]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
eve: use JsonBuilder for encoding base64
authorJason Ish <jason.ish@oisf.net>
Thu, 24 Jun 2021 16:21:52 +0000 (10:21 -0600)
committerVictor Julien <vjulien@oisf.net>
Tue, 11 Jan 2022 06:30:48 +0000 (07:30 +0100)
Replaces all usages of Base64Encode just before writing to a
JsonBuilder with jb_set_base64 and jb_append_base64.

scripts/dnp3-gen/dnp3-gen.py
src/output-json-alert.c
src/output-json-dnp3-objects.c
src/output-json-http.c
src/output-json-tls.c
src/output-json.c

index 9a9c7306770ee13677e3410f4dd60eb34f825cbc..5604237008df2b64aa711ae084a595c26abbf738 100755 (executable)
@@ -157,6 +157,7 @@ output_json_dnp3_objects_template = """/* Copyright (C) 2015 Open Information Se
 #include "output-json-dnp3-objects.h"
 #include "output-json.h"
 
+// clang-format off
 void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
     DNP3Point *point)
 {
@@ -171,11 +172,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
 {% elif field.type in ["flt32", "flt64"] %}
             jb_set_float(js, "{{field.name}}", data->{{field.name}});
 {% elif field.type == "bytearray" %}
-            unsigned long {{field.name}}_b64_len = BASE64_BUFFER_SIZE(data->{{field.len_field}});
-            uint8_t {{field.name}}_b64[{{field.name}}_b64_len];
-            Base64Encode(data->{{field.name}}, data->{{field.len_field}},
-                {{field.name}}_b64, &{{field.name}}_b64_len);
-            jb_set_string(js, "data->{{field.name}}", (char *){{field.name}}_b64);
+            jb_set_base64(js, "data->{{field.name}}", data->{{field.name}}, data->{{field.len_field}});
 {% elif field.type == "vstr4" %}
             jb_set_string(js, "data->{{field.name}}", data->{{field.name}});
 {% elif field.type == "chararray" %}
@@ -207,6 +204,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
     }
 
 }
+// clang-format on
 
 """
 
index 50d9bc216dc1ad42daa536379ff9ec4b6a80984f..b79128deac8a1a9c97aac8d85ceb6db09e259996 100644 (file)
@@ -423,11 +423,7 @@ static void AlertJsonTunnel(const Packet *p, JsonBuilder *js)
 static void AlertAddPayload(AlertJsonOutputCtx *json_output_ctx, JsonBuilder *js, const Packet *p)
 {
     if (json_output_ctx->flags & LOG_JSON_PAYLOAD_BASE64) {
-        unsigned long len = BASE64_BUFFER_SIZE(p->payload_len);
-        uint8_t encoded[len];
-        if (Base64Encode(p->payload, p->payload_len, encoded, &len) == SC_BASE64_OK) {
-            jb_set_string(js, "payload", (char *)encoded);
-        }
+        jb_set_base64(js, "payload", p->payload, p->payload_len);
     }
 
     if (json_output_ctx->flags & LOG_JSON_PAYLOAD) {
@@ -687,10 +683,7 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p)
                                     (void *)payload);
                 if (payload->offset) {
                     if (json_output_ctx->flags & LOG_JSON_PAYLOAD_BASE64) {
-                        unsigned long len = BASE64_BUFFER_SIZE(json_output_ctx->payload_buffer_size);
-                        uint8_t encoded[len];
-                        Base64Encode(payload->buffer, payload->offset, encoded, &len);
-                        jb_set_string(jb, "payload", (char *)encoded);
+                        jb_set_base64(jb, "payload", payload->buffer, payload->offset);
                     }
 
                     if (json_output_ctx->flags & LOG_JSON_PAYLOAD) {
index 01e18dd7f414c4def963442bf54bcb33b09ca329..377dffe417e5d115e73668107bfab42bc20092ec 100644 (file)
@@ -31,6 +31,7 @@
 #include "output-json-dnp3-objects.h"
 #include "output-json.h"
 
+// clang-format off
 void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
     DNP3Point *point)
 {
@@ -1502,11 +1503,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
             jb_set_string(js, "data->vendor_code", data->vendor_code);
             jb_set_uint(js, "object_id", data->object_id);
             jb_set_uint(js, "length", data->length);
-            unsigned long data_objects_b64_len = BASE64_BUFFER_SIZE(data->length);
-            uint8_t data_objects_b64[data_objects_b64_len];
-            Base64Encode(data->data_objects, data->length,
-                data_objects_b64, &data_objects_b64_len);
-            jb_set_string(js, "data->data_objects", (char *)data_objects_b64);
+            jb_set_base64(js, "data->data_objects", data->data_objects, data->length);
             break;
         }
         case DNP3_OBJECT_CODE(86, 2): {
@@ -1532,22 +1529,14 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
             jb_set_uint(js, "usr", data->usr);
             jb_set_uint(js, "mal", data->mal);
             jb_set_uint(js, "reason", data->reason);
-            unsigned long challenge_data_b64_len = BASE64_BUFFER_SIZE(data->challenge_data_len);
-            uint8_t challenge_data_b64[challenge_data_b64_len];
-            Base64Encode(data->challenge_data, data->challenge_data_len,
-                challenge_data_b64, &challenge_data_b64_len);
-            jb_set_string(js, "data->challenge_data", (char *)challenge_data_b64);
+            jb_set_base64(js, "data->challenge_data", data->challenge_data, data->challenge_data_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 2): {
             DNP3ObjectG120V2 *data = point->data;
             jb_set_uint(js, "csq", data->csq);
             jb_set_uint(js, "usr", data->usr);
-            unsigned long mac_value_b64_len = BASE64_BUFFER_SIZE(data->mac_value_len);
-            uint8_t mac_value_b64[mac_value_b64_len];
-            Base64Encode(data->mac_value, data->mac_value_len,
-                mac_value_b64, &mac_value_b64_len);
-            jb_set_string(js, "data->mac_value", (char *)mac_value_b64);
+            jb_set_base64(js, "data->mac_value", data->mac_value, data->mac_value_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 3): {
@@ -1569,27 +1558,15 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
             jb_set_uint(js, "key_status", data->key_status);
             jb_set_uint(js, "mal", data->mal);
             jb_set_uint(js, "challenge_data_len", data->challenge_data_len);
-            unsigned long challenge_data_b64_len = BASE64_BUFFER_SIZE(data->challenge_data_len);
-            uint8_t challenge_data_b64[challenge_data_b64_len];
-            Base64Encode(data->challenge_data, data->challenge_data_len,
-                challenge_data_b64, &challenge_data_b64_len);
-            jb_set_string(js, "data->challenge_data", (char *)challenge_data_b64);
-            unsigned long mac_value_b64_len = BASE64_BUFFER_SIZE(data->mac_value_len);
-            uint8_t mac_value_b64[mac_value_b64_len];
-            Base64Encode(data->mac_value, data->mac_value_len,
-                mac_value_b64, &mac_value_b64_len);
-            jb_set_string(js, "data->mac_value", (char *)mac_value_b64);
+            jb_set_base64(js, "data->challenge_data", data->challenge_data, data->challenge_data_len);
+            jb_set_base64(js, "data->mac_value", data->mac_value, data->mac_value_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 6): {
             DNP3ObjectG120V6 *data = point->data;
             jb_set_uint(js, "ksq", data->ksq);
             jb_set_uint(js, "usr", data->usr);
-            unsigned long wrapped_key_data_b64_len = BASE64_BUFFER_SIZE(data->wrapped_key_data_len);
-            uint8_t wrapped_key_data_b64[wrapped_key_data_b64_len];
-            Base64Encode(data->wrapped_key_data, data->wrapped_key_data_len,
-                wrapped_key_data_b64, &wrapped_key_data_b64_len);
-            jb_set_string(js, "data->wrapped_key_data", (char *)wrapped_key_data_b64);
+            jb_set_base64(js, "data->wrapped_key_data", data->wrapped_key_data, data->wrapped_key_data_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 7): {
@@ -1615,20 +1592,12 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
             DNP3ObjectG120V8 *data = point->data;
             jb_set_uint(js, "key_change_method", data->key_change_method);
             jb_set_uint(js, "certificate_type", data->certificate_type);
-            unsigned long certificate_b64_len = BASE64_BUFFER_SIZE(data->certificate_len);
-            uint8_t certificate_b64[certificate_b64_len];
-            Base64Encode(data->certificate, data->certificate_len,
-                certificate_b64, &certificate_b64_len);
-            jb_set_string(js, "data->certificate", (char *)certificate_b64);
+            jb_set_base64(js, "data->certificate", data->certificate, data->certificate_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 9): {
             DNP3ObjectG120V9 *data = point->data;
-            unsigned long mac_value_b64_len = BASE64_BUFFER_SIZE(data->mac_value_len);
-            uint8_t mac_value_b64[mac_value_b64_len];
-            Base64Encode(data->mac_value, data->mac_value_len,
-                mac_value_b64, &mac_value_b64_len);
-            jb_set_string(js, "data->mac_value", (char *)mac_value_b64);
+            jb_set_base64(js, "data->mac_value", data->mac_value, data->mac_value_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 10): {
@@ -1651,16 +1620,8 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
             } else {
                 jb_set_string(js, "username", "");
             }
-            unsigned long user_public_key_b64_len = BASE64_BUFFER_SIZE(data->user_public_key_len);
-            uint8_t user_public_key_b64[user_public_key_b64_len];
-            Base64Encode(data->user_public_key, data->user_public_key_len,
-                user_public_key_b64, &user_public_key_b64_len);
-            jb_set_string(js, "data->user_public_key", (char *)user_public_key_b64);
-            unsigned long certification_data_b64_len = BASE64_BUFFER_SIZE(data->certification_data_len);
-            uint8_t certification_data_b64[certification_data_b64_len];
-            Base64Encode(data->certification_data, data->certification_data_len,
-                certification_data_b64, &certification_data_b64_len);
-            jb_set_string(js, "data->certification_data", (char *)certification_data_b64);
+            jb_set_base64(js, "data->user_public_key", data->user_public_key, data->user_public_key_len);
+            jb_set_base64(js, "data->certification_data", data->certification_data, data->certification_data_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 11): {
@@ -1678,11 +1639,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
             } else {
                 jb_set_string(js, "username", "");
             }
-            unsigned long master_challenge_data_b64_len = BASE64_BUFFER_SIZE(data->master_challenge_data_len);
-            uint8_t master_challenge_data_b64[master_challenge_data_b64_len];
-            Base64Encode(data->master_challenge_data, data->master_challenge_data_len,
-                master_challenge_data_b64, &master_challenge_data_b64_len);
-            jb_set_string(js, "data->master_challenge_data", (char *)master_challenge_data_b64);
+            jb_set_base64(js, "data->master_challenge_data", data->master_challenge_data, data->master_challenge_data_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 12): {
@@ -1690,11 +1647,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
             jb_set_uint(js, "ksq", data->ksq);
             jb_set_uint(js, "user_number", data->user_number);
             jb_set_uint(js, "challenge_data_len", data->challenge_data_len);
-            unsigned long challenge_data_b64_len = BASE64_BUFFER_SIZE(data->challenge_data_len);
-            uint8_t challenge_data_b64[challenge_data_b64_len];
-            Base64Encode(data->challenge_data, data->challenge_data_len,
-                challenge_data_b64, &challenge_data_b64_len);
-            jb_set_string(js, "data->challenge_data", (char *)challenge_data_b64);
+            jb_set_base64(js, "data->challenge_data", data->challenge_data, data->challenge_data_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 13): {
@@ -1702,29 +1655,17 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
             jb_set_uint(js, "ksq", data->ksq);
             jb_set_uint(js, "user_number", data->user_number);
             jb_set_uint(js, "encrypted_update_key_len", data->encrypted_update_key_len);
-            unsigned long encrypted_update_key_data_b64_len = BASE64_BUFFER_SIZE(data->encrypted_update_key_len);
-            uint8_t encrypted_update_key_data_b64[encrypted_update_key_data_b64_len];
-            Base64Encode(data->encrypted_update_key_data, data->encrypted_update_key_len,
-                encrypted_update_key_data_b64, &encrypted_update_key_data_b64_len);
-            jb_set_string(js, "data->encrypted_update_key_data", (char *)encrypted_update_key_data_b64);
+            jb_set_base64(js, "data->encrypted_update_key_data", data->encrypted_update_key_data, data->encrypted_update_key_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 14): {
             DNP3ObjectG120V14 *data = point->data;
-            unsigned long digital_signature_b64_len = BASE64_BUFFER_SIZE(data->digital_signature_len);
-            uint8_t digital_signature_b64[digital_signature_b64_len];
-            Base64Encode(data->digital_signature, data->digital_signature_len,
-                digital_signature_b64, &digital_signature_b64_len);
-            jb_set_string(js, "data->digital_signature", (char *)digital_signature_b64);
+            jb_set_base64(js, "data->digital_signature", data->digital_signature, data->digital_signature_len);
             break;
         }
         case DNP3_OBJECT_CODE(120, 15): {
             DNP3ObjectG120V15 *data = point->data;
-            unsigned long mac_b64_len = BASE64_BUFFER_SIZE(data->mac_len);
-            uint8_t mac_b64[mac_b64_len];
-            Base64Encode(data->mac, data->mac_len,
-                mac_b64, &mac_b64_len);
-            jb_set_string(js, "data->mac", (char *)mac_b64);
+            jb_set_base64(js, "data->mac", data->mac, data->mac_len);
             break;
         }
         case DNP3_OBJECT_CODE(121, 1): {
@@ -1777,3 +1718,4 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object,
     }
 
 }
+// clang-format on
index ddddf597c59d9c24014a480cb58e681f5ad5df19..88c0c8967cb07b4fe75b5e54dcf1e184dac77b78 100644 (file)
@@ -430,11 +430,7 @@ static void BodyBase64Buffer(JsonBuilder *js, HtpBody *body, const char *key)
             return;
         }
 
-        unsigned long len = BASE64_BUFFER_SIZE(body_data_len);
-        uint8_t encoded[len];
-        if (Base64Encode(body_data, body_data_len, encoded, &len) == SC_BASE64_OK) {
-            jb_set_string(js, key, (char *)encoded);
-        }
+        jb_set_base64(js, key, body_data, body_data_len);
     }
 }
 
index c5078e4530fd85022d7f760da5f03b0f02c0690e..5280483a406ef1854b25fe51abdd9e0223661d6d 100644 (file)
@@ -267,12 +267,7 @@ static void JsonTlsLogCertificate(JsonBuilder *js, SSLState *ssl_state)
         return;
     }
 
-    unsigned long len = BASE64_BUFFER_SIZE(cert->cert_len);
-    uint8_t encoded[len];
-    if (Base64Encode(cert->cert_data, cert->cert_len, encoded, &len) ==
-                     SC_BASE64_OK) {
-        jb_set_string(js, "certificate", (char *)encoded);
-    }
+    jb_set_base64(js, "certificate", cert->cert_data, cert->cert_len);
 }
 
 static void JsonTlsLogChain(JsonBuilder *js, SSLState *ssl_state)
@@ -285,12 +280,7 @@ static void JsonTlsLogChain(JsonBuilder *js, SSLState *ssl_state)
 
     SSLCertsChain *cert;
     TAILQ_FOREACH(cert, &ssl_state->server_connp.certs, next) {
-        unsigned long len = BASE64_BUFFER_SIZE(cert->cert_len);
-        uint8_t encoded[len];
-        if (Base64Encode(cert->cert_data, cert->cert_len, encoded, &len) ==
-                         SC_BASE64_OK) {
-            jb_append_string(js, (char *)encoded);
-        }
+        jb_append_base64(js, cert->cert_data, cert->cert_len);
     }
 
     jb_close(js);
index 06da8d64d73ae827d5484ba5f7cc4c7c4bec75b4..e9eccf4a79286e8105814faaf658962eb7b313a2 100644 (file)
@@ -451,11 +451,7 @@ void EveAddCommonOptions(const OutputJsonCommonSettings *cfg,
 void EvePacket(const Packet *p, JsonBuilder *js, unsigned long max_length)
 {
     unsigned long max_len = max_length == 0 ? GET_PKT_LEN(p) : max_length;
-    unsigned long len = BASE64_BUFFER_SIZE(max_len);
-    uint8_t encoded_packet[len];
-    if (Base64Encode((unsigned char*) GET_PKT_DATA(p), max_len, encoded_packet, &len) == SC_BASE64_OK) {
-        jb_set_string(js, "packet", (char *)encoded_packet);
-    }
+    jb_set_base64(js, "packet", GET_PKT_DATA(p), max_len);
 
     if (!jb_open_object(js, "packet_info")) {
         return;