Merge pull request #2922 in SNORT/snort3 from ~MDAGON/snort3:hpack to master

Squashed commit of the following:

commit e59cf270b46659a38b44dc92091deb10e7c3e593
Author: Maya Dagon <mdagon@cisco.com>
Date:   Wed Jun 2 10:40:50 2021 -0400

    http2_inspect: track dynamic table memory allocation

diff --git a/src/payload_injector/test/payload_injector_test.cc b/src/payload_injector/test/payload_injector_test.cc
index 34f341d489d4ef94a7cd99d1e5922ece3c2578b3..f0feb020a6f6cee209d717844da2639b7e7e45b2 100644 (file)
--- a/src/payload_injector/test/payload_injector_test.cc
+++ b/src/payload_injector/test/payload_injector_test.cc
@@ -132,6 +132,8 @@ InjectionReturnStatus PayloadInjector::get_http2_payload(InjectionControl,
 
 unsigned Http2FlowData::inspector_id = 0;
 Http2Stream::~Http2Stream() = default;
+HpackDynamicTable::HpackDynamicTable(Http2FlowData* flow_data) :
+    session_data(flow_data) {}
 HpackDynamicTable::~HpackDynamicTable() = default;
 Http2DataCutter::Http2DataCutter(Http2FlowData* _session_data, HttpCommon::SourceId src_id) :
     session_data(_session_data), source_id(src_id) { }

diff --git a/src/service_inspectors/http2_inspect/http2_hpack_dynamic_table.cc b/src/service_inspectors/http2_inspect/http2_hpack_dynamic_table.cc
index ec441ff3c5380a130e00aa5ebd4b91dccd27c90c..dc291995f8cc3380360abc010fde7ad765095755 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_hpack_dynamic_table.cc
+++ b/src/service_inspectors/http2_inspect/http2_hpack_dynamic_table.cc
@@ -22,20 +22,38 @@
 #endif
 
 #include "http2_hpack_dynamic_table.h"
-#include "http2_module.h"
 
 #include <cstring>
 
+#include "http2_flow_data.h"
 #include "http2_hpack_table.h"
+#include "http2_module.h"
 
 using namespace Http2Enums;
 
+HpackDynamicTable::HpackDynamicTable(Http2FlowData* flow_data) :
+    session_data(flow_data)
+{
+    session_data->update_allocations( ARRAY_CAPACITY * sizeof(HpackTableEntry*) +
+        TABLE_MEMORY_TRACKING_INCREMENT);
+    table_memory_allocated = TABLE_MEMORY_TRACKING_INCREMENT;
+}
+
+
 HpackDynamicTable::~HpackDynamicTable()
 {
-    for (std::vector<HpackTableEntry*>::iterator it = circular_buf.begin();
-        it != circular_buf.end(); ++it)
+    for (uint32_t i = 0, indx = start; i < num_entries; i++)
     {
-        delete *it;
+        delete circular_buf[indx];
+        indx = (indx + 1) % ARRAY_CAPACITY;
+    }
+    session_data->update_deallocations( ARRAY_CAPACITY * sizeof(HpackTableEntry*) +
+        TABLE_MEMORY_TRACKING_INCREMENT );
+
+    while (table_memory_allocated > TABLE_MEMORY_TRACKING_INCREMENT)
+    {
+        session_data->update_deallocations(TABLE_MEMORY_TRACKING_INCREMENT);
+        table_memory_allocated -= TABLE_MEMORY_TRACKING_INCREMENT;
     }
 }
 
@@ -71,6 +89,12 @@ bool HpackDynamicTable::add_entry(const Field& name, const Field& value)
         Http2Module::increment_peg_counts(PEG_MAX_TABLE_ENTRIES);
 
     rfc_table_size += new_entry_size;
+    while (rfc_table_size > table_memory_allocated)
+    {
+        session_data->update_allocations(TABLE_MEMORY_TRACKING_INCREMENT);
+        table_memory_allocated += TABLE_MEMORY_TRACKING_INCREMENT;
+    }
+
     return true;
 }
 

diff --git a/src/service_inspectors/http2_inspect/http2_hpack_dynamic_table.h b/src/service_inspectors/http2_inspect/http2_hpack_dynamic_table.h
index 6758500115c1e362727f9a46f15a4959f9abbc8d..43e13178c2f859374b1035d38e0ee611bf44cca6 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_hpack_dynamic_table.h
+++ b/src/service_inspectors/http2_inspect/http2_hpack_dynamic_table.h
@@ -28,12 +28,13 @@
 #include <vector>
 
 struct HpackTableEntry;
+class Http2FlowData;
 
 class HpackDynamicTable
 {
 public:
     // FIXIT-P This array can be optimized to start smaller and grow on demand
-    HpackDynamicTable() : circular_buf(ARRAY_CAPACITY, nullptr) {}
+    HpackDynamicTable(Http2FlowData* flow_data);
     ~HpackDynamicTable();
     const HpackTableEntry* get_entry(uint32_t index) const;
     bool add_entry(const Field& name, const Field& value);
@@ -45,12 +46,15 @@ private:
 
     const static uint32_t DEFAULT_MAX_SIZE = 4096;
     const static uint32_t ARRAY_CAPACITY = 512;
+    const static uint32_t TABLE_MEMORY_TRACKING_INCREMENT = 500;
     uint32_t max_size = DEFAULT_MAX_SIZE;
 
     uint32_t start = 0;
     uint32_t num_entries = 0;
     uint32_t rfc_table_size = 0;
-    std::vector<HpackTableEntry*> circular_buf;
+    HpackTableEntry* circular_buf[ARRAY_CAPACITY] = {0};
+    Http2FlowData* const session_data;
+    uint32_t table_memory_allocated;
 
     void prune_to_size(uint32_t new_max_size);
 };

diff --git a/src/service_inspectors/http2_inspect/http2_hpack_table.h b/src/service_inspectors/http2_inspect/http2_hpack_table.h
index 97bfe0f697c91990318e302f79fda56e8222f326..c09ddbfbdaeec89834498083c35e40c131536793 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_hpack_table.h
+++ b/src/service_inspectors/http2_inspect/http2_hpack_table.h
@@ -41,7 +41,8 @@ class HpackIndexTable
 {
 public:
     HpackIndexTable(Http2FlowData* flow_data, HttpCommon::SourceId src_id) :
-        session_data(flow_data), source_id(src_id) { }
+        dynamic_table(flow_data), session_data(flow_data), source_id(src_id)
+        { }
     const HpackTableEntry* lookup(uint64_t index) const;
     bool add_index(const Field& name, const Field& value);
     bool hpack_table_size_update(const uint32_t size);