Pull request #3542: ips_options: remove obfuscate_pii caching in sd_pattern option

author Oleksii Shumeiko -X (oshumeik - SOFTSERVE INC at Cisco) <oshumeik@cisco.com>

Fri, 5 Aug 2022 18:56:15 +0000 (18:56 +0000)

committer Oleksii Shumeiko -X (oshumeik - SOFTSERVE INC at Cisco) <oshumeik@cisco.com>

Fri, 5 Aug 2022 18:56:15 +0000 (18:56 +0000)
author Oleksii Shumeiko -X (oshumeik - SOFTSERVE INC at Cisco) <oshumeik@cisco.com>
Fri, 5 Aug 2022 18:56:15 +0000 (18:56 +0000)
committer Oleksii Shumeiko -X (oshumeik - SOFTSERVE INC at Cisco) <oshumeik@cisco.com>
Fri, 5 Aug 2022 18:56:15 +0000 (18:56 +0000)
diff --git a/src/ips_options/ips_sd_pattern.cc b/src/ips_options/ips_sd_pattern.cc

index 82a2602b767a2818aa35e2c6cb5af0f7c2f4c664..cf1789a6284df55125f40e8e60bd96b322543959 100644 (file)
--- a/src/ips_options/ips_sd_pattern.cc
+++ b/src/ips_options/ips_sd_pattern.cc
@@ -77,7 +77,7 @@ struct SdPatternConfig
  
      std::string pii;
      unsigned threshold = 1;
-    bool obfuscate_pii = false;
+    bool can_be_obfuscated = false;
      bool forced_boundary = false;
      int (* validate)(const uint8_t* buf, unsigned long long buflen) = nullptr;
  
@@ -95,7 +95,7 @@ struct SdPatternConfig
      {
          pii.clear();
          threshold = 1;
-        obfuscate_pii = false;
+        can_be_obfuscated = false;
          validate = nullptr;
          db = nullptr;
      }
@@ -229,7 +229,11 @@ static int hs_match(unsigned int /*id*/, unsigned long long from,
  
      ctx->count++;
  
-    if ( ctx->config.obfuscate_pii )
+    IpsPolicy* p = get_ips_policy();
+
+    assert(p);
+
+    if ( p->obfuscate_pii and ctx->config.can_be_obfuscated )
      {
          if ( !ctx->packet->obfuscator )
              ctx->packet->obfuscator = new Obfuscator();
@@ -348,25 +352,23 @@ bool SdPatternModule::set(const char*, Value& v, SnortConfig*)
  
  bool SdPatternModule::end(const char*, int, SnortConfig*)
  {
-    IpsPolicy* p = get_ips_policy();
-
      if (config.pii == "credit_card")
      {
          config.pii = SD_CREDIT_PATTERN_ALL;
          config.validate = SdLuhnAlgorithm;
-        config.obfuscate_pii = p->obfuscate_pii;
+        config.can_be_obfuscated = true;
          config.forced_boundary = true;
      }
      else if (config.pii == "us_social")
      {
          config.pii = SD_SOCIAL_PATTERN;
-        config.obfuscate_pii = p->obfuscate_pii;
+        config.can_be_obfuscated = true;
          config.forced_boundary = true;
      }
      else if (config.pii == "us_social_nodashes")
      {
          config.pii = SD_SOCIAL_NODASHES_PATTERN;
-        config.obfuscate_pii = p->obfuscate_pii;
+        config.can_be_obfuscated = true;
          config.forced_boundary = true;
      }
author	Oleksii Shumeiko -X (oshumeik - SOFTSERVE INC at Cisco) <oshumeik@cisco.com>
	Fri, 5 Aug 2022 18:56:15 +0000 (18:56 +0000)
committer	Oleksii Shumeiko -X (oshumeik - SOFTSERVE INC at Cisco) <oshumeik@cisco.com>
	Fri, 5 Aug 2022 18:56:15 +0000 (18:56 +0000)