detect: initialize empty buffers

diff --git a/src/detect-dns-query.c b/src/detect-dns-query.c
index a1831322793357c3444fe006cfec7a7c5ca963cb..05a0e1c5363f505a060f57078d1f43544c904b75 100644 (file)
--- a/src/detect-dns-query.c
+++ b/src/detect-dns-query.c
@@ -88,6 +88,7 @@ static InspectionBuffer *DnsQueryGetData(DetectEngineThreadCtx *det_ctx,
     const uint8_t *data;
     uint32_t data_len;
     if (rs_dns_tx_get_query_name(cbdata->txv, cbdata->local_id, &data, &data_len) == 0) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }
     InspectionBufferSetupMulti(buffer, transforms, data, data_len);

diff --git a/src/detect-engine-frame.c b/src/detect-engine-frame.c
index ee86387a443370c72781978380ff74a88fc9938e..f987a8799c9c6f887fbb91a65896bc99e6c7a3d1 100644 (file)
--- a/src/detect-engine-frame.c
+++ b/src/detect-engine-frame.c
@@ -366,6 +366,7 @@ static bool BufferSetup(struct FrameStreamData *fsd, InspectionBuffer *buffer, c
             if (fo_inspect_offset >= (uint64_t)frame->len) {
                 SCLogDebug("data entirely past frame (%" PRIu64 " > %" PRIi64 ")",
                         fo_inspect_offset, frame->len);
+                InspectionBufferSetupMultiEmpty(buffer);
                 return false;
             }
 

diff --git a/src/detect-engine.c b/src/detect-engine.c
index d47f4afc9e66e70966ec35d5e8131f72dd389769..485d691c117bad552acdbee7181cefaac6bcb254 100644 (file)
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@@ -1427,6 +1427,19 @@ void InspectionBufferInit(InspectionBuffer *buffer, uint32_t initial_size)
     }
 }
 
+/** \brief setup the buffer empty */
+void InspectionBufferSetupMultiEmpty(InspectionBuffer *buffer)
+{
+#ifdef DEBUG_VALIDATION
+    DEBUG_VALIDATE_BUG_ON(buffer->initialized);
+    DEBUG_VALIDATE_BUG_ON(!buffer->multi);
+#endif
+    buffer->inspect = NULL;
+    buffer->inspect_len = 0;
+    buffer->len = 0;
+    buffer->initialized = true;
+}
+
 /** \brief setup the buffer with our initial data */
 void InspectionBufferSetupMulti(InspectionBuffer *buffer, const DetectEngineTransforms *transforms,
         const uint8_t *data, const uint32_t data_len)

diff --git a/src/detect-engine.h b/src/detect-engine.h
index 1f93aabf1fafb9123f57fa20a916a2ca287ad785..2980f0dac6c9afaf646ff7616f74043510952b57 100644 (file)
--- a/src/detect-engine.h
+++ b/src/detect-engine.h
@@ -37,6 +37,7 @@ void InspectionBufferApplyTransforms(InspectionBuffer *buffer,
         const DetectEngineTransforms *transforms);
 void InspectionBufferClean(DetectEngineThreadCtx *det_ctx);
 InspectionBuffer *InspectionBufferGet(DetectEngineThreadCtx *det_ctx, const int list_id);
+void InspectionBufferSetupMultiEmpty(InspectionBuffer *buffer);
 void InspectionBufferSetupMulti(InspectionBuffer *buffer, const DetectEngineTransforms *transforms,
         const uint8_t *data, const uint32_t data_len);
 InspectionBuffer *InspectionBufferMultipleForListGet(

diff --git a/src/detect-file-data.c b/src/detect-file-data.c
index 540b29791bcc0ae41e77be133d59b8f51ccfef5a..2d3cc1561dcdfa9eb31534d07d7b90fe1ccb40f8 100644 (file)
--- a/src/detect-file-data.c
+++ b/src/detect-file-data.c
@@ -540,11 +540,13 @@ static InspectionBuffer *FiledataGetDataCallback(DetectEngineThreadCtx *det_ctx,
     /* no new data */
     if (cur_file->content_inspected == file_size) {
         SCLogDebug("no new data");
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }
 
     if (file_size == 0) {
         SCLogDebug("no data to inspect for this transaction");
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }
 
@@ -554,6 +556,7 @@ static InspectionBuffer *FiledataGetDataCallback(DetectEngineThreadCtx *det_ctx,
         SCLogDebug("we still haven't seen the entire content. "
                    "Let's defer content inspection till we see the "
                    "entire content.");
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }
 

diff --git a/src/detect-filemagic.c b/src/detect-filemagic.c
index 3da9b6f2d6fa42c447aedf79b5131c8f963b203f..29ecde687ce36abbe87de5358ab1bb5930b97345 100644 (file)
--- a/src/detect-filemagic.c
+++ b/src/detect-filemagic.c
@@ -457,6 +457,7 @@ static InspectionBuffer *FilemagicGetDataCallback(DetectEngineThreadCtx *det_ctx
         DetectFilemagicThreadData *tfilemagic =
             (DetectFilemagicThreadData *)DetectThreadCtxGetKeywordThreadCtx(det_ctx, g_magic_thread_ctx_id);
         if (tfilemagic == NULL) {
+            InspectionBufferSetupMultiEmpty(buffer);
             return NULL;
         }
 

diff --git a/src/detect-http2.c b/src/detect-http2.c
index 611fb41d35d179e70e5c112e1c926b80afb8be11..83b9aeb8641c5f57042350aff142a2b06e3a9c73 100644 (file)
--- a/src/detect-http2.c
+++ b/src/detect-http2.c
@@ -818,10 +818,14 @@ static InspectionBuffer *GetHttp2HeaderData(DetectEngineThreadCtx *det_ctx, cons
     uint32_t b_len = 0;
     const uint8_t *b = NULL;
 
-    if (rs_http2_tx_get_header(cbdata->txv, flags, cbdata->local_id, &b, &b_len) != 1)
+    if (rs_http2_tx_get_header(cbdata->txv, flags, cbdata->local_id, &b, &b_len) != 1) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
-    if (b == NULL || b_len == 0)
+    }
+    if (b == NULL || b_len == 0) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
+    }
 
     InspectionBufferSetupMulti(buffer, transforms, b, b_len);
 

diff --git a/src/detect-ike-vendor.c b/src/detect-ike-vendor.c
index c0d57de346fe0d693e0fdc4b3640186a591ce830..4dcc9c71b8bdef17d92b02f70c0cf32b488dbe62 100644 (file)
--- a/src/detect-ike-vendor.c
+++ b/src/detect-ike-vendor.c
@@ -70,6 +70,7 @@ static InspectionBuffer *IkeVendorGetData(DetectEngineThreadCtx *det_ctx,
     const uint8_t *data;
     uint32_t data_len;
     if (rs_ike_tx_get_vendor(cbdata->txv, cbdata->local_id, &data, &data_len) == 0) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }
 

diff --git a/src/detect-krb5-cname.c b/src/detect-krb5-cname.c
index d6ca24f5190849ca23d6495c67318210bcf6866b..6054ccc5c68c72a2e203809844290fd65b87b8cb 100644 (file)
--- a/src/detect-krb5-cname.c
+++ b/src/detect-krb5-cname.c
@@ -71,10 +71,14 @@ static InspectionBuffer *GetKrb5CNameData(DetectEngineThreadCtx *det_ctx,
     uint32_t b_len = 0;
     const uint8_t *b = NULL;
 
-    if (rs_krb5_tx_get_cname(cbdata->txv, cbdata->local_id, &b, &b_len) != 1)
+    if (rs_krb5_tx_get_cname(cbdata->txv, cbdata->local_id, &b, &b_len) != 1) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
-    if (b == NULL || b_len == 0)
+    }
+    if (b == NULL || b_len == 0) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
+    }
 
     InspectionBufferSetupMulti(buffer, transforms, b, b_len);
 

diff --git a/src/detect-krb5-sname.c b/src/detect-krb5-sname.c
index 391c82d71af8640b34815f9f94fed864da731cc7..eb281af2a2230ee459f34a5a55ac4d8ad7f1e50f 100644 (file)
--- a/src/detect-krb5-sname.c
+++ b/src/detect-krb5-sname.c
@@ -71,10 +71,14 @@ static InspectionBuffer *GetKrb5SNameData(DetectEngineThreadCtx *det_ctx,
     uint32_t b_len = 0;
     const uint8_t *b = NULL;
 
-    if (rs_krb5_tx_get_sname(cbdata->txv, cbdata->local_id, &b, &b_len) != 1)
+    if (rs_krb5_tx_get_sname(cbdata->txv, cbdata->local_id, &b, &b_len) != 1) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
-    if (b == NULL || b_len == 0)
+    }
+    if (b == NULL || b_len == 0) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
+    }
 
     InspectionBufferSetupMulti(buffer, transforms, b, b_len);
 

diff --git a/src/detect-mqtt-subscribe-topic.c b/src/detect-mqtt-subscribe-topic.c
index 62b2018a3d485f339b4e81fc815a493144b87a9e..34b813023fdba214b45889aac68e9a823061e71c 100644 (file)
--- a/src/detect-mqtt-subscribe-topic.c
+++ b/src/detect-mqtt-subscribe-topic.c
@@ -80,6 +80,7 @@ static InspectionBuffer *MQTTSubscribeTopicGetData(DetectEngineThreadCtx *det_ct
     const uint8_t *data;
     uint32_t data_len;
     if (rs_mqtt_tx_get_subscribe_topic(cbdata->txv, cbdata->local_id, &data, &data_len) == 0) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }
 

diff --git a/src/detect-mqtt-unsubscribe-topic.c b/src/detect-mqtt-unsubscribe-topic.c
index 70ba5af857ea2989e6bb857175e9af9177981a03..b6b113942f354730901c2410faa1c5f4caf382c6 100644 (file)
--- a/src/detect-mqtt-unsubscribe-topic.c
+++ b/src/detect-mqtt-unsubscribe-topic.c
@@ -80,6 +80,7 @@ static InspectionBuffer *MQTTUnsubscribeTopicGetData(DetectEngineThreadCtx *det_
     const uint8_t *data;
     uint32_t data_len;
     if (rs_mqtt_tx_get_unsubscribe_topic(cbdata->txv, cbdata->local_id, &data, &data_len) == 0) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }
 

diff --git a/src/detect-quic-cyu-hash.c b/src/detect-quic-cyu-hash.c
index 519c3bd5c164065d5a1ae8db81c8225bbf174078..193f2fc3957221d7b48b2193b6c2c8ca54490136 100644 (file)
--- a/src/detect-quic-cyu-hash.c
+++ b/src/detect-quic-cyu-hash.c
@@ -76,6 +76,7 @@ static InspectionBuffer *QuicHashGetData(DetectEngineThreadCtx *det_ctx,
     const uint8_t *data;
     uint32_t data_len;
     if (rs_quic_tx_get_cyu_hash(cbdata->txv, (uint16_t)cbdata->local_id, &data, &data_len) == 0) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }
 

diff --git a/src/detect-quic-cyu-string.c b/src/detect-quic-cyu-string.c
index 3c2f8ef24164ea77b65045b0c66f61984a38a541..9e4f65887ba98b3f48ee18c0202ad70a5267ff92 100644 (file)
--- a/src/detect-quic-cyu-string.c
+++ b/src/detect-quic-cyu-string.c
@@ -74,6 +74,7 @@ static InspectionBuffer *QuicStringGetData(DetectEngineThreadCtx *det_ctx,
     const uint8_t *data;
     uint32_t data_len;
     if (rs_quic_tx_get_cyu_string(cbdata->txv, cbdata->local_id, &data, &data_len) == 0) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }
 

diff --git a/src/detect-tls-certs.c b/src/detect-tls-certs.c
index 21fb5c8baa44e0040c237103f72b32263bada2c6..08bf6af2bdac1ad85ec4c4f23cb1b577828f9d7a 100644 (file)
--- a/src/detect-tls-certs.c
+++ b/src/detect-tls-certs.c
@@ -156,6 +156,7 @@ static InspectionBuffer *TlsCertsGetData(DetectEngineThreadCtx *det_ctx,
     }
 
     if (TAILQ_EMPTY(&connp->certs)) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }
 
@@ -165,6 +166,7 @@ static InspectionBuffer *TlsCertsGetData(DetectEngineThreadCtx *det_ctx,
         cbdata->cert = TAILQ_NEXT(cbdata->cert, next);
     }
     if (cbdata->cert == NULL) {
+        InspectionBufferSetupMultiEmpty(buffer);
         return NULL;
     }