********************* L O G G E R ******************************
*******************************************************************/
-struct ip4_addr
-{
- union
- {
- uint32_t addr32;
- uint8_t addr8[4];
- };
-};
-
void Ipv4Codec::log(TextLog* const text_log, const uint8_t* raw_pkt,
const uint16_t lyr_len)
{
}
else
{
- ip4_addr src, dst;
- src.addr32 = ip4h->get_src();
- dst.addr32 = ip4h->get_dst();
+ struct in_addr src, dst;
+ src.s_addr = ip4h->get_src();
+ dst.s_addr = ip4h->get_dst();
char src_buf[INET_ADDRSTRLEN];
char dst_buf[INET_ADDRSTRLEN];
RuleTreeNode* rtn;
GHashNode* hashNode;
OptTreeNode* otn = nullptr;
- PolicyId policyId = 0;
unsigned int svc_idx;
for (hashNode = ghash_findfirst(sc->otn_map);
hashNode = ghash_findnext(sc->otn_map))
{
otn = (OptTreeNode*)hashNode->data;
- for ( policyId = 0;
+ for ( PolicyId policyId = 0;
policyId < otn->proto_node_num;
policyId++ )
{
// Debug Printing
//#define THD_DEBUG
-// This disables adding and testing of Threshold objects
-//#define CRIPPLE
-
XHash* sfthd_new_hash(unsigned nbytes, size_t key, size_t data)
{
size_t size = key + data;
/* Create the THD struct */
thd = (THD_STRUCT*)snort_calloc(sizeof(THD_STRUCT));
-#ifndef CRIPPLE
/* Create hash table for all of the local IP Nodes */
thd->ip_nodes = sfthd_local_new(lbytes);
if ( !thd->ip_nodes )
snort_free(thd);
return nullptr;
}
-#endif
return thd;
}
if (thd == nullptr)
return;
-#ifndef CRIPPLE
if (thd->ip_nodes != nullptr)
xhash_delete(thd->ip_nodes);
if (thd->ip_gnodes != nullptr)
xhash_delete(thd->ip_gnodes);
-#endif
snort_free(thd);
}
if ( config->gen_id >= THD_MAX_GENID )
return -1;
-#ifdef CRIPPLE
- return 0;
-#endif
-
/* Check for an existing 'gen_id' entry, if none found create one. */
if (thd_objs->sfthd_array[config->gen_id] == nullptr)
{
int sfthd_test_rule(XHash* rule_hash, THD_NODE* sfthd_node,
const snort::SfIp* sip, const snort::SfIp* dip, long curtime)
{
- int status;
-
if ((rule_hash == nullptr) || (sfthd_node == nullptr))
return 0;
- status = sfthd_test_local(rule_hash, sfthd_node, sip, dip, curtime);
+ int status = sfthd_test_local(rule_hash, sfthd_node, sip, dip, curtime);
return (status < -1) ? 1 : status;
}
{
THD_IP_NODE_KEY key;
THD_IP_NODE data,* sfthd_ip_node;
- int status=0;
const snort::SfIp* ip;
PolicyId policy_id = snort::get_network_policy()->policy_id;
/*
* Check for any Permanent sig_id objects for this gen_id or add this one ...
*/
- status = xhash_add(local_hash, (void*)&key, &data);
+ int status = xhash_add(local_hash, (void*)&key, &data);
if (status == XHASH_INTABLE)
{
/* Already in the table */
THD_IP_GNODE_KEY key;
THD_IP_NODE data;
THD_IP_NODE* sfthd_ip_node;
- int status=0;
const snort::SfIp* ip;
PolicyId policy_id = snort::get_network_policy()->policy_id;
data.tstart = data.tlast = curtime; /* Event time */
/* Check for any Permanent sig_id objects for this gen_id or add this one ... */
- status = xhash_add(global_hash, (void*)&key, &data);
+ int status = xhash_add(global_hash, (void*)&key, &data);
if (status == XHASH_INTABLE)
{
/* Already in the table */
#ifdef THD_DEBUG
int cnt;
#endif
- int status=0;
PolicyId policy_id = snort::get_network_policy()->policy_id;
if ((thd_objs == nullptr) || (thd == nullptr))
return 0;
-#ifdef CRIPPLE
- return 0;
-#endif
-
#ifdef THD_DEBUG
printf("sfthd_test_threshold...\n"); fflush(stdout);
#endif
/*
* Test SUPPRESSION and THRESHOLDING
*/
- status = sfthd_test_local(thd->ip_nodes, sfthd_node, sip, dip, curtime);
+ int status = sfthd_test_local(thd->ip_nodes, sfthd_node, sip, dip, curtime);
if ( status < 0 ) /* -1 == Don't log and stop looking */
{
if ( g_thd_node )
{
- status = sfthd_test_global(
- thd->ip_gnodes, g_thd_node, sig_id, sip, dip, curtime);
+ int status = sfthd_test_global(thd->ip_gnodes, g_thd_node, sig_id, sip, dip, curtime);
if ( status < 0 ) /* -1 == Don't log and stop looking */
{
int offset;
// Get values from byte_extract variables, if present.
- if (config.offset_var >= 0 && config.offset_var < NUM_IPS_OPTIONS_VARS)
+ if (config.offset_var != IPS_OPTIONS_NO_VAR && config.offset_var < NUM_IPS_OPTIONS_VARS)
{
uint32_t value;
GetVarValueByIndex(&(value), config.offset_var);
/* set how many bytes to process from the packet */
if (isdigit(offset[0]) || offset[0] == '-')
{
+ idx->offset_var = IPS_OPTIONS_NO_VAR;
idx->offset = strtol(offset, &endp, 10);
- idx->offset_var = -1;
if (offset == endp)
{
ParseError("isdataat offset greater than max IPV4 packet size");
return;
}
- idx->offset_var = IPS_OPTIONS_NO_VAR;
}
else
{
*/
static void LogCharData(TextLog* log, const uint8_t* data, int len)
{
+ if ( !data )
+ return;
+
const uint8_t* pb = data;
const uint8_t* end = data + len;
int lineCount = 0;
- if ( !data )
- {
- return;
- }
-
while ( pb < end )
{
if ( *pb > 0x1F && *pb < 0x7F)
return 0;
}
-#if defined(WORDS_BIGENDIAN)
-#define ntoh_ipv6(ip6) do { } while (0)
-#else
static void ntoh_ipv6(NSIPv6Addr* ip6)
{
+#if !defined(WORDS_BIGENDIAN)
uint64_t tmp;
tmp = BYTE_SWAP_64(ip6->hi);
ip6->hi = BYTE_SWAP_64(ip6->lo);
ip6->lo = tmp;
- }
-
#endif
+ }
-#if defined(WORDS_BIGENDIAN)
static void _swap_ipv6(const NSIPv6Addr* ip6, NSIPv6Addr* ip6h)
{
+#if defined(WORDS_BIGENDIAN)
ip6h->hi = ip6->hi;
ip6h->lo = ip6->lo;
- }
-
#else
- static void _swap_ipv6(const NSIPv6Addr* ip6, NSIPv6Addr* ip6h)
- {
ip6h->hi = BYTE_SWAP_64(ip6->lo);
ip6h->lo = BYTE_SWAP_64(ip6->hi);
- }
-
#endif
+ }
static void ntoh_swap_ipv6(const ip::snort_in6_addr* ip6, NSIPv6Addr* ip6h)
{
int MdnsServiceDetector::analyze_user(AppIdSession& asd, const Packet* pkt, uint16_t size)
{
int start_index = 0;
- uint8_t user_name_len = 0;
uint16_t data_size = size;
/* Scan for MDNS response, decided on Query value */
processed_ans++ )
{
// Call Decode Reference pointer function if referenced value instead of direct value
- user_name_len = 0;
+ uint8_t user_name_len = 0;
int ret_value = reference_pointer(srv_original, &resp_endptr, &start_index, data_size,
&user_name_len, size);
int user_index =0;
uint32_t val = 0;
const uint8_t* end = nullptr;
const RPCProgram* rprog = nullptr;
- // FIXIT-M - Avoid thread locals
- static THREAD_LOCAL SnortProtocolId sunrpc_snort_protocol_id = UNKNOWN_PROTOCOL_ID;
if (!size)
return APPID_INPROCESS;
pmr = (const ServiceRPCPortmapReply*)data;
if (pmr->port)
{
+ // FIXIT-M - Avoid thread locals
+ static THREAD_LOCAL SnortProtocolId sunrpc_snort_protocol_id = UNKNOWN_PROTOCOL_ID;
+
if(sunrpc_snort_protocol_id == UNKNOWN_PROTOCOL_ID)
sunrpc_snort_protocol_id = SnortConfig::get_conf()->proto_ref->find("sunrpc");
{
if ( Norm_IsEnabled(&config, NORM_IP4_BASE) )
Norm_Enable(&config, NORM_IP4_TTL);
- }
- if ( (policy->new_ttl > 1) && (policy->new_ttl >= policy->min_ttl) )
- {
+
if ( Norm_IsEnabled(&config, NORM_IP6_BASE) )
Norm_Enable(&config, NORM_IP6_TTL);
}
PegCount* PerfMonModule::get_counts() const
{ return (PegCount*)&pmstats; }
-void ModuleConfig::set_name(std::string name)
+void ModuleConfig::set_name(const std::string& name)
{ this->name = name; }
void ModuleConfig::set_peg_names(Value& peg_names)
snort::Module* ptr;
IndexVec pegs;
- void set_name(std::string name);
+ void set_name(const std::string& name);
void set_peg_names(snort::Value& peg_names);
bool confirm_parse();
bool resolve();
bool PortScanModule::end(const char* fqn, int, SnortConfig*)
{
- static size_t saved_memcap = 0;
-
if (strcmp(fqn, "port_scan") == 0)
{
+ static size_t saved_memcap = 0;
+
if (saved_memcap != 0 )
{
if (config->memcap != saved_memcap)
DCE2_Smb2Inspect(ssd, smb_hdr, data_ptr + data_len);
/* In case of message compounding, find the offset of the next smb command */
next_command_offset = alignedNtohl(&(smb_hdr->next_command));
- if (next_command_offset + (uint8_t *)smb_hdr > (uint8_t* )(data_ptr + data_len))
+ if (next_command_offset + (const uint8_t *)smb_hdr > (data_ptr + data_len))
{
dce_alert(GID_DCE2, DCE2_SMB_BAD_NEXT_COMMAND_OFFSET,
(dce2CommonStats*)&dce2_smb_stats, ssd->sd);
}
if (next_command_offset)
{
- smb_hdr = (Smb2Hdr *)((uint8_t *)smb_hdr + next_command_offset);
+ smb_hdr = (const Smb2Hdr *)((const uint8_t *)smb_hdr + next_command_offset);
}
} while (next_command_offset && smb_hdr);
}
case DNS_RESP_STATE_LENGTH:
/* First two bytes are length in TCP */
dnsSessionData->length = ((uint8_t)*data) << 8;
- dnsSessionData->state = DNS_RESP_STATE_LENGTH_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_LENGTH_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_LENGTH_PART:
dnsSessionData->length |= ((uint8_t)*data);
- dnsSessionData->state = DNS_RESP_STATE_HDR_ID;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_ID;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_ID:
dnsSessionData->hdr.id = (uint8_t)*data << 8;
- dnsSessionData->state = DNS_RESP_STATE_HDR_ID_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_ID_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_ID_PART:
dnsSessionData->hdr.id |= (uint8_t)*data;
- dnsSessionData->state = DNS_RESP_STATE_HDR_FLAGS;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_FLAGS;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_FLAGS:
dnsSessionData->hdr.flags = (uint8_t)*data << 8;
- dnsSessionData->state = DNS_RESP_STATE_HDR_FLAGS_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_FLAGS_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_FLAGS_PART:
dnsSessionData->hdr.flags |= (uint8_t)*data;
- dnsSessionData->state = DNS_RESP_STATE_HDR_QS;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_QS;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_QS:
dnsSessionData->hdr.questions = (uint8_t)*data << 8;
- dnsSessionData->state = DNS_RESP_STATE_HDR_QS_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_QS_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_QS_PART:
dnsSessionData->hdr.questions |= (uint8_t)*data;
- dnsSessionData->state = DNS_RESP_STATE_HDR_ANSS;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_ANSS;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_ANSS:
dnsSessionData->hdr.answers = (uint8_t)*data << 8;
- dnsSessionData->state = DNS_RESP_STATE_HDR_ANSS_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_ANSS_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_ANSS_PART:
dnsSessionData->hdr.answers |= (uint8_t)*data;
- dnsSessionData->state = DNS_RESP_STATE_HDR_AUTHS;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_AUTHS;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_AUTHS:
dnsSessionData->hdr.authorities = (uint8_t)*data << 8;
- dnsSessionData->state = DNS_RESP_STATE_HDR_AUTHS_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_AUTHS_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_AUTHS_PART:
dnsSessionData->hdr.authorities |= (uint8_t)*data;
- dnsSessionData->state = DNS_RESP_STATE_HDR_ADDS;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_ADDS;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_ADDS:
dnsSessionData->hdr.additionals = (uint8_t)*data << 8;
- dnsSessionData->state = DNS_RESP_STATE_HDR_ADDS_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->state = DNS_RESP_STATE_HDR_ADDS_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_HDR_ADDS_PART:
{
case DNS_RESP_STATE_Q_TYPE:
dnsSessionData->curr_q.type = (uint8_t)*data << 8;
- dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_TYPE_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_TYPE_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_Q_TYPE_PART:
dnsSessionData->curr_q.type |= (uint8_t)*data;
- dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_CLASS;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_CLASS;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_Q_CLASS:
dnsSessionData->curr_q.dns_class = (uint8_t)*data << 8;
- dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_CLASS_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_CLASS_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_Q_CLASS_PART:
{
case DNS_RESP_STATE_RR_TYPE:
dnsSessionData->curr_rr.type = (uint8_t)*data << 8;
- dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_TYPE_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_TYPE_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_RR_TYPE_PART:
dnsSessionData->curr_rr.type |= (uint8_t)*data;
- dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_CLASS;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_CLASS;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_RR_CLASS:
dnsSessionData->curr_rr.dns_class = (uint8_t)*data << 8;
- dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_CLASS_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_CLASS_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_RR_CLASS_PART:
dnsSessionData->curr_rr.dns_class |= (uint8_t)*data;
- dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_TTL;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_TTL;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_RR_TTL:
case DNS_RESP_STATE_RR_RDLENGTH:
dnsSessionData->curr_rr.length = (uint8_t)*data << 8;
- dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_RDLENGTH_PART;
data++;
if ( !--bytes_unused )
+ {
+ dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_RDLENGTH_PART;
return 0;
+ }
// Fall through
case DNS_RESP_STATE_RR_RDLENGTH_PART:
char* ErrorString, int ErrStrLen)
{
FTP_PARAM_FMT* NextFmt;
- int iRet = FTPP_SUCCESS;
+ int iRet;
char* fmt = NextToken(CONF_SEPARATORS);
if (!fmt)
read_ptr++;
req->param_begin = nullptr;
req->param_end = nullptr;
+ req->param_size = 0;
}
else if (space || ftpssn->server.response.state != 0)
{
if ((read_ptr = (unsigned char*)memchr(read_ptr, CR, end - read_ptr)) == nullptr)
read_ptr = end;
req->param_end = (const char*)read_ptr;
+ req->param_size = req->param_end - req->param_begin;
read_ptr++;
if (read_ptr < end)
/* Nothing left --> no parameters/message. Not even an LF */
req->param_begin = nullptr;
req->param_end = nullptr;
+ req->param_size = 0;
}
/* Set the pointer for the next request/response
else
req->pipeline_req = nullptr;
- req->param_size = req->param_end - req->param_begin;
switch (state)
{
case FTP_CMD_INV:
throw std::runtime_error("Cannot open test input file");
}
+HttpTestInput::~HttpTestInput()
+{
+ fclose(test_data_file);
+}
+
void HttpTestInput::reset()
{
flushed = false;
{
public:
HttpTestInput(const char* fileName);
+ ~HttpTestInput();
void scan(uint8_t*& data, uint32_t& length, HttpEnums::SourceId source_id, uint64_t seq_num);
void flush(uint32_t num_octets);
void reassemble(uint8_t** buffer, unsigned& length, HttpEnums::SourceId source_id,
void HttpUri::check_oversize_dir(Field& uri_field)
{
- int32_t total_length = 0;
const uint8_t* last_dir = nullptr;
const uint8_t* cur;
const uint8_t* end;
{
if ( last_dir )
{
- total_length = cur - last_dir - 1;
+ int32_t total_length = cur - last_dir - 1;
if ( total_length > uri_param.oversize_dir_length )
{
class SipSplitterUT
{
public:
- SipSplitterUT(SipSplitter ss) : ss(ss) { };
+ SipSplitterUT(const SipSplitter& ss) : ss(ss) { };
bool splitter_is_paf()
{
static sfip_node_t* merge_lists(sfip_node_t* list1, sfip_node_t* list2, uint16_t list1_len,
uint16_t list2_len, uint32_t& merge_len)
{
- SfIpRet ret = SFIP_SUCCESS;
sfip_node_t* listHead = nullptr, * merge_list = nullptr, * tmp = nullptr, * node = nullptr;
uint16_t num_nodes = 0;
/*Iterate till one of the list is NULL. Append each node to merge_list*/
while (list1 && list2)
{
- ret = list1->ip->compare(*(list2->ip));
+ SfIpRet ret = list1->ip->compare(*(list2->ip));
if (ret == SFIP_LESSER)
{
node = list1;
/* "Anys" should always be inserted first
Otherwise, check if this IP is less than the head's IP */
- SfIpRet node_cmp_ret = SFIP_SUCCESS;
if (node->flags & SFIP_ANY)
{
sfip_node_t* tmp;
}
else
{
- node_cmp_ret = node->ip->compare(*((*head)->ip));
+ SfIpRet node_cmp_ret = node->ip->compare(*((*head)->ip));
if (node_cmp_ret == SFIP_EQUAL)
{
sfip_node_free(node);
/* Insertion sort */
for (p = *head; p->next; p=p->next)
{
- node_cmp_ret = node->ip->compare(*(p->next->ip));
+ SfIpRet node_cmp_ret = node->ip->compare(*(p->next->ip));
if (node_cmp_ret == SFIP_EQUAL)
{
sfip_node_free(node);
//---------------------------------------------------------------
-static int s_debug = 0;
+//#define SFIP_TEST_DEBUG
static const char* const codes[] =
{
{
status = "Failed";
}
- if ( result != f->expected || s_debug )
+#ifndef SFIP_TEST_DEBUG
+ if ( result != f->expected )
{
+#endif
if ( f->arg2 )
printf("[%d] %s: %s(%s, %s) = %s\n",
i, status, f->func, f->arg1, f->arg2, code);
else
printf("[%d] %s: %s(%s) = %s\n",
i, status, f->func, f->arg1, code);
+#ifndef SFIP_TEST_DEBUG
}
+#endif
return result == f->expected;
}
word length, dir_sub_table_t* table)
{
uint32_t valueIndexRet = 0;
- uint32_t valueIndex = 0;
for (; index < fill; index++)
{
if ( !table->lengths[index] && table->entries[index])
{
dir_sub_table_t* next = (dir_sub_table_t*)table->entries[index];
- valueIndex = _dir_remove_less_specific(allocated, 0, 1 << next->width, length, next);
+ uint32_t valueIndex = _dir_remove_less_specific(allocated, 0, 1 << next->width, length, next);
if (valueIndex)
{
valueIndexRet = valueIndex;
*/
int Defrag::insert(Packet* p, FragTracker* ft, FragEngine* fe)
{
- uint16_t orig_offset; /* offset specified in this fragment header */
- uint16_t frag_offset; /* calculated offset for this fragment */
- uint16_t frag_end; /* calculated end point for this fragment */
+ uint16_t orig_offset; /* offset specified in this fragment header */
+ uint16_t frag_offset; /* calculated offset for this fragment */
+ uint16_t frag_end; /* calculated end point for this fragment */
int16_t trunc = 0; /* we truncate off the tail */
- int32_t overlap = 0; /* we overlap on either end of the frag */
+ int32_t overlap; /* we overlap on either end of the frag */
int16_t len = 0; /* calculated size of the fragment */
int16_t slide = 0; /* slide up the front of the current frag */
int done = 0; /* flag for right-side overlap handling loop */
- int addthis = 1; /* flag for right-side overlap handling loop */
+ int addthis = 1; /* flag for right-side overlap handling loop */
int i = 0; /* counter */
int firstLastOk;
int ret = FRAG_INSERT_OK;
- unsigned char lastfrag = 0; /* Set to 1 when this is the 'last' frag */
+ unsigned char lastfrag = 0; /* Set to 1 when this is the 'last' frag */
unsigned char alerted_overlap = 0; /* Set to 1 when alerted */
- Fragment* right = nullptr; /* frag ptr for right-side overlap loop */
- Fragment* newfrag = nullptr; /* new frag container */
- Fragment* left = nullptr; /* left-side overlap fragment ptr */
- Fragment* idx = nullptr; /* indexing fragment pointer for loops */
- Fragment* dump_me = nullptr; /* frag ptr for complete overlaps to dump */
+ Fragment* right = nullptr; /* frag ptr for right-side overlap loop */
+ Fragment* newfrag = nullptr; /* new frag container */
+ Fragment* left = nullptr; /* left-side overlap fragment ptr */
+ Fragment* idx = nullptr; /* indexing fragment pointer for loops */
+ Fragment* dump_me = nullptr; /* frag ptr for complete overlaps to dump */
const uint8_t* fragStart;
int16_t fragLength;
const uint16_t net_frag_offset = p->ptrs.ip_api.off();
"truncating old pkt (offset: %d overlap: %d)\n",
left->offset, overlap);
- if (left->size <= 0)
+ if (left->size == 0)
{
dump_me = left;
"overlap: %d)\n", right->offset, overlap);
trace_log(stream_ip,
"Exiting right overlap loop...\n");
- if (right->size <= 0)
+ if (right->size == 0)
{
dump_me = right;
return ACTION_NOTHING;
else
{
- DeepProfile profile(s5TcpStatePerfStats);
+ DeepProfile tcp_state_profile(s5TcpStatePerfStats);
if ( tsm->eval(tsd, *talker, *listener) )
{
projects / thirdparty / snort3.git / commitdiff
