filestore: Validate stream-depth when non-zero

author Jeff Lucovsky <jeff@lucovsky.org>

Mon, 23 Sep 2019 23:43:14 +0000 (19:43 -0400)

committer Victor Julien <victor@inliniac.net>

Fri, 10 Jul 2020 13:31:41 +0000 (15:31 +0200)
author Jeff Lucovsky <jeff@lucovsky.org>
Mon, 23 Sep 2019 23:43:14 +0000 (19:43 -0400)
committer Victor Julien <victor@inliniac.net>
Fri, 10 Jul 2020 13:31:41 +0000 (15:31 +0200)
diff --git a/src/output-filestore.c b/src/output-filestore.c

index bf2abf1d15e1de33362a36f1f0dff6ea07c45cb5..832ecfd12b24f7fc0e7bc01c9a454f7a3ee7ff94 100644 (file)
--- a/src/output-filestore.c
+++ b/src/output-filestore.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2018 Open Information Security Foundation
+/* Copyright (C) 2018-2020 Open Information Security Foundation
   *
   * You can copy, redistribute or modify this Program under the terms of
   * the GNU General Public License version 2 as published by the Free
@@ -17,6 +17,7 @@
  
  #include "suricata-common.h"
  
+#include "stream-tcp.h"
  #include "app-layer-parser.h"
  #include "app-layer-htp.h"
  #include "app-layer-htp-xff.h"
@@ -493,8 +494,16 @@ static OutputInitResult OutputFilestoreLogInitCtx(ConfNode *conf)
                         "from conf file - %s.  Killing engine",
                         stream_depth_str);
              exit(EXIT_FAILURE);
-        } else {
-            FileReassemblyDepthEnable(stream_depth);
+        }
+        if (stream_depth) {
+            if (stream_depth <= stream_config.reassembly_depth) {
+                SCLogWarning(SC_WARN_FILESTORE_CONFIG,
+                           "file-store.stream-depth value %" PRIu32 " has "
+                           "no effect since it's less than stream.reassembly.depth "
+                           "value.", stream_depth);
+            } else {
+                FileReassemblyDepthEnable(stream_depth);
+            }
          }
      }
  
diff --git a/src/util-error.c b/src/util-error.c

index 66339a5625101e426f4c5f93a10f199645ee6e8f..bc56addd8dcb497589cbc736e3a45a752486e2c8 100644 (file)
--- a/src/util-error.c
+++ b/src/util-error.c
@@ -371,6 +371,7 @@ const char * SCErrorToString(SCError err)
          CASE_CODE (SC_ERR_ERF_BAD_RLEN);
          CASE_CODE (SC_WARN_ERSPAN_CONFIG);
          CASE_CODE (SC_WARN_HASSH_DISABLED);
+        CASE_CODE (SC_WARN_FILESTORE_CONFIG);
  
          CASE_CODE (SC_ERR_MAX);
      }
diff --git a/src/util-error.h b/src/util-error.h

index 8bc18b83f75476af316adbdc26d21b0d10fe394a..6df9c20faf3d6fba703b887ff25f9c812458799a 100644 (file)
--- a/src/util-error.h
+++ b/src/util-error.h
@@ -361,6 +361,7 @@ typedef enum {
      SC_ERR_ERF_BAD_RLEN,
      SC_WARN_ERSPAN_CONFIG,
      SC_WARN_HASSH_DISABLED,
+    SC_WARN_FILESTORE_CONFIG,
  
      SC_ERR_MAX
  } SCError;
author	Jeff Lucovsky <jeff@lucovsky.org>
	Mon, 23 Sep 2019 23:43:14 +0000 (19:43 -0400)
committer	Victor Julien <victor@inliniac.net>
	Fri, 10 Jul 2020 13:31:41 +0000 (15:31 +0200)
src/output-filestore.c		patch \| blob \| blame \| history
src/util-error.c		patch \| blob \| blame \| history
src/util-error.h		patch \| blob \| blame \| history