{
// Match all versions of this type.
get_magic_rule_ids_from_type(type_name, "", ids_set, sc);
+
if (ids_set.none())
- {
- ParseError("Invalid file_type type '%s'. Not found in file_rules.", type_name.c_str());
return false;
- }
types |= ids_set;
return true;
}
get_magic_rule_ids_from_type(type_name, version, ids_set, sc);
+
if (ids_set.none())
- {
- ParseError("Invalid file_type type '%s' or version '%s'. Not found in file_rules.",
- type_name.c_str(), version.c_str());
return false;
- }
types |= ids_set;
while (std::getline(stream, version, ','))
{
get_magic_rule_ids_from_type(type_name, version, ids_set, sc);
+
if (ids_set.none())
- {
- ParseError("Invalid file_type type '%s' or version '%s'. Not found in file_rules.",
- type_name.c_str(), version.c_str());
return false;
- }
types |= ids_set;
}
}
Shell sh = Shell(fname);
- sh.configure(SnortConfig::get_conf());
+ sh.configure(SnortConfig::get_conf(), false, true);
tTargetBasedConfig* old = SFAT_GetConfig();
tTargetBasedConfig* tc = SFAT_Swap();
#include "detection/detection_engine.h"
#include "log/messages.h"
#include "managers/inspector_manager.h"
+#include "parser/parse_conf.h"
#include "parser/vars.h"
#include "ports/port_var_table.h"
policy_mode = POLICY_MODE__MAX;
var_table = nullptr;
+ parse_from = get_parse_file();
var_id = 1;
ip_vartable = sfvt_alloc_table();
overrides += sh->overrides;
}
-bool Shell::configure(SnortConfig* sc, bool is_fatal)
+bool Shell::configure(SnortConfig* sc, bool is_fatal, bool is_root)
{
assert(file.size());
ModuleManager::set_config(sc);
}
std::string path = parse_from;
- const char* code = get_config_file(file.c_str(), path);
+ const char* code;
+
+ if ( !is_root )
+ code = get_config_file(file.c_str(), path);
+ else
+ {
+ code = "W";
+ path = file;
+ }
if ( !code )
{
void set_overrides(const char*);
void set_overrides(Shell*);
- bool configure(snort::SnortConfig*, bool is_fatal = true);
+ bool configure(snort::SnortConfig*, bool is_fatal = true, bool is_root = false);
void install(const char*, const struct luaL_Reg*);
void execute(const char*, std::string&);
#include "target_based/sftarget_reader.h"
#include "time/packet_time.h"
#include "time/periodic.h"
-#include "utils/kmap.h"
#include "utils/util.h"
#include "utils/util_utf.h"
#include "utils/util_jsnorm.h"
load_network_inspectors();
load_service_inspectors();
- /* chew up the command line */
snort_cmd_line_conf = parse_cmd_line(argc, argv);
SnortConfig::set_conf(snort_cmd_line_conf);
if ( fname )
{
Shell sh = Shell(fname);
- sh.configure(sc);
+ sh.configure(sc, false, true);
if ( ModuleManager::get_errors() || !sc->verify() )
{
output_flags |= cmd_line->output_flags;
logging_flags |= cmd_line->logging_flags;
+ include_path = cmd_line->include_path;
stdin_rules = cmd_line->stdin_rules;
// only set by cmd_line to override other conf output settings
snort_free(tmp);
}
+void SnortConfig::set_include_path(const char* path)
+{
+ if (path)
+ include_path = path;
+ else
+ include_path.clear();
+}
+
void SnortConfig::set_plugin_path(const char* path)
{
if (path)
RUN_FLAG__READ = 0x00000001,
RUN_FLAG__DAEMON = 0x00000002,
RUN_FLAG__NO_PROMISCUOUS = 0x00000004,
- RUN_FLAG__NO_OVERRIDES = 0x00000008,
+ // unused = 0x00000008,
RUN_FLAG__INLINE = 0x00000010,
RUN_FLAG__STATIC_HASH = 0x00000020,
bool dirty_pig = false;
std::string chroot_dir; /* -t or config chroot */
+ std::string include_path;
std::string plugin_path;
std::vector<std::string> script_paths;
void set_no_logging_timestamps(bool);
void set_obfuscate(bool);
void set_obfuscation_mask(const char*);
+ void set_include_path(const char*);
void set_plugin_path(const char*);
void set_process_all_events(bool);
void set_quiet(bool);
static bool show_file_codes()
{ return get_conf()->run_flags & RUN_FLAG__SHOW_FILE_CODES; }
- static bool allow_overrides()
- { return !(get_conf()->run_flags & RUN_FLAG__NO_OVERRIDES); }
-
static bool adaptor_inline_mode()
{ return get_conf()->run_flags & RUN_FLAG__INLINE; }
{ "--dirty-pig", Parameter::PT_IMPLIED, nullptr, nullptr,
"don't flush packets on shutdown" },
- { "--disable-overrides", Parameter::PT_IMPLIED, nullptr, nullptr,
- "do not first look for files relative to the working directory" },
-
{ "--dump-builtin-rules", Parameter::PT_STRING, "(optional)", nullptr,
"[<module prefix>] output stub rules for selected modules" },
{ "--id-zero", Parameter::PT_IMPLIED, nullptr, nullptr,
"use id prefix / subdirectory even with one packet thread" },
+ { "--include-path", Parameter::PT_STRING, nullptr, nullptr,
+ "<path> where to find Lua and rule included files; "
+ "searched before current or config directories" },
+
{ "--list-buffers", Parameter::PT_IMPLIED, nullptr, nullptr,
"output available inspection buffers" },
else if ( v.is("--enable-inline-test") )
sc->run_flags |= RUN_FLAG__INLINE_TEST;
- else if ( v.is("--disable-overrides") )
- sc->run_flags |= RUN_FLAG__NO_OVERRIDES;
-
else if ( v.is("--gen-msg-map") )
dump_msg_map(sc, v.get_string());
else if ( v.is("--id-zero") )
sc->id_zero = true;
+ else if ( v.is("--include-path") )
+ sc->set_include_path(v.get_string());
+
else if ( v.is("--list-buffers") )
help_buffers(sc, v.get_string());
bool set_number(const char*, double);
bool set_string(const char*, const char*);
bool set_alias(const char*, const char*);
-const char* push_relative_path(const char*);
-void pop_relative_path();
+const char* push_include_path(const char*);
+void pop_include_path();
]]
function include(file)
- local base_name = ffi.C.push_relative_path(file)
+ local base_name = ffi.C.push_include_path(file)
dofile(ffi.string(base_name))
- ffi.C.pop_relative_path()
+ ffi.C.pop_include_path()
end
function snort_traverse(tab, fqn)
bool set_string(const char* fqn, const char* val);
bool set_alias(const char* from, const char* to);
- const char* push_relative_path(const char* file);
- void pop_relative_path();
+ const char* push_include_path(const char* file);
+ void pop_include_path();
}
//-------------------------------------------------------------------------
return set_value(fqn, v);
}
-SO_PUBLIC const char* push_relative_path(const char* file)
+SO_PUBLIC const char* push_include_path(const char* file)
{
static std::string path;
path = "";
return path.c_str();
}
-SO_PUBLIC void pop_relative_path()
+SO_PUBLIC void pop_include_path()
{
pop_parse_location();
}
return p;
}
-IPSET* ipset_copy(IPSET* ipsp)
-{
- IPSET* newset = ipset_new();
- IP_PORT* ip_port;
- SF_LNODE* cursor;
-
- for (ip_port =(IP_PORT*)sflist_first(&ipsp->ip_list, &cursor);
- ip_port;
- ip_port =(IP_PORT*)sflist_next(&cursor) )
- {
- ipset_add(newset, &ip_port->ip, &ip_port->portset, ip_port->notflag);
- }
- return newset;
-}
-
void ipset_free(IPSET* ipc)
{
if (ipc)
return 0;
}
-int ipset_print(IPSET* ipc)
-{
- if ( !ipc )
- return 0;
-
- {
- IP_PORT* p;
- printf("IPSET\n");
- SF_LNODE* cur_ip;
-
- for ( p =(IP_PORT*)sflist_first(&ipc->ip_list, &cur_ip);
- p!=nullptr;
- p =(IP_PORT*)sflist_next(&cur_ip) )
- {
- SfIpString ip_str;
- printf("CIDR BLOCK: %c%s", p->notflag ? '!' : ' ', p->ip.get_addr()->ntop(ip_str));
- SF_LNODE* cur_port;
-
- for ( PORTRANGE* pr=(PORTRANGE*)sflist_first(&p->portset.port_list, &cur_port);
- pr != nullptr;
- pr=(PORTRANGE*)sflist_next(&cur_port) )
- {
- printf(" %u", pr->port_lo);
- if ( pr->port_hi != pr->port_lo )
- printf("-%u", pr->port_hi);
- }
- printf("\n");
- }
- }
- return 0;
-}
-
static void portset_init(PORTSET* portset)
{
sflist_init(&portset->port_list);
IPSET* ipset_new();
int ipset_add(IPSET* ipset, snort::SfCidr* ip, void* port, int notflag);
int ipset_contains(IPSET* ipset, const snort::SfIp* ip, void* port);
-IPSET* ipset_copy(IPSET* ipset);
void ipset_free(IPSET* ipset);
-int ipset_print(IPSET* ipset);
// helper functions -- all the sets work in host order
int ipset_parse(IPSET* ipset, const char* ipstr);
if ( !files.empty() )
return files.top().path.c_str();
- static char dir[PATH_MAX];
-
- if ( !getcwd(dir, sizeof(dir)) )
- return "";
-
- return dir;
+ return get_snort_conf();
}
void get_parse_location(const char*& file, unsigned& line)
return valid_file(file, path);
}
-static bool relative_to_working_dir(const char* file, std::string& path)
+static bool relative_to_include_dir(const char* file, std::string& path)
{
- char dir[PATH_MAX];
- if ( !getcwd(dir, sizeof(dir)) )
+ path = SnortConfig::get_conf()->include_path;
+ if ( !path.length() )
return false;
- path = dir;
return valid_file(file, path);
}
}
std::string hint = file;
- if ( SnortConfig::allow_overrides() and relative_to_working_dir(arg, file) )
- return "W";
+ if ( relative_to_include_dir(arg, file) )
+ return "I";
file = hint;
return ordered_list;
}
-static bool parse_file(SnortConfig* sc, Shell* sh, bool is_fatal)
+static bool parse_file(SnortConfig* sc, Shell* sh, bool is_fatal, bool is_root)
{
const char* fname = sh->get_file();
if ( !fname || !*fname )
return false;
- bool success = sh->configure(sc, is_fatal);
+ bool success = sh->configure(sc, is_fatal, is_root);
return success;
}
set_policies(sc, sh);
- if (!parse_file(sc, sh, is_fatal))
+ if (!parse_file(sc, sh, is_fatal, (i == 0)))
return sc;
}
pop_parse_location();
}
- if ( !idx )
- p->rules += s_aux_rules;
-
if ( !p->rules.empty() )
{
- push_parse_location("C", file.c_str(), "rules");
+ push_parse_location("C", file.c_str(), "ips.rules");
ParseConfigString(sc, p->rules.c_str());
pop_parse_location();
}
- if ( !idx && sc->stdin_rules )
+
+ if ( !idx and !s_aux_rules.empty() )
+ {
+ push_parse_location("W", "./", "rule args");
+ ParseConfigString(sc, s_aux_rules.c_str());
+ pop_parse_location();
+ }
+
+ if ( !idx and sc->stdin_rules )
{
LogMessage("Reading rules until EOF or a line starting with END\n");
- push_parse_location("C", get_snort_conf_dir(), "stdin");
+ push_parse_location("W", "./", "stdin");
parse_stream(std::cin, sc);
pop_parse_location();
}
return 0;
}
-#ifdef ALLOW_NFA_FULL
-
-/*
-* Full Matrix Format Search
-*/
-static inline unsigned _bnfa_search_full_nfa(
- bnfa_struct_t* bnfa, uint8_t* Tx, int n, MpseMatch match,
- void* context, bnfa_state_t state, int* current_state)
-{
- bnfa_state_t** NextState= bnfa->bnfaNextState;
- bnfa_state_t* FailState= bnfa->bnfaFailState;
- bnfa_match_node_t** MatchList= bnfa->bnfaMatchList;
-
- unsigned nfound = 0;
- unsigned last_match=LAST_STATE_INIT;
- unsigned last_match_saved=LAST_STATE_INIT;
-
- uint8_t* T = Tx;
- uint8_t* Tend = T + n;
-
- for (; T < Tend; T++ )
- {
- uint8_t Tchar = xlatcase[ *T ];
-
- for (;; )
- {
- bnfa_state_t* pcs = NextState[state];
-
- if ( pcs[Tchar] == 0 && state > 0 )
- {
- state = FailState[state];
- }
- else
- {
- state = pcs[Tchar];
- break;
- }
- }
-
- if ( state )
- {
- if ( state == last_match )
- continue;
-
- last_match_saved=last_match;
- last_match = state;
-
- {
- bnfa_match_node_t* mlist = MatchList[state];
-
- if (!mlist)
- continue;
-
- bnfa_pattern_t* patrn = (bnfa_pattern_t*)mlist->data;
- unsigned index = T - Tx + 1;
- nfound++;
- /* Don't do anything specific for case sensitive patterns and not,
- * since that will be covered by the rule tree itself. Each tree
- * might have both case sensitive & case insensitive patterns.
- */
- int res = match(patrn->userdata, mlist->rule_option_tree, index, context,
- mlist->neg_list);
- if ( res > 0 )
- {
- *current_state = state;
- return nfound;
- }
- else if ( res < 0 )
- {
- last_match = last_match_saved;
- }
- }
- }
- }
- *current_state = state;
- return nfound;
-}
-
-/*
-* Full Matrix Format Search - Exact matching patterns only
-*/
-static inline unsigned _bnfa_search_full_nfa_case(
- bnfa_struct_t* bnfa, uint8_t* Tx, int n, MpseMatch match,
- void* context, bnfa_state_t state, int* current_state)
-{
- bnfa_state_t** NextState= bnfa->bnfaNextState;
- bnfa_state_t* FailState= bnfa->bnfaFailState;
- bnfa_match_node_t** MatchList= bnfa->bnfaMatchList;
-
- unsigned nfound = 0;
- unsigned last_match=LAST_STATE_INIT;
- unsigned last_match_saved=LAST_STATE_INIT;
-
- uint8_t* T = Tx;
- uint8_t* Tend = T + n;
-
- for (; T < Tend; T++ )
- {
- uint8_t Tchar = *T;
-
- for (;; )
- {
- bnfa_state_t* pcs = NextState[state];
- if ( pcs[Tchar] == 0 && state > 0 )
- {
- state = FailState[state];
- }
- else
- {
- state = pcs[Tchar];
- break;
- }
- }
-
- if ( state )
- {
- if ( state == last_match )
- continue;
-
- last_match_saved=last_match;
- last_match = state;
-
- {
- bnfa_match_node_t* mlist = MatchList[state];
-
- if (!mlist)
- continue;
-
- bnfa_pattern_t* patrn = (bnfa_pattern_t*)mlist->data;
- unsigned index = T - Tx + 1;
- nfound++;
- /* Don't do anything specific for case (in)sensitive patterns
- * since that will be covered by the rule tree itself. Each
- * tree might have both case sensitive & case insensitive patterns.
- */
- int res = match(patrn->userdata, mlist->rule_option_tree, index, context,
- mlist->neg_list);
- if ( res > 0 )
- {
- *current_state = state;
- return nfound;
- }
- else if ( res < 0 )
- {
- last_match = last_match_saved;
- }
- }
- }
- }
- *current_state = state;
- return nfound;
-}
-
-/*
-* Full Matrix Format Search - no case
-*/
-static inline unsigned _bnfa_search_full_nfa_nocase(
- bnfa_struct_t* bnfa, uint8_t* Tx, int n, MpseMatch match,
- void* context, bnfa_state_t state, int* current_state)
-{
- bnfa_state_t** NextState = bnfa->bnfaNextState;
- bnfa_state_t* FailState = bnfa->bnfaFailState;
- bnfa_match_node_t** MatchList = bnfa->bnfaMatchList;
-
- unsigned nfound = 0;
- unsigned last_match=LAST_STATE_INIT;
- unsigned last_match_saved=LAST_STATE_INIT;
-
- uint8_t* T = Tx;
- uint8_t* Tend = T + n;
-
- for (; T < Tend; T++ )
- {
- uint8_t Tchar = xlatcase[ *T ];
-
- for (;; )
- {
- bnfa_state_t* pcs = NextState[state];
-
- if ( pcs[Tchar] == 0 && state > 0 )
- {
- state = FailState[state];
- }
- else
- {
- state = pcs[Tchar];
- break;
- }
- }
-
- if ( state )
- {
- if ( state == last_match )
- continue;
-
- last_match_saved=last_match;
- last_match = state;
-
- {
- bnfa_match_node_t* mlist = MatchList[state];
-
- if (!mlist)
- continue;
-
- bnfa_pattern_t* patrn = (bnfa_pattern_t*)mlist->data;
- unsigned index = T - Tx + 1;
-
- /* Don't do anything specific for case sensitive patterns and not,
- * since that will be covered by the rule tree itself. Each tree
- * might have both case sensitive & case insensitive patterns.
- */
- int res = match(patrn->userdata, mlist->rule_option_tree, index, context,
- mlist->neg_list);
- if ( res > 0 )
- {
- *current_state = state;
- return nfound;
- }
- else if ( res < 0 )
- {
- last_match = last_match_saved;
- }
- }
- }
- }
- *current_state = state;
- return nfound;
-}
-
-#endif
-
/*
binary array search on sparse transition array
}
}
-/*
- * Per Pattern case search, case is on per pattern basis standard snort
- * search note: index is not used by snort, so it's commented
- */
-
/*
* Per Pattern case search, case is on per pattern basis
* standard snort search
return nfound;
}
-#ifdef BNFA_MAIN
-/*
- * Case specific search, global to all patterns
- *
- * note: index is not used by snort, so it's commented
- */
-static inline unsigned _bnfa_search_csparse_nfa_case(
- bnfa_struct_t* bnfa, uint8_t* Tx, int n, MpseMatch match,
- void* context, unsigned sindex, int* current_state)
-{
- bnfa_match_node_t* mlist;
- uint8_t* Tend;
- uint8_t* T;
- unsigned index;
- bnfa_match_node_t** MatchList = bnfa->bnfaMatchList;
- bnfa_pattern_t* patrn;
- bnfa_state_t* transList = bnfa->bnfaTransList;
- unsigned nfound = 0;
- unsigned last_match=LAST_STATE_INIT;
- unsigned last_match_saved=LAST_STATE_INIT;
- int res;
-
- T = Tx;
- Tend = T + n;
-
- for (; T<Tend; T++)
- {
- /* Transition to next state index */
- sindex = _bnfa_get_next_state_csparse_nfa(transList,sindex,*T);
-
- /* Log matches in this state - if any */
- if ( sindex && (transList[sindex+1] & BNFA_SPARSE_MATCH_BIT) )
- {
- if ( sindex == last_match )
- continue;
-
- last_match_saved = last_match;
- last_match = sindex;
-
- {
- mlist = MatchList[ transList[sindex] ];
- patrn = (bnfa_pattern_t*)mlist->data;
- index = T - Tx + 1;
- nfound++;
- /* Don't do anything specific for case sensitive patterns and not,
- * since that will be covered by the rule tree itself. Each tree
- * might have both case sensitive & case insensitive patterns.
- */
- res = match(patrn->userdata, mlist->rule_option_tree, index,
- context, mlist->neg_list);
- if ( res > 0 )
- {
- *current_state = sindex;
- return nfound;
- }
- else if ( res < 0 )
- {
- last_match = last_match_saved;
- }
- }
- }
- }
- *current_state = sindex;
- return nfound;
-}
-
-/*
- * NoCase search - global to all patterns
- *
- * note: index is not used by snort, so it's commented
- */
-static inline unsigned _bnfa_search_csparse_nfa_nocase(
- bnfa_struct_t* bnfa, uint8_t* Tx, int n, MpseMatch match,
- void* context, unsigned sindex, int* current_state)
-{
- bnfa_match_node_t** MatchList = bnfa->bnfaMatchList;
- bnfa_state_t* transList = bnfa->bnfaTransList;
-
- unsigned nfound = 0;
- unsigned last_match=LAST_STATE_INIT;
- unsigned last_match_saved=LAST_STATE_INIT;
-
- uint8_t* T = Tx;
- uint8_t* Tend = T + n;
-
- for (; T<Tend; T++)
- {
- uint8_t Tchar = xlatcase[ *T ];
-
- /* Transition to next state index */
- sindex = _bnfa_get_next_state_csparse_nfa(transList,sindex,Tchar);
-
- /* Log matches in this state - if any */
- if ( sindex && (transList[sindex+1] & BNFA_SPARSE_MATCH_BIT) )
- {
- if ( sindex == last_match )
- continue;
-
- last_match_saved = last_match;
- last_match = sindex;
-
- {
- bnfa_match_node_t* mlist = MatchList[ transList[sindex] ];
- bnfa_pattern_t* patrn = (bnfa_pattern_t*)mlist->data;
- unsigned index = T - Tx + 1;
- nfound++;
- /* Don't do anything specific for case sensitive patterns and not,
- * since that will be covered by the rule tree itself. Each tree
- * might have both case sensitive & case insensitive patterns.
- */
- int res = match(patrn->userdata, mlist->rule_option_tree, index,
- context, mlist->neg_list);
- if ( res > 0 )
- {
- *current_state = sindex;
- return nfound;
- }
- else if ( res < 0 )
- {
- last_match = last_match_saved;
- }
- }
- }
- }
- *current_state = sindex;
- return nfound;
-}
-#endif
-
int bnfaPatternCount(bnfa_struct_t* p)
{
return p->bnfaPatternCnt;
}
-/*
- * Summary Info Data
- */
static bnfa_struct_t summary;
static int summary_cnt = 0;
#include "ftp_bounce_lookup.h"
+#include <cassert>
+
#include "ft_main.h"
#include "ftpp_return_codes.h"
using namespace snort;
-/*
- * Function: ftp_bounce_lookup_init(BOUNCE_LOOKUP **BounceLookup)
- *
- * Purpose: Initialize the bounce_lookup structure.
- *
- * We need to initialize the bounce_lookup structure for
- * the FTP bounce configuration. Don't want a NULL pointer
- * flying around, when we have to look for allowable bounces.
- *
- * Arguments: BounceLookup => pointer to the pointer of the bounce
- * lookup structure.
- *
- * Returns: int => return code indicating error or success
- *
- */
int ftp_bounce_lookup_init(BOUNCE_LOOKUP** BounceLookup)
{
- KMAP* km = KMapNew((KMapUserFreeFunc)CleanupFTPBounceTo);
- *BounceLookup = km;
- if (*BounceLookup == nullptr)
- {
- return FTPP_MEM_ALLOC_FAIL;
- }
-
- km->nocase = 1;
-
+ *BounceLookup = KMapNew((KMapUserFreeFunc)CleanupFTPBounceTo, true);
return FTPP_SUCCESS;
}
-/*
- * Function: ftp_bounce_lookup_cleanup(BOUNCE_LOOKUP **BounceLookup)
- *
- * Purpose: Free the bounce_lookup structure.
- * We need to free the bounce_lookup structure.
- *
- * Arguments: BounceLookup => pointer to the pointer of the bounce
- * lookup structure.
- *
- * Returns: int => return code indicating error or success
- *
- */
int ftp_bounce_lookup_cleanup(BOUNCE_LOOKUP** BounceLookup)
{
- KMAP* km;
-
- if (BounceLookup == nullptr)
- return FTPP_INVALID_ARG;
-
- km = *BounceLookup;
+ assert(BounceLookup);
- if (km)
+ if ( *BounceLookup )
{
- KMapDelete(km);
+ KMapDelete(*BounceLookup);
*BounceLookup = nullptr;
}
-
return FTPP_SUCCESS;
}
#include "ftp_cmd_lookup.h"
+#include <cassert>
+
#include "ft_main.h"
#include "ftpp_return_codes.h"
using namespace snort;
-/*
- * Function: ftp_cmd_lookup_init(CMD_LOOKUP **CmdLookup)
- *
- * Purpose: Initialize the cmd_lookup structure.
- *
- * We need to initialize the cmd_lookup structure for
- * the FTP command configuration. Don't want a NULL pointer
- * flying around, when we have to look for FTP commands.
- *
- * Arguments: CmdLookup => pointer to the pointer of the cmd
- * lookup structure.
- *
- * Returns: int => return code indicating error or success
- *
- */
int ftp_cmd_lookup_init(CMD_LOOKUP** CmdLookup)
{
- KMAP* km = KMapNew((KMapUserFreeFunc)CleanupFTPCMDConf);
- *CmdLookup = km;
- if (*CmdLookup == nullptr)
- {
- return FTPP_MEM_ALLOC_FAIL;
- }
-
- km->nocase = 1;
-
+ *CmdLookup = KMapNew((KMapUserFreeFunc)CleanupFTPCMDConf, true);
return FTPP_SUCCESS;
}
-/*
- * Function: ftp_cmd_lookup_cleanup(CMD_LOOKUP **CmdLookup)
- *
- * Purpose: Free the cmd_lookup structure.
- * We need to free the cmd_lookup structure.
- *
- * Arguments: CmdLookup => pointer to the pointer of the cmd
- * lookup structure.
- *
- * Returns: int => return code indicating error or success
- *
- */
int ftp_cmd_lookup_cleanup(CMD_LOOKUP** CmdLookup)
{
- KMAP* km;
-
- if (CmdLookup == nullptr)
- return FTPP_INVALID_ARG;
-
- km = *CmdLookup;
+ assert(CmdLookup);
- if (km)
+ if ( *CmdLookup )
{
- KMapDelete(km);
+ KMapDelete(*CmdLookup);
*CmdLookup = nullptr;
}
-
return FTPP_SUCCESS;
}
#include "kmap.h"
-#include <limits>
+#include <cassert>
#include <string>
#include "util.h"
namespace snort
{
-KMAP* KMapNew(KMapUserFreeFunc userfree)
+KMAP* KMapNew(KMapUserFreeFunc userfree, bool nc)
{
KMAP* km = (KMAP*)snort_calloc(sizeof(KMAP));
km->userfree = userfree;
+ km->nocase = nc;
return km;
}
-/*
-*
-*/
-void KMapSetNoCase(KMAP* km, int flag)
-{
- km->nocase = flag;
-}
-
-/*
-* Free the list of key+data pair nodes - used by findfirst/next
-*/
static int KMapFreeNodeList(KMAP* km)
{
for ( KEYNODE* k=km->keylist; k; )
{
if ( k->key )
- {
snort_free(k->key);
- }
+
if ( km->userfree && k->userdata )
- {
km->userfree(k->userdata);
- }
+
KEYNODE* kold = k;
k = k->next;
snort_free(kold);
return 0;
}
-/*
-* Recursively walk and free nodes
-*/
static void KMapFreeNode(KMAP* km, KMAPNODE* r)
{
if ( r->sibling )
- {
KMapFreeNode(km, r->sibling);
- }
if ( r->child )
- {
KMapFreeNode(km, r->child);
- }
snort_free(r);
}
-/*
-* Free the KMAP and all of it's memory and nodes
-*/
void KMapDelete(KMAP* km)
{
- /* Free the tree - one root node at a time */
for (int i=0; i<256; i++)
{
KMAPNODE* r = km->root[i];
snort_free(km);
}
-/*
-* Add key + data pair to the linked list of nodes
-*/
static KEYNODE* KMapAddKeyNode(KMAP* km,void* key, int n, void* userdata)
{
KEYNODE* knode;
return nullptr;
knode = (KEYNODE*)snort_calloc(sizeof(KEYNODE));
- knode->key = (unsigned char*)snort_calloc(n); // Alloc the key space
+ knode->key = (unsigned char*)snort_calloc(n);
- memcpy(knode->key,key,n); // Copy the key
- knode->nkey = n;
+ memcpy(knode->key, key, n);
+ knode->nkey = n;
knode->userdata = userdata;
- if ( km->keylist ) // Insert at front of list
+ if ( km->keylist )
{
knode->next = km->keylist;
km->keylist = knode;
return knode;
}
-/*
-* Create a character node
-*/
static KMAPNODE* KMapCreateNode(KMAP* km)
{
KMAPNODE* mn=(KMAPNODE*)snort_calloc(sizeof(KMAPNODE));
* key : ptr to bytes of data used to identify this item
* may be text string, or binary character sequence.
* n : > 0 number of bytes in the key
-* <=0 key is a null terminated ascii string
* userdata - ptr to data to associate with this key
*
* returns:
*/
int KMapAdd(KMAP* km, void* key, int n, void* userdata)
{
+ assert(n > 0);
+
int type = 0;
const unsigned char* P = (unsigned char*)key;
std::string xkey;
- if ( n <= 0 )
- {
- const std::size_t tmp_len = strlen( (char*)key);
- if (tmp_len > std::numeric_limits<int>::max())
- return -99;
-
- n = (int)tmp_len;
- }
-
if ( km->nocase )
{
xkey.resize(n);
P = (const unsigned char*)xkey.c_str();
}
- /* Save key size */
int ksize = n;
KMAPNODE* root;
if ( !km->root[ *P ] )
{
root = KMapCreateNode(km);
- if ( !root )
- return -1;
km->root[ *P ] = root;
root->nodechar = *P;
}
*/
//printf("added child branch nodechar = %c \n",*P);
root->child= KMapCreateNode(km);
- if ( !root->child )
- return -1;
root=root->child;
root->nodechar = *P;
P++;
*/
//printf("added sibling branch nodechar = %c \n",*P);
root->sibling= KMapCreateNode(km);
- if ( !root->sibling )
- return -1;
root=root->sibling;
root->nodechar = *P;
P++;
{
//printf("added child nodechar = %c \n",*P);
root->child = KMapCreateNode(km);
- if ( !root->child )
- return -1;
root=root->child;
root->nodechar = *P;
P++;
return 1;
root->knode = KMapAddKeyNode(km, key, ksize, userdata);
- if ( !root->knode )
- return -1;
return 0;
}
*/
void* KMapFind(KMAP* ks, void* key, int n)
{
+ assert(n > 0);
+
std::string xkey;
const unsigned char* T = (unsigned char*)key;
- if ( n <= 0 )
- {
- const std::size_t tmp_len = strlen( (char*)key);
- if (tmp_len > std::numeric_limits<int>::max())
- return nullptr;
-
- n = (int)tmp_len;
- }
-
if ( ks->nocase )
{
xkey.resize(n);
return nullptr;
}
-/*
-*
-*/
void* KMapFindFirst(KMAP* km)
{
km->keynext = km->keylist;
if (!km->keynext)
- {
return nullptr;
- }
return km->keynext->userdata;
}
-/*
-*
-*/
void* KMapFindNext(KMAP* km)
{
if ( !km->keynext )
KMapUserFreeFunc userfree;
int nchars; // # character nodes
+ bool nocase;
- int nocase;
} KMAP;
namespace snort
{
-SO_PUBLIC KMAP* KMapNew(KMapUserFreeFunc userfree);
-SO_PUBLIC void KMapDelete(KMAP* km);
+SO_PUBLIC KMAP* KMapNew(KMapUserFreeFunc, bool nocase);
+SO_PUBLIC void KMapDelete(KMAP*);
-SO_PUBLIC void KMapSetNoCase(KMAP* km, int flag);
-SO_PUBLIC int KMapAdd(KMAP* km, void* key, int ksize, void* userdata);
+SO_PUBLIC int KMapAdd(KMAP*, void* key, int ksize, void* userdata);
-SO_PUBLIC void* KMapFind(KMAP* km, void* key, int ksize);
-SO_PUBLIC void* KMapFindFirst(KMAP* km);
-SO_PUBLIC void* KMapFindNext(KMAP* km);
+SO_PUBLIC void* KMapFind(KMAP*, void* key, int ksize);
+SO_PUBLIC void* KMapFindFirst(KMAP*);
+SO_PUBLIC void* KMapFindNext(KMAP*);
}
#endif
projects / thirdparty / snort3.git / commitdiff
