) const
{
- for (Variable* v : vars)
+ for (const Variable* v : vars)
out << (*v) << "\n\n";
- for (Include* i : includes)
+ for (const Include* i : includes)
out << (*i) << "\n\n";
}
}
out << "local_rules =\n[[\n";
- for (Rule* r : data.rules)
+ for (const Rule* r : data.rules)
out << (*r) << "\n\n";
out << "]]\n\n\n";
if (!in_rule_file)
out << "local_rules =\n[[\n";
- for (Rule* r : rules)
+ for (const Rule* r : rules)
out << (*r) << "\n";
if (!in_rule_file)
out << "local_states =\n[[\n";
- for (const auto r : states)
+ for (const auto* r : states)
out << (*r) << "\n";
out << "]]\n\n";
void TableApi::reset_state()
{
// DO NOT RESET DELEGATE STATE. IT HAS ITS OWN LIFECYCLE.
- std::stack<Table*> empty;
- open_tables.swap(empty);
+ std::stack<Table*> empty_table;
+ open_tables.swap(empty_table);
std::stack<unsigned> empty_two;
top_level_tables.swap(empty_two);
curr_data_bad = false;
if ( empty() )
return;
- for (Table* t : tables)
+ for (const Table* t : tables)
out << (*t) << "\n\n";
}
action(*this);
else
{
- if ( pending.find(table_name) == pending.end() )
- pending[table_name] = std::queue<PendingFunction>();
-
+ pending.emplace(table_name, std::queue<PendingFunction>());
pending[table_name].push(action);
}
}
void Converter::add_bindings()
{
std::unordered_map<int, std::shared_ptr<Binder>> policy_map;
- for ( auto& b : binders )
+ for ( const auto& b : binders )
{
if ( b->has_ips_policy_id() && b->get_use_file().second == Binder::IT_FILE )
policy_map[b->get_when_ips_policy_id()] = b;
const std::string& keyword,
bool strict_case)
{
- for (auto& p : map)
+ for (const auto& p : map)
{
if (strict_case)
{
if (name.empty())
return nullptr;
- for ( auto* t : vec)
- if (name == t->get_name())
- return t;
-
- return nullptr;
+ auto it = std::find_if(vec.begin(), vec.end(), [&name](const Table* t){ return name == t->get_name(); });
+ return (it != vec.end()) ? (*it) : nullptr;
}
std::string& ltrim(std::string& s)
use_file_type = type;
}
-void Binder::set_use_service(const std::string& service_name)
-{ use_service = service_name; }
-
void Binder::set_use_action(const std::string& action)
{ use_action = action; }
void set_use_type(const std::string& module_name);
void set_use_name(const std::string& struct_name);
void set_use_file(const std::string& file_name, IncludeType = IT_FILE);
- void set_use_service(const std::string& service_name);
void set_use_action(const std::string& action);
std::string get_use_type() const
const std::istringstream::off_type curr_pos = data_stream.tellg();
std::string rule_string = data_stream.str();
std::size_t end_pos = rule_string.rfind(')');
- rule_string = rule_string.substr(0, end_pos);
+ rule_string.resize(end_pos);
util::rtrim(rule_string); // guarantee last char is a rule opt/subopt
data_stream.str(rule_string);
data_stream.seekg(curr_pos); // position was reset. so find curr position
if (map)
{
// using smart pointer to guarantee new Map is deleted
- const std::vector<std::unique_ptr<const ConvertMap> >& ruletype_map =
+ const std::vector<std::unique_ptr<const ConvertMap> >& tmp_ruletype_map =
ruletype_api;
std::unique_ptr<ConvertMap> new_map(new ConvertMap());
new_map->keyword = name;
new_map->ctor = map->ctor;
const_cast<std::vector<std::unique_ptr<const ConvertMap> >&>(
- ruletype_map).push_back(std::move(new_map));
+ tmp_ruletype_map).push_back(std::move(new_map));
return true;
}
else
struct FtpDefaultCmd
{
- std::string default_name;
- std::set<std::string> cmd_set;
+ std::string default_name; // cppcheck-suppress unusedStructMember
+ std::set<std::string> cmd_set; // cppcheck-suppress unusedStructMember
};
// Use these defaults for the entries that the original config didn't provide.
bool Base64Decode::convert(std::istringstream& data_stream)
{
std::string args;
- std::string tmp;
std::streamoff pos = data_stream.tellg();
args = util::get_rule_option_args(data_stream);
{
// since we still can't be sure if we passed the base64_decode buffer,
// check the next option and ensure it matches
+ std::string tmp;
std::istringstream arg_stream(args);
if (util::get_string(arg_stream, tmp, ", ") &&
(tmp == "bytes" ||
bool DNP3Obj::convert(std::istringstream& data)
{
std::string val = util::get_rule_option_args(data);
- std::string group = "group ";
- std::string var = " var ";
/* convert from dnp3_obj: xxx,xxx to
* dnp3_obj: group xxx, var xxxx
*/
- val.insert(0, group);
+ val.insert(0, "group ");
size_t start_pos = val.find(',');
if (start_pos == std::string::npos)
rule_api.bad_rule(data, "dnp3_obj:expecting 2 args separated by comma");
else
- val.insert(start_pos+1, var);
+ {
+ val.insert(start_pos+1, " var ");
+ }
rule_api.add_option("dnp3_obj", val);
return set_next_rule_state(data);
bool FileData::convert(std::istringstream& data_stream)
{
std::string args;
- std::string tmp;
std::streamoff pos = data_stream.tellg();
rule_api.add_option("file_data");
{
// since we still can't be sure if we passed the file_data buffer,
// check the next option and ensure it matches 'mime'
+ std::string tmp;
std::istringstream(args) >> tmp;
if (tmp == "mime")
bool React::convert(std::istringstream& data_stream)
{
std::string args;
- std::string tmp;
std::istringstream::off_type pos = data_stream.tellg();
args = util::get_rule_option_args(data_stream);
{
// since we still can't be sure if we passed the resp buffer,
// check the next option and ensure it matches
+ std::string tmp;
std::istringstream arg_stream(args);
if (util::get_string(arg_stream, tmp, ",") &&
(tmp == "msg" ||
bool Resp::convert(std::istringstream& data_stream)
{
std::string args;
- std::string tmp;
std::streamoff pos = data_stream.tellg();
args = util::get_rule_option_args(data_stream);
{
// since we still can't be sure if we passed the resp buffer,
// check the next option and ensure it matches
+ std::string tmp;
std::istringstream arg_stream(args);
if (util::get_string(arg_stream, tmp, ",") &&
(tmp == "reset_dest" ||
{
std::string args;
std::string value;
- std::string type;
args = util::get_rule_option_args(data_stream);
std::istringstream arg_stream(args);
cnt = !cnt;
}
+ std::string type;
if (is_host)
{
if (value == "src")
std::streamoff off = 1 + (std::streamoff)(tmp_pos) +
(std::streamoff)(semi_colon_pos);
data_stream.seekg(off);
- rule_keyword = rule_keyword.substr(0, semi_colon_pos);
+ rule_keyword.resize(semi_colon_pos);
}
// now, lets get the next option.
projects / thirdparty / snort3.git / commitdiff
