DCE2_RpktType rpkt_type;
Packet* rpkt = DCE2_CoGetRpkt(sd, cot, co_rtype, &rpkt_type);
- if (rpkt == nullptr)
+ if (!rpkt || !rpkt->data)
{
return nullptr;
}
case DCE2_TRANS_TYPE__SMB:
rpkt = DCE2_GetRpkt(p, DCE2_RPKT_TYPE__SMB_CO_SEG, data_ptr, data_len);
- if ( !rpkt )
+ if ( !rpkt || !rpkt->data )
return nullptr;
set_smb_reassembled_data(const_cast<uint8_t*>(rpkt->data),
snort_free((void*)file_name);
file_name = nullptr;
- parent_tree = nullptr;
+ parent_tree.reset();
}
#include <atomic>
class Dce2Smb2TreeTracker;
+using Dce2Smb2TreeTrackerPtr = std::shared_ptr<Dce2Smb2TreeTracker>;
typedef struct _tcp_flow_state
{
Dce2Smb2FileTracker(const Dce2Smb2FileTracker& arg) = delete;
Dce2Smb2FileTracker& operator=(const Dce2Smb2FileTracker& arg) = delete;
- Dce2Smb2FileTracker(uint64_t file_idv, const uint32_t flow_key, Dce2Smb2TreeTracker* p_tree,
+ Dce2Smb2FileTracker(uint64_t file_idv, const uint32_t flow_key, Dce2Smb2TreeTrackerPtr p_tree,
uint64_t sid) :
ignore(true), file_name_len(0), file_flow_key(flow_key),
file_id(file_idv), file_size(0), file_name_hash(0), file_name(nullptr),
void stop_accepting_raw_data_from(uint32_t);
void set_direction(FileDirection dir) { direction = dir; }
- Dce2Smb2TreeTracker* get_parent() { return parent_tree; }
- void set_parent(Dce2Smb2TreeTracker* pt) { parent_tree = pt; }
+ Dce2Smb2TreeTrackerPtr get_parent() { return parent_tree; }
+ void set_parent(Dce2Smb2TreeTrackerPtr pt) { parent_tree = pt; }
uint64_t get_file_id() { return file_id; }
uint64_t get_file_name_hash() { return file_name_hash; }
uint64_t get_session_id() { return session_id; }
uint64_t file_name_hash;
char* file_name;
FileDirection direction;
- Dce2Smb2TreeTracker* parent_tree;
+ Dce2Smb2TreeTrackerPtr parent_tree;
std::unordered_map<uint32_t, tcp_flow_state, std::hash<uint32_t> > flow_state;
uint64_t session_id;
std::mutex process_file_mutex;
return (it_flow != attached_flows.end()) ? it_flow->second : nullptr;
}
-Dce2Smb2TreeTracker* Dce2Smb2SessionTracker::find_tree_for_message(
+Dce2Smb2TreeTrackerPtr Dce2Smb2SessionTracker::find_tree_for_message(
const uint64_t message_id, const uint32_t flow_key)
{
std::lock_guard<std::mutex> guard(connected_trees_mutex);
return nullptr;
}
+Dce2Smb2TreeTrackerPtr Dce2Smb2SessionTracker::find_tree_for_tree_id(
+ const uint32_t tree_id)
+{
+ std::lock_guard<std::mutex> guard(connected_trees_mutex);
+ auto it_tree = connected_trees.find(tree_id);
+ if (it_tree != connected_trees.end())
+ return it_tree->second;
+ return nullptr;
+}
+
void Dce2Smb2SessionTracker::process(const uint16_t command, uint8_t command_type,
const Smb2Hdr* smb_header, const uint8_t* end, const uint32_t current_flow_key)
{
- Dce2Smb2TreeTracker* tree = nullptr;
+ Dce2Smb2TreeTrackerPtr tree;
uint32_t tree_id = Smb2Tid(smb_header);
if (tree_id)
}
}
-Dce2Smb2TreeTracker* Dce2Smb2SessionTracker::connect_tree(const uint32_t tree_id,
+Dce2Smb2TreeTrackerPtr Dce2Smb2SessionTracker::connect_tree(const uint32_t tree_id,
const uint32_t current_flow_key, const uint8_t share_type)
{
Dce2Smb2SessionData* current_flow = get_flow(current_flow_key);
dce2_smb_stats.v2_tree_cnct_ignored++;
return nullptr;
}
- Dce2Smb2TreeTracker* tree = nullptr;
+ Dce2Smb2TreeTrackerPtr tree;
connected_trees_mutex.lock();
auto it_tree = connected_trees.find(tree_id);
if (it_tree != connected_trees.end())
connected_trees_mutex.unlock();
if (!tree)
{
- tree = new Dce2Smb2TreeTracker(tree_id, this, share_type);
+ tree = std::make_shared<Dce2Smb2TreeTracker>(tree_id, this, share_type);
connected_trees_mutex.lock();
connected_trees.insert(std::make_pair(tree_id, tree));
connected_trees_mutex.unlock();
return;
}
- std::vector<Dce2Smb2TreeTracker*> all_trees;
connected_trees_mutex.lock();
auto it_tree = connected_trees.begin();
while (it_tree != connected_trees.end())
{
- all_trees.push_back(it_tree->second);
- it_tree = connected_trees.erase(it_tree);
+ auto next_it_tree = std::next(it_tree);
+ it_tree->second->close_all_files();
+ disconnect_tree(it_tree->second->get_tree_id());
+ it_tree = next_it_tree;
}
connected_trees_mutex.unlock();
- for (Dce2Smb2TreeTracker* tree : all_trees)
- {
- delete tree;
- }
do_not_delete = false;
fcfs_mutex.unlock();
}
}
~Dce2Smb2SessionTracker();
- Dce2Smb2TreeTracker* connect_tree(const uint32_t, const uint32_t,
+ Dce2Smb2TreeTrackerPtr connect_tree(const uint32_t, const uint32_t,
uint8_t=SMB2_SHARE_TYPE_DISK);
void disconnect_tree(uint32_t tree_id)
{
- std::lock_guard<std::mutex> guard(connected_trees_mutex);
connected_trees.erase(tree_id);
decrease_size(sizeof(Dce2Smb2TreeTracker));
}
dce2_smb_stats.total_encrypted_sessions++;
}
bool get_encryption_flag() { return encryption_flag; }
+ Dce2Smb2TreeTrackerPtr find_tree_for_tree_id(const uint32_t);
private:
// do_not_delete is to make sure when we are in processing we should not delete the context
// which is being processed
bool do_not_delete;
bool file_context_cleaned;
- Dce2Smb2TreeTracker* find_tree_for_message(const uint64_t, const uint32_t);
+ Dce2Smb2TreeTrackerPtr find_tree_for_message(const uint64_t, const uint32_t);
uint64_t session_id;
//to keep the tab of previous command
uint16_t command_prev;
Dce2Smb2FileTrackerPtr Dce2Smb2TreeTracker::open_file(const uint64_t file_id,
const uint32_t current_flow_key)
{
+ Dce2Smb2TreeTrackerPtr tree_ptr = parent_session->find_tree_for_tree_id(tree_id);
+ if (!tree_ptr)
+ return nullptr;
std::shared_ptr<Dce2Smb2FileTracker> ftracker = std::make_shared<Dce2Smb2FileTracker> (
- file_id, current_flow_key, this, this->get_parent()->get_session_id());
+ file_id, current_flow_key, tree_ptr, this->get_parent()->get_session_id());
tree_tracker_mutex.lock();
opened_files.insert(std::make_pair(file_id, ftracker));
tree_tracker_mutex.unlock();
if (it_file != opened_files.end())
{
Dce2Smb2FileTrackerPtr file = it_file->second;
- it_file->second->set_parent(nullptr);
+ it_file->second->get_parent().reset();
if (opened_files.erase(file_id) and destroy)
{
parent_session->decrease_size(sizeof(Dce2Smb2FileTracker));
tree_tracker_mutex.unlock();
}
+void Dce2Smb2TreeTracker::close_all_files()
+{
+ tree_tracker_mutex.lock();
+ auto it_file = opened_files.begin();
+ while (it_file != opened_files.end())
+ {
+ get_parent()->clean_file_context_from_flow(it_file->second->get_file_id(),
+ it_file->second->get_file_name_hash());
+ it_file = opened_files.erase(it_file);
+ }
+ tree_tracker_mutex.unlock();
+}
+
Dce2Smb2RequestTracker* Dce2Smb2TreeTracker::find_request(const uint64_t message_id,
const uint32_t current_flow_key)
{
{
get_parent()->clean_file_context_from_flow(it_file.second->get_file_id(),
it_file.second->get_file_name_hash());
- it_file.second->set_parent(nullptr);
+ it_file.second->get_parent().reset();
parent_session->decrease_size(sizeof(Dce2Smb2FileTracker));
}
tree_tracker_mutex.unlock();
- parent_session->disconnect_tree(tree_id);
}
Dce2Smb2FileTrackerPtr open_file(const uint64_t, const uint32_t);
void close_file(uint64_t, bool);
+ void close_all_files();
Dce2Smb2FileTrackerPtr find_file(uint64_t);
Dce2Smb2RequestTracker* find_request(const uint64_t, const uint32_t);
void process(uint16_t, uint8_t, const Smb2Hdr*, const uint8_t*, const uint32_t);
std::mutex tree_tracker_mutex;
};
+using Dce2Smb2TreeTrackerPtr = std::shared_ptr<Dce2Smb2TreeTracker>;
using Dce2Smb2TreeTrackerMap =
- std::unordered_map<uint32_t, Dce2Smb2TreeTracker*, std::hash<uint32_t> >;
+ std::unordered_map<uint32_t, Dce2Smb2TreeTrackerPtr, std::hash<uint32_t> >;
#endif
projects / thirdparty / snort3.git / commitdiff
