bool is_vxlan_port(uint16_t port)
{ return vxlan_ports.test(port); }
- void set_gtp_ports(PortBitSet ports)
+ void set_gtp_ports(const PortBitSet& ports)
{
gtp_ports = ports;
gtp_decode = ports.any();
}
- void set_vxlan_ports(PortBitSet ports)
+ void set_vxlan_ports(const PortBitSet& ports)
{
vxlan_ports = ports;
vxlan_decode = ports.any();
int sock_fd;
private:
- bool run_thread;
+ bool run_thread = false;
std::thread* receive_thread;
void start_receive_thread();
void stop_receive_thread();
TcpConnectorConfig()
{ direction = snort::Connector::CONN_DUPLEX; async_receive = true; }
- uint16_t base_port;
+ uint16_t base_port = 0;
std::string address;
- Setup setup;
+ Setup setup = {};
bool async_receive;
typedef std::vector<TcpConnectorConfig*> TcpConnectorConfigSet;
child->num_children++;
child->children = (detection_option_tree_node_t**)
- snort_calloc(child->num_children, sizeof(child->children));
+ snort_calloc(child->num_children, sizeof(detection_option_tree_node_t*));
child->is_relative = opt_fp->isRelative;
if (node && child->is_relative)
{
node->num_children++;
tmp_children = (detection_option_tree_node_t**)
- snort_calloc(node->num_children, sizeof(tmp_children));
+ snort_calloc(node->num_children, sizeof(detection_option_tree_node_t*));
memcpy(tmp_children, node->children,
sizeof(detection_option_tree_node_t*) * (node->num_children-1));
detection_option_tree_node_t** tmp_children;
root->num_children++;
tmp_children = (detection_option_tree_node_t**)
- snort_calloc(root->num_children, sizeof(tmp_children));
+ snort_calloc(root->num_children, sizeof(detection_option_tree_node_t*));
memcpy(tmp_children, root->children,
sizeof(detection_option_tree_node_t*) * (root->num_children-1));
snort_free(root->children);
detection_option_tree_node_t** tmp_children;
node->num_children++;
tmp_children = (detection_option_tree_node_t**)
- snort_calloc(node->num_children, sizeof(tmp_children));
+ snort_calloc(node->num_children, sizeof(detection_option_tree_node_t*));
memcpy(tmp_children, node->children,
sizeof(detection_option_tree_node_t*) * (node->num_children-1));
snort_free(node->children);
int i;
int rules = 0;
- if ((pg == nullptr) || (fp == nullptr))
+ if (pg == nullptr)
return -1;
+ if (fp == nullptr)
+ {
+ snort_free(pg);
+ return -1;
+ }
for (i = PM_TYPE_PKT; i < PM_TYPE_MAX; i++)
{
std::vector<Replacement> rpl;
Packet* packet;
- Packet* wire_packet;
+ Packet* wire_packet = nullptr;
Packet* encode_packet;
DAQ_PktHdr_t* pkth;
uint8_t* buf;
- const SnortConfig* conf;
+ const SnortConfig* conf = nullptr;
MpseBatch searches;
MpseStash* stash;
OtnxMatchData* otnx;
std::list<RegexRequest*>::iterator regex_req_it;
SF_EVENTQ* equeue;
- DataPointer file_data;
- DataBuffer alt_data;
+ DataPointer file_data = {};
+ DataBuffer alt_data = {};
uint64_t context_num;
- uint64_t packet_number;
+ uint64_t packet_number = 0;
ActiveRules active_rules;
State state;
bool check_tags;
static constexpr unsigned max_ips_id = 8;
private:
- FlowSnapshot flow;
+ FlowSnapshot flow = {};
std::vector<IpsContextData*> data;
std::vector<unsigned> ids_in_use; // for indirection; FIXIT-P evaluate alternatives
std::vector<Callback> post_callbacks;
IpsContext* depends_on;
IpsContext* next_to_process;
- bool remove_gadget;
+ bool remove_gadget = false;
};
}
#endif
head = last = fileBlock;
}
- if (!fileBlock)
- {
- return error_capture(FILE_CAPTURE_MEMCAP);
- }
-
/*Copy the last piece of file to file buffer*/
if (save_to_file_buffer(current_data,
current_data_len, capture_max_size) )
{
fd = new FileFlows(flow, fi);
flow->set_flow_data(fd);
- }
- else
- return fd;
-
- FileConfig* fc = fi->config;
- if (fc and fd)
- {
- fd->set_file_policy(&(fc->get_file_policy()));
+ if (fi->config)
+ fd->set_file_policy(&(fi->config->get_file_policy()));
}
return fd;
if ((context->get_file_sig_sha256()) || !context->is_file_signature_enabled())
{
/* Just check file type and signature */
- FilePosition position = SNORT_FILE_FULL;
- continue_processing = context->process(p, file_data, data_size, position,
+ continue_processing = context->process(p, file_data, data_size, SNORT_FILE_FULL,
file_policy);
if (context->processing_complete)
remove_processed_file_context(multi_file_processing_id);
uint64_t fsize = file->get_file_size();
if ( fsize > 0)
- TextLog_Print(tlog, "[Size: %u] ", fsize);
+ TextLog_Print(tlog, "[Size: %lu] ", fsize);
TextLog_Print(tlog, "\n");
void free_pools();
int remove(CircularBuffer* cb, void* obj);
- void** datapool; /* memory buffer */
- uint64_t total;
- CircularBuffer* free_list;
- CircularBuffer* released_list;
- size_t obj_size;
+ void** datapool = nullptr; /* memory buffer */
+ uint64_t total = 0;
+ CircularBuffer* free_list = nullptr;
+ CircularBuffer* released_list = nullptr;
+ size_t obj_size = 0;
std::mutex pool_mutex;
};
/* This section will get reset before every decode() function call */
ProtocolId next_prot_id; /* protocol type of the next layer */
- uint16_t lyr_len; /* The length of the valid part layer */
- uint16_t invalid_bytes; /* the length of the INVALID part of this layer */
+ uint16_t lyr_len = 0; /* The length of the valid part layer */
+ uint16_t invalid_bytes = 0; /* the length of the INVALID part of this layer */
/* Reset before each decode of packet begins */
/* Codec specific fields. These fields are only relevant to codecs. */
- uint32_t proto_bits; /* protocols contained within this packet
+ uint32_t proto_bits = 0; /* protocols contained within this packet
-- will be propogated to Snort++ Packet struct*/
- uint16_t codec_flags; /* flags used while decoding */
- uint8_t ip_layer_cnt;
-
- /* The following values have junk values after initialization */
- uint8_t ip6_extension_count; /* initialized in cd_ipv6.cc */
- uint8_t curr_ip6_extension; /* initialized in cd_ipv6.cc */
- IpProtocol ip6_csum_proto; /* initialized in cd_ipv6.cc. Used for IPv6 checksums */
- bool tunnel_bypass;
-
- CodecData(const SnortConfig* sc, ProtocolId init_prot) :
- conf(sc), next_prot_id(init_prot), lyr_len(0), invalid_bytes(0),
- proto_bits(0), codec_flags(0), ip_layer_cnt(0), tunnel_bypass(false)
+ uint16_t codec_flags = 0; /* flags used while decoding */
+ uint8_t ip_layer_cnt = 0;
+
+ uint8_t ip6_extension_count = 0;
+ uint8_t curr_ip6_extension = 0;
+ IpProtocol ip6_csum_proto = IpProtocol::IP; /* Used for IPv6 checksums */
+ bool tunnel_bypass = false;
+
+ CodecData(const SnortConfig* sc, ProtocolId init_prot) : conf(sc), next_prot_id(init_prot)
{ }
bool inline is_cooked() const
Inspector(); // internal init only at this point
private:
- const InspectApi* api;
+ const InspectApi* api = nullptr;
std::atomic_uint* ref_count;
- SnortProtocolId snort_protocol_id;
+ SnortProtocolId snort_protocol_id = 0;
};
// at present there is no sequencing among like types except that appid
private:
int log_flags = 0;
uint8_t* buf = nullptr;
- unsigned char* emailHdrs;
- uint32_t log_depth;
+ unsigned char* emailHdrs = nullptr;
+ uint32_t log_depth = 0;
uint32_t hdrs_logged;
uint8_t* recipients = nullptr;
uint16_t rcpts_logged;
if ( (p->packet_flags & PKT_USE_DIRECT_INJECT) or
(p->flow and p->flow->flags.use_direct_inject) )
{
- DIOCTL_DirectInjectReset msg = { p->daq_msg, !(ef & ENC_FLAG_FWD) };
+ DIOCTL_DirectInjectReset msg =
+ { p->daq_msg, (uint8_t)((ef & ENC_FLAG_FWD) ? DAQ_DIR_FORWARD : DAQ_DIR_REVERSE) };
int ret = p->daq_instance->ioctl(DIOCTL_DIRECT_INJECT_RESET,
&msg, sizeof(msg));
if ( ret != DAQ_SUCCESS )
EncodeFlags tmp_flags = flags ^ ENC_FLAG_FWD;
if ( use_direct_inject )
{
- DIOCTL_DirectInjectReset msg = { p->daq_msg, !(tmp_flags & ENC_FLAG_FWD) };
+ DIOCTL_DirectInjectReset msg =
+ { p->daq_msg, (uint8_t)((tmp_flags & ENC_FLAG_FWD) ? DAQ_DIR_FORWARD : DAQ_DIR_REVERSE) };
ret = p->daq_instance->ioctl(DIOCTL_DIRECT_INJECT_RESET,
&msg, sizeof(msg));
if ( ret != DAQ_SUCCESS )
flags = (flags & ~ENC_FLAG_VAL);
const DAQ_DIPayloadSegment segments[] = { {buf, blen} };
const DAQ_DIPayloadSegment* payload[] = { &segments[0] };
- DIOCTL_DirectInjectPayload msg = { p->daq_msg, payload, 1, !(flags & ENC_FLAG_FWD)};
+ DIOCTL_DirectInjectPayload msg = { p->daq_msg, payload, 1,
+ (uint8_t)((flags & ENC_FLAG_FWD) ? DAQ_DIR_FORWARD : DAQ_DIR_REVERSE) };
ret = p->daq_instance->ioctl(DIOCTL_DIRECT_INJECT_PAYLOAD,
&msg, sizeof(msg));
if ( ret != DAQ_SUCCESS )
flags = (flags & ~ENC_FLAG_VAL) | sent;
if ( use_direct_inject )
{
- DIOCTL_DirectInjectReset msg = { p->daq_msg, !(flags & ENC_FLAG_FWD) };
+ DIOCTL_DirectInjectReset msg =
+ { p->daq_msg, (uint8_t)((flags & ENC_FLAG_FWD) ? DAQ_DIR_FORWARD : DAQ_DIR_REVERSE) };
ret = p->daq_instance->ioctl(DIOCTL_DIRECT_INJECT_RESET,
&msg, sizeof(msg));
if ( ret != DAQ_SUCCESS )
if ( s_ignore )
return;
+ assert(val);
if ( s_capture )
{
s_body += opt;
- if ( val and *val )
+ if ( *val )
{
s_body += " ";
s_body += val;
string opt;
string val;
- bool tbd;
+ bool tbd = false;
};
static bool exec(
{
unsigned char* pc_ptr = (unsigned char*)&plx->p[i];
- for ( unsigned k = 0; k < sizeof(void*); k++ )
+ for ( unsigned j = 0; j < sizeof(void*); j++ )
{
hash *= scale;
- hash += pc_ptr[k];
+ hash += pc_ptr[j];
}
}
return hash ^ hardener;
{
SF_LNODE* lpos;
+ if ( !p )
+ return -1;
+
/* Search for the Port Object in the input list, by address */
for ( PortObject* pox = (PortObject*)sflist_first(p->pt_polist, &lpos);
pox!=nullptr;
int* currNode = (int*)sflist_first(rl, &pos);
if ( !currNode )
+ {
+ snort_free(rlist);
return;
+ }
for ( unsigned i = 0; i < rl->count; i++ )
{
if (rlist[i] > lastRuleIndex)
{
- *currNode = lastRuleIndex = rlist[i];
+ lastRuleIndex = rlist[i];
+ if (currNode)
+ *currNode = lastRuleIndex;
//replace the next element in place
currNode = (int*)sflist_next(&pos);
uniqElements++;
{
sfip_node_t* node;
- /* Skip leading commas */
- for (; *str == ','; str++)
- ;
-
/* Check for a negated "any" */
if (negation ^ neg_ip && !strcasecmp(tok, "any"))
{
projects / thirdparty / snort3.git / commitdiff
