Merge pull request #2811 in SNORT/snort3 from ~RUCOMBS/snort3:nfp to master

author Russ Combs (rucombs) <rucombs@cisco.com>

Wed, 21 Apr 2021 13:16:00 +0000 (13:16 +0000)

committer Russ Combs (rucombs) <rucombs@cisco.com>

Wed, 21 Apr 2021 13:16:00 +0000 (13:16 +0000)
author Russ Combs (rucombs) <rucombs@cisco.com>
Wed, 21 Apr 2021 13:16:00 +0000 (13:16 +0000)
committer Russ Combs (rucombs) <rucombs@cisco.com>
Wed, 21 Apr 2021 13:16:00 +0000 (13:16 +0000)
diff --git a/src/detection/fp_detect.cc b/src/detection/fp_detect.cc

index 685bd597c677ce815af633b07f816426a5838c62..1015d5db051587244af0dd0b581d9a6a279c9c51 100644 (file)
--- a/src/detection/fp_detect.cc
+++ b/src/detection/fp_detect.cc
@@ -350,10 +350,7 @@ static void rule_tree_match(
  {
      PMX* pmx = (PMX*)user;
  
-    detection_option_tree_root_t* root = (detection_option_tree_root_t*)tree;
      detection_option_eval_data_t eval_data;
-    NCListNode* ncl;
-
      eval_data.p = context->packet;
      eval_data.pmd = pmx->pmd;
      eval_data.flowbit_failed = 0;
@@ -367,7 +364,7 @@ static void rule_tree_match(
           * may muck with an unintended rule */
  
          /* Set flag for not contents so they aren't evaluated */
-        for (ncl = (NCListNode*)neg_list; ncl != nullptr; ncl = ncl->next)
+        for ( NCListNode* ncl = (NCListNode*)neg_list; ncl != nullptr; ncl = ncl->next)
          {
              PMX* neg_pmx = (PMX*)ncl->pmx;
              assert(neg_pmx->pmd->last_check);
@@ -382,6 +379,10 @@ static void rule_tree_match(
              last_check->rebuild_flag = (eval_data.p->packet_flags & PKT_REBUILT_STREAM);
          }
  
+        if ( !tree )
+            return;
+
+        detection_option_tree_root_t* root = (detection_option_tree_root_t*)tree;
          int ret = detection_option_tree_evaluate(root, eval_data);
  
          if ( ret )
@@ -729,7 +730,7 @@ private:
  bool MpseStash::push(void* user, void* tree, int index, void* context, void* list)
  {
      detection_option_tree_root_t* root = (detection_option_tree_root_t*)tree;
-    bool checker = root->otn->checks_flowbits();
+    bool checker = !root or root->otn->checks_flowbits();
      MatchStore& store = checker ? defer : queue;
  
      for ( auto it = store.rbegin(); it != store.rend(); it++ )
diff --git a/src/ips_options/ips_pcre.cc b/src/ips_options/ips_pcre.cc

index f4379a3f836fcf68007618e6dc8e9b6fa1ee51a6..b51f0540aa679449deb3379e4bce4ec5c6534dc7 100644 (file)
--- a/src/ips_options/ips_pcre.cc
+++ b/src/ips_options/ips_pcre.cc
@@ -47,7 +47,7 @@ using namespace snort;
  #define PCRE_STUDY_JIT_COMPILE 0
  #endif
  
-#define NO_JIT // uncomment to disable JIT for Xcode
+//#define NO_JIT // uncomment to disable JIT for Xcode
  
  #ifdef NO_JIT
  #define PCRE_STUDY_FLAGS 0
author	Russ Combs (rucombs) <rucombs@cisco.com>
	Wed, 21 Apr 2021 13:16:00 +0000 (13:16 +0000)
committer	Russ Combs (rucombs) <rucombs@cisco.com>
	Wed, 21 Apr 2021 13:16:00 +0000 (13:16 +0000)
src/detection/fp_detect.cc		patch \| blob \| blame \| history
src/ips_options/ips_pcre.cc		patch \| blob \| blame \| history