Pull request #3454: modules: resolve int type mismatch in config options

Merge in SNORT/snort3 from ~VHORBATO/snort3:opt_ranges to master

Squashed commit of the following:

commit 5e068e9c20ff3c5871aa423a54d3677a9ac1f058
Author: Vitalii <vhorbato@cisco.com>
Date:   Thu Jun 2 16:40:07 2022 +0300

    modules: resolve int type mismatch in config options

    - dce_smb: reduce smb_max_credit range to avoid uint16_t overflow
    - profiler: fix issue with negative number cast to unsigned for max_depth
    - rna: reduce range for ttl, fix cast for df, minor and major options

    Thanks to liangxwa01 for pointing this out!

diff --git a/src/main/modules.cc b/src/main/modules.cc
index 552656dd1336f944a8cf506121d923b0c6a1e1fe..91d86f838721af15ef1e41f6c4c328c9fdbc13e6 100644 (file)
--- a/src/main/modules.cc
+++ b/src/main/modules.cc
@@ -393,7 +393,7 @@ static const Parameter profiler_params[] =
 
 template<typename T>
 static bool s_profiler_module_set_max_depth(T& config, Value& v)
-{ config.max_depth = v.get_uint8(); return true; }
+{ config.max_depth = v.get_int16(); return true; }
 
 static bool s_profiler_module_set_max_depth(RuleProfilerConfig&, Value&)
 { return false; }

diff --git a/src/network_inspectors/rna/rna_module.cc b/src/network_inspectors/rna/rna_module.cc
index 78e863df5bc3e67e9fd465030b57567285b7eefc..07edde80f679fc216d85c9943e54d7a462aa5611 100644 (file)
--- a/src/network_inspectors/rna/rna_module.cc
+++ b/src/network_inspectors/rna/rna_module.cc
@@ -289,7 +289,7 @@ static const Parameter rna_fp_params[] =
     { "uuid", Parameter::PT_STRING, nullptr, nullptr,
       "fingerprint uuid" },
 
-    { "ttl", Parameter::PT_INT, "0:256", "0",
+    { "ttl", Parameter::PT_INT, "0:255", "0",
       "fingerprint ttl" },
 
     { "tcp_window", Parameter::PT_STRING, nullptr, nullptr,
@@ -482,7 +482,7 @@ bool RnaModule::set(const char* fqn, Value& v, SnortConfig*)
         else if (v.is("ws"))
             fingerprint.ws = v.get_string();
         else if (v.is("df"))
-            fingerprint.df = v.get_uint8();
+            fingerprint.df = v.get_bool();
         else if (v.is("ua_type"))
             fingerprint.ua_type = (UserAgentInfoType)v.get_uint8();
         else if (v.is("host_name"))
@@ -503,9 +503,9 @@ bool RnaModule::set(const char* fqn, Value& v, SnortConfig*)
         else if (v.is("dhcp60"))
             fingerprint.dhcp60 = v.get_string();
         else if (v.is("major"))
-            fingerprint.smb_major = v.get_uint16();
+            fingerprint.smb_major = v.get_uint32();
         else if (v.is("minor"))
-            fingerprint.smb_minor = v.get_uint16();
+            fingerprint.smb_minor = v.get_uint32();
         else if (v.is("flags"))
             fingerprint.smb_flags = v.get_uint32();
         else

diff --git a/src/service_inspectors/dce_rpc/dce_smb_module.cc b/src/service_inspectors/dce_rpc/dce_smb_module.cc
index dac4ce0b3e8482a864317084d68162a36a089155..703390154f2991e2c86b905294938b33b8e5f340 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb_module.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb_module.cc
@@ -243,7 +243,7 @@ static const Parameter s_params[] =
     { "smb_legacy_mode", Parameter::PT_BOOL, nullptr, "false",
       "inspect only SMBv1" },
 
-    { "smb_max_credit", Parameter::PT_INT, "1:65536", "8192",
+    { "smb_max_credit", Parameter::PT_INT, "1:65535", "8192",
       "Maximum number of outstanding request" },
 
     { "memcap", Parameter::PT_INT, "512:maxSZ", "8388608",