#define TCP_GET_OFFSET(p) TCP_GET_RAW_OFFSET((p)->tcph)
#define TCP_GET_X2(p) TCP_GET_RAW_X2((p)->tcph)
-#define TCP_GET_HLEN(p) (TCP_GET_OFFSET((p)) << 2)
+#define TCP_GET_HLEN(p) ((uint8_t)(TCP_GET_OFFSET((p)) << 2))
#define TCP_GET_SRC_PORT(p) TCP_GET_RAW_SRC_PORT((p)->tcph)
#define TCP_GET_DST_PORT(p) TCP_GET_RAW_DST_PORT((p)->tcph)
#define TCP_GET_SEQ(p) TCP_GET_RAW_SEQ((p)->tcph)
extern bool g_disable_hashing;
#include <ctype.h>
-#define u8_tolower(c) tolower((uint8_t)(c))
-#define u8_toupper(c) toupper((uint8_t)(c))
+#define u8_tolower(c) ((uint8_t)tolower((uint8_t)(c)))
+#define u8_toupper(c) ((uint8_t)toupper((uint8_t)(c)))
void EngineStop(void);
void EngineDone(void);
*/
int AffinityGetNextCPU(ThreadsAffinityType *taf)
{
- int ncpu = 0;
+ uint16_t ncpu = 0;
#if !defined __CYGWIN__ && !defined OS_WIN32 && !defined __OpenBSD__ && !defined sun
int iter = 0;
SCMutexLock(&taf->taf_mutex);
/* For each alpha-numeric letter in the source array, find the numeric
* value */
- b64[bbidx++] = (val > 0 ? val : 0);
+ b64[bbidx++] = (val > 0 ? (uint8_t)val : 0);
/* Decode every 4 base64 bytes into 3 ascii bytes */
if (bbidx == B64_BLOCK) {
return UINT16_MAX;
}
- return nprocs;
+ return (uint16_t)nprocs;
#elif OS_WIN32
return UtilCpuGetNumProcessorsConfigured();
#else
SCLogOPIface iface;
int16_t use_color;
- int16_t type;
+ SCLogOPType type;
/* the output file to be used if the interface is SC_LOG_IFACE_FILE */
const char *file;
l = sum + old - new;
l = (l >> 16) + (l & 65535);
- l = l & 65535;
- return l;
+ return (uint16_t)(l & 65535);
}
struct in_addr *ipv4_addr = NULL;
struct in6_addr *ipv6_addr = NULL;
char *netmask_str = NULL;
- int netmask_value = 0;
+ uint8_t netmask_value = 0;
int *user_data = NULL;
bool recursive = false;
SCRadixAddKeyIPV4((uint8_t *)ipv4_addr, sc_hinfo_tree,
(void *)user_data);
} else {
- if (StringParseI32RangeCheck(&netmask_value, 10, 0, (const char *)netmask_str, 0, 32) < 0) {
+ if (StringParseU8RangeCheck(&netmask_value, 10, 0, (const char *)netmask_str, 0, 32) <
+ 0) {
SCLogError(SC_ERR_INVALID_IP_NETBLOCK, "Invalid IPV4 Netblock");
SCHInfoFreeUserDataOSPolicy(user_data);
SCFree(ipv4_addr);
SCRadixAddKeyIPV6((uint8_t *)ipv6_addr, sc_hinfo_tree,
(void *)user_data);
} else {
- if (StringParseI32RangeCheck(&netmask_value, 10, 0, (const char *)netmask_str, 0, 128) < 0) {
+ if (StringParseU8RangeCheck(&netmask_value, 10, 0, (const char *)netmask_str, 0, 128) <
+ 0) {
SCLogError(SC_ERR_INVALID_IP_NETBLOCK, "Invalid IPV6 Netblock");
SCHInfoFreeUserDataOSPolicy(user_data);
SCFree(ipv6_addr);
ifr.ifr_flags = flags & 0xffff;
ifr.ifr_flagshigh = flags >> 16;
#else
- ifr.ifr_flags = flags;
+ ifr.ifr_flags = (uint16_t)flags;
#endif
if (ioctl(fd, SIOCSIFFLAGS, &ifr) == -1) {
filename, strerror(errno));
} else {
if (mode != 0) {
- int r = chmod(filename, mode);
+ int r = chmod(filename, (mode_t)mode);
if (r < 0) {
SCLogWarning(SC_WARN_CHMOD, "Could not chmod %s to %o: %s",
filename, mode, strerror(errno));
const char *filemode = ConfNodeLookupChildValue(conf, "filemode");
uint32_t mode = 0;
- if (filemode != NULL &&
- StringParseUint32(&mode, 8, strlen(filemode),
- filemode) > 0) {
+ if (filemode != NULL && StringParseUint32(&mode, 8, (uint16_t)strlen(filemode), filemode) > 0) {
log_ctx->filemode = mode;
}
#include "util-unittest-helper.h"
#include "util-memcmp.h"
#include "util-memcpy.h"
+#include "util-validate.h"
void SCACBSInitCtx(MpmCtx *);
void SCACBSInitThreadCtx(MpmCtx *, MpmThreadCtx *);
memset(&q, 0, sizeof(StateQueue));
for (ascii_code = 0; ascii_code < 256; ascii_code++) {
- SC_AC_BS_STATE_TYPE_U16 temp_state = ctx->goto_table[0][ascii_code];
+ DEBUG_VALIDATE_BUG_ON(ctx->goto_table[0][ascii_code] > UINT16_MAX);
+ SC_AC_BS_STATE_TYPE_U16 temp_state = (uint16_t)ctx->goto_table[0][ascii_code];
ctx->state_table_u16[0][ascii_code] = temp_state;
if (temp_state != 0)
SCACBSEnqueue(&q, temp_state);
int32_t temp_state = ctx->goto_table[r_state][ascii_code];
if (temp_state != SC_AC_BS_FAIL) {
SCACBSEnqueue(&q, temp_state);
- ctx->state_table_u16[r_state][ascii_code] = temp_state;
+ DEBUG_VALIDATE_BUG_ON(temp_state > UINT16_MAX);
+ ctx->state_table_u16[r_state][ascii_code] = (uint16_t)temp_state;
} else {
ctx->state_table_u16[r_state][ascii_code] =
ctx->state_table_u16[ctx->failure_table[r_state]][ascii_code];
#include "util-unittest-helper.h"
#include "util-memcmp.h"
#include "util-memcpy.h"
+#include "util-validate.h"
#include "util-mpm-ac-ks.h"
#if __BYTE_ORDER == __LITTLE_ENDIAN
}
if (ctx->alpha_hist[i]) {
ctx->alphabet_size++;
- ctx->translate_table[i] = ctx->alphabet_size;
+ DEBUG_VALIDATE_BUG_ON(ctx->alphabet_size > UINT8_MAX);
+ ctx->translate_table[i] = (uint8_t)ctx->alphabet_size;
} else
ctx->translate_table[i] = 0;
}
int next_state, int outputs)
{
uint8_t *state_table = (uint8_t*)ctx->state_table;
- uint8_t encoded_next_state = next_state;
+ DEBUG_VALIDATE_BUG_ON(next_state < 0 || next_state > UINT8_MAX);
+ uint8_t encoded_next_state = (uint8_t)next_state;
if (next_state == SC_AC_TILE_FAIL) {
FatalError(SC_ERR_FATAL, "Error FAIL state in output");
int next_state, int outputs)
{
uint16_t *state_table = (uint16_t*)ctx->state_table;
- uint16_t encoded_next_state = next_state;
+ DEBUG_VALIDATE_BUG_ON(next_state < 0 || next_state > UINT16_MAX);
+ uint16_t encoded_next_state = (uint16_t)next_state;
if (next_state == SC_AC_TILE_FAIL) {
FatalError(SC_ERR_FATAL, "Error FAIL state in output");
/* Now make the copies of the no-case strings. */
for (i = 0; i < mpm_ctx->pattern_cnt; i++) {
if (!(ctx->parray[i]->flags & MPM_PATTERN_FLAG_NOCASE)) {
- uint32_t len = ctx->parray[i]->len;
+ uint16_t len = ctx->parray[i]->len;
uint32_t space = ((len + 7) / 8) * 8;
memcpy(string_space, ctx->parray[i]->original_pat, len);
ctx->pattern_list[i].cs = string_space;
for (i = 0; i < buflen; i++) {
state = state_table_u32[state & 0x00FFFFFF][xlate[buf[i]]];
if (SCHECK(state)) {
- matches = CheckMatch(ctx, pmq, buf, buflen, state, i, matches, mpm_bitarray);
+ DEBUG_VALIDATE_BUG_ON(state < 0 || state > UINT16_MAX);
+ matches = CheckMatch(ctx, pmq, buf, buflen, (uint16_t)state, i, matches, mpm_bitarray);
}
} /* for (i = 0; i < buflen; i++) */
#include "util-memcmp.h"
#include "util-mpm-ac.h"
#include "util-memcpy.h"
+#include "util-validate.h"
void SCACInitCtx(MpmCtx *);
void SCACInitThreadCtx(MpmCtx *, MpmThreadCtx *);
memset(&q, 0, sizeof(StateQueue));
for (ascii_code = 0; ascii_code < 256; ascii_code++) {
- SC_AC_STATE_TYPE_U16 temp_state = ctx->goto_table[0][ascii_code];
+ DEBUG_VALIDATE_BUG_ON(ctx->goto_table[0][ascii_code] > UINT16_MAX);
+ SC_AC_STATE_TYPE_U16 temp_state = (uint16_t)ctx->goto_table[0][ascii_code];
ctx->state_table_u16[0][ascii_code] = temp_state;
if (temp_state != 0)
SCACEnqueue(&q, temp_state);
int32_t temp_state = ctx->goto_table[r_state][ascii_code];
if (temp_state != SC_AC_FAIL) {
SCACEnqueue(&q, temp_state);
- ctx->state_table_u16[r_state][ascii_code] = temp_state;
+ DEBUG_VALIDATE_BUG_ON(temp_state > UINT16_MAX);
+ ctx->state_table_u16[r_state][ascii_code] = (uint16_t)temp_state;
} else {
ctx->state_table_u16[r_state][ascii_code] =
ctx->state_table_u16[ctx->failure_table[r_state]][ascii_code];
#endif
MpmTableElmt mpm_table[MPM_TABLE_SIZE];
-uint16_t mpm_default_matcher;
+uint8_t mpm_default_matcher;
/**
* \brief Register a new Mpm Context.
mpm_table[matcher].InitThreadCtx(NULL, mpm_thread_ctx);
}
-void MpmInitCtx (MpmCtx *mpm_ctx, uint16_t matcher)
+void MpmInitCtx(MpmCtx *mpm_ctx, uint8_t matcher)
{
mpm_ctx->mpm_type = matcher;
mpm_table[matcher].InitCtx(mpm_ctx);
} MpmTableElmt;
extern MpmTableElmt mpm_table[MPM_TABLE_SIZE];
-extern uint16_t mpm_default_matcher;
+extern uint8_t mpm_default_matcher;
struct DetectEngineCtx_;
void MpmTableSetup(void);
void MpmRegisterTests(void);
-void MpmInitCtx(MpmCtx *mpm_ctx, uint16_t matcher);
+void MpmInitCtx(MpmCtx *mpm_ctx, uint8_t matcher);
void MpmInitThreadCtx(MpmThreadCtx *mpm_thread_ctx, uint16_t);
int MpmAddPatternCS(struct MpmCtx_ *mpm_ctx, uint8_t *pat, uint16_t patlen,
return len1 == len2 && memcmp(p1->name, p2->name, len1) == 0;
}
-static void ProtoNameAddEntry(const char *proto_name, const int proto_number)
+static void ProtoNameAddEntry(const char *proto_name, const uint8_t proto_number)
{
ProtoNameHashEntry *proto_ent = SCCalloc(1, sizeof(ProtoNameHashEntry));
if (!proto_ent) {
FatalError(SC_ERR_HASH_TABLE_INIT, "Unable to initialize protocol name/number table");
}
- for (uint32_t i = 0; i < ARRAY_SIZE(known_proto); i++) {
+ for (uint16_t i = 0; i < ARRAY_SIZE(known_proto); i++) {
if (known_proto[i]) {
- ProtoNameAddEntry(known_proto[i], i);
+ ProtoNameAddEntry(known_proto[i], (uint8_t)i);
}
}
- for (uint32_t i = 0; i < ARRAY_SIZE(proto_aliases); i++) {
+ for (uint16_t i = 0; i < ARRAY_SIZE(proto_aliases); i++) {
if (proto_aliases[i]) {
- ProtoNameAddEntry(proto_aliases[i], i);
+ ProtoNameAddEntry(proto_aliases[i], (uint8_t)i);
}
}
}
*
* \retval node Pointer to the newly created node
*/
-static SCRadixNode *SCRadixAddKey(uint8_t *key_stream, uint16_t key_bitlen,
- SCRadixTree *tree, void *user, uint8_t netmask)
+static SCRadixNode *SCRadixAddKey(
+ uint8_t *key_stream, uint8_t key_bitlen, SCRadixTree *tree, void *user, uint8_t netmask)
{
SCRadixNode *node = NULL;
SCRadixNode *new_node = NULL;
uint8_t *stream = NULL;
uint8_t bitlen = 0;
- int check_bit = 0;
- int differ_bit = 0;
+ uint16_t check_bit = 0;
+ uint16_t differ_bit = 0;
- int i = 0;
- int j = 0;
+ uint16_t i = 0;
+ uint16_t j = 0;
int temp = 0;
if (tree == NULL) {
node->netmasks[node->netmask_cnt - 1] = netmask;
- for (i = node->netmask_cnt - 2; i >= 0; i--) {
- if (netmask < node->netmasks[i]) {
- node->netmasks[i + 1] = netmask;
+ for (i = node->netmask_cnt - 1; i > 0; i--) {
+ if (netmask < node->netmasks[i - 1]) {
+ node->netmasks[i] = netmask;
break;
}
- node->netmasks[i + 1] = node->netmasks[i];
- node->netmasks[i] = netmask;
+ node->netmasks[i] = node->netmasks[i - 1];
+ node->netmasks[i - 1] = netmask;
}
}
} else {
node->netmasks[node->netmask_cnt - 1] = netmask;
- for (i = node->netmask_cnt - 2; i >= 0; i--) {
- if (netmask < node->netmasks[i]) {
- node->netmasks[i + 1] = netmask;
+ for (i = node->netmask_cnt - 1; i > 0; i--) {
+ if (netmask < node->netmasks[i - 1]) {
+ node->netmasks[i] = netmask;
break;
}
- node->netmasks[i + 1] = node->netmasks[i];
- node->netmasks[i] = netmask;
+ node->netmasks[i] = node->netmasks[i - 1];
+ node->netmasks[i - 1] = netmask;
}
}
return new_node;
}
-/**
- * \brief Adds a new generic key to the Radix tree
- *
- * \param key_stream Data that has to be added to the Radix tree
- * \param key_bitlen The bitlen of the the above stream. For example if the
- * stream is the string "abcd", the bitlen would be 32
- * \param tree Pointer to the Radix tree
- * \param user Pointer to the user data that has to be associated with the
- * key
- *
- * \retval node Pointer to the newly created node
- */
-SCRadixNode *SCRadixAddKeyGeneric(uint8_t *key_stream, uint16_t key_bitlen,
- SCRadixTree *tree, void *user)
-{
- SCRadixNode *node = SCRadixAddKey(key_stream, key_bitlen, tree, user, 255);
-
- return node;
-}
-
/**
* \brief Adds a new IPV4 address to the Radix tree
*
* \param exact_match The key to be searched is an ip address
* \param netmask Netmask used during exact match
*/
-static SCRadixNode *SCRadixFindKey(uint8_t *key_stream, uint16_t key_bitlen, uint8_t netmask,
+static SCRadixNode *SCRadixFindKey(uint8_t *key_stream, uint8_t key_bitlen, uint8_t netmask,
SCRadixTree *tree, int exact_match, void **user_data_result)
{
if (tree == NULL || tree->head == NULL)
int bytes = 0;
uint8_t tmp_stream[255];
- if (key_bitlen > 255)
- return NULL;
-
memset(tmp_stream, 0, 255);
memcpy(tmp_stream, key_stream, key_bitlen / 8);
return ret;
}
-/**
- * \brief Checks if a key is present in the tree
- *
- * \param key_stream Data that has to be found in the Radix tree
- * \param key_bitlen The bitlen of the the above stream.
- * \param tree Pointer to the Radix tree instance
- */
-SCRadixNode *SCRadixFindKeyGeneric(uint8_t *key_stream, uint16_t key_bitlen,
- SCRadixTree *tree, void **user_data_result)
-{
- return SCRadixFindKey(key_stream, key_bitlen, 0, tree, 1, user_data_result); /* TODO netmask? */
-}
-
/**
* \brief Checks if an IPV4 address is present in the tree
*
uint16_t pad0;
/* total no of netmasks that are registered under this node */
- int netmask_cnt;
+ uint16_t netmask_cnt;
/* holds a list of netmaks that come under this node in the tree */
uint8_t *netmasks;
SCRadixTree *SCRadixCreateRadixTree(void (*Free)(void*), void (*PrintData)(void*));
void SCRadixReleaseRadixTree(SCRadixTree *);
-SCRadixNode *SCRadixAddKeyGeneric(uint8_t *, uint16_t, SCRadixTree *, void *);
SCRadixNode *SCRadixAddKeyIPV4(uint8_t *, SCRadixTree *, void *);
SCRadixNode *SCRadixAddKeyIPV6(uint8_t *, SCRadixTree *, void *);
SCRadixNode *SCRadixAddKeyIPV4Netblock(uint8_t *, SCRadixTree *, void *,
void SCRadixRemoveKeyIPV6Netblock(uint8_t *, SCRadixTree *, uint8_t);
void SCRadixRemoveKeyIPV6(uint8_t *, SCRadixTree *);
-SCRadixNode *SCRadixFindKeyGeneric(uint8_t *, uint16_t, SCRadixTree *, void **);
-
SCRadixNode *SCRadixFindKeyIPV4ExactMatch(uint8_t *, SCRadixTree *, void **);
SCRadixNode *SCRadixFindKeyIPV4Netblock(uint8_t *, SCRadixTree *, uint8_t, void **);
SCRadixNode *SCRadixFindKeyIPV4BestMatch(uint8_t *, SCRadixTree *, void **);
#include "util-debug.h"
#include "util-error.h"
#include "util-memcpy.h"
+#include "util-validate.h"
static int PreBmGs(const uint8_t *x, uint16_t m, uint16_t *bmGs);
static void PreBmBc(const uint8_t *x, uint16_t m, uint16_t *bmBc);
*/
static void PreBmBc(const uint8_t *x, uint16_t m, uint16_t *bmBc)
{
- int32_t i;
+ uint16_t i;
for (i = 0; i < 256; ++i) {
bmBc[i] = m;
f = i;
while (g >= 0 && x[g] == x[g + m - 1 - f])
--g;
- suff[i] = f - g;
+ DEBUG_VALIDATE_BUG_ON(f - g < 0 || f - g > UINT16_MAX);
+ suff[i] = (uint16_t)(f - g);
}
}
}
if (i == -1 || suff[i] == i + 1)
for (; j < m - 1 - i; ++j)
if (bmGs[j] == m)
- bmGs[j] = m - 1 - i;
+ bmGs[j] = (uint16_t)(m - 1 - i);
for (i = 0; i <= m - 2; ++i)
- bmGs[m - 1 - suff[i]] = m - 1 - i;
+ bmGs[m - 1 - suff[i]] = (uint16_t)(m - 1 - i);
return 0;
}
*/
static void PreBmBcNocase(const uint8_t *x, uint16_t m, uint16_t *bmBc)
{
- int32_t i;
+ uint16_t i;
for (i = 0; i < 256; ++i) {
bmBc[i] = m;
}
for (i = 0; i < m - 1; ++i) {
- bmBc[u8_tolower((unsigned char)x[i])] = m - 1 - i;
- bmBc[u8_toupper((unsigned char)x[i])] = m - 1 - i;
+ bmBc[u8_tolower(x[i])] = m - 1 - i;
+ bmBc[u8_toupper(x[i])] = m - 1 - i;
}
}
while (g >= 0 && u8_tolower(x[g]) == u8_tolower(x[g + m - 1 - f])) {
--g;
}
- suff[i] = f - g;
+ DEBUG_VALIDATE_BUG_ON(f - g < 0 || f - g > UINT16_MAX);
+ suff[i] = (uint16_t)(f - g);
}
}
}
*/
static void PreBmGsNocase(const uint8_t *x, uint16_t m, uint16_t *bmGs)
{
- int32_t i, j;
+ uint16_t i, j;
uint16_t suff[m + 1];
BoyerMooreSuffixesNocase(x, m, suff);
bmGs[i] = m;
}
j = 0;
- for (i = m - 1; i >= 0; --i) {
- if (i == -1 || suff[i] == i + 1) {
- for (; j < m - 1 - i; ++j) {
+ for (i = m; i > 0; --i) {
+ if (suff[i-1] == i) {
+ for (; j < m - i; ++j) {
if (bmGs[j] == m) {
- bmGs[j] = m - 1 - i;
+ bmGs[j] = m - i;
}
}
}
GET_VAR(cnf_prefix, "hash-size");
if ((ConfGet(varname, &conf_val)) == 1)
{
- if (StringParseUint32(&configval, 10, strlen(conf_val),
- conf_val) > 0) {
+ if (StringParseUint32(&configval, 10, (uint16_t)strlen(conf_val), conf_val) > 0) {
ctx->config.hash_size = configval;
}
}
GET_VAR(cnf_prefix, "prealloc");
if ((ConfGet(varname, &conf_val)) == 1)
{
- if (StringParseUint32(&configval, 10, strlen(conf_val),
- conf_val) > 0) {
+ if (StringParseUint32(&configval, 10, (uint16_t)strlen(conf_val), conf_val) > 0) {
ctx->config.prealloc = configval;
} else {
WarnInvalidConfEntry(varname, "%"PRIu32, ctx->config.prealloc);
/* TODO: implement option "apply_to" */
- if (StringParseUint32(&parsed_timeout, 10, strlen(th_timeout), th_timeout) <= 0) {
+ if (StringParseUint32(&parsed_timeout, 10, sizeof(th_timeout), th_timeout) <= 0) {
goto error;
}
goto error;
}
- if (StringParseUint32(&parsed_count, 10, strlen(th_count), th_count) <= 0) {
+ if (StringParseUint32(&parsed_count, 10, sizeof(th_count), th_count) <= 0) {
goto error;
}
if (parsed_count == 0) {
goto error;
}
- if (StringParseUint32(&parsed_seconds, 10, strlen(th_seconds), th_seconds) <= 0) {
+ if (StringParseUint32(&parsed_seconds, 10, sizeof(th_seconds), th_seconds) <= 0) {
goto error;
}
break;
}
- if (StringParseUint32(&id, 10, strlen(th_sid), th_sid) <= 0) {
+ if (StringParseUint32(&id, 10, sizeof(th_sid), th_sid) <= 0) {
goto error;
}
- if (StringParseUint32(&gid, 10, strlen(th_gid), th_gid) <= 0) {
+ if (StringParseUint32(&gid, 10, sizeof(th_gid), th_gid) <= 0) {
goto error;
}
/** \brief Name2idx mapping structure for flowbits, flowvars and pktvars. */
typedef struct VariableName_ {
char *name;
- uint8_t type; /* flowbit, pktvar, etc */
+ enum VarTypes type; /* flowbit, pktvar, etc */
uint32_t idx;
} VariableName;
projects / thirdparty / suricata.git / commitdiff
