Pull request #4116: appid: coverity issues

Merge in SNORT/snort3 from ~UMASHARM/snort3:coverity_fixes to master

Squashed commit of the following:

commit 5f57ab950b53a47217d9a1155e4988f31bd288a5
Author: Umang Sharma <umasharm@cisco.com>
Date:   Wed Nov 22 02:25:17 2023 -0500

    appid: fixing coverity issues

diff --git a/src/network_inspectors/appid/appid_discovery.cc b/src/network_inspectors/appid/appid_discovery.cc
index d985009a2fae887fd31b622d129f2aba77d54eaf..17636740d8cda695a8f582c8008503fa709432bb 100644 (file)
--- a/src/network_inspectors/appid/appid_discovery.cc
+++ b/src/network_inspectors/appid/appid_discovery.cc
@@ -80,10 +80,10 @@ AppIdDiscovery::~AppIdDiscovery()
 
     pattern_data.clear();
 
-    for (auto kv : tcp_detectors)
+    for (const auto& kv : tcp_detectors)
         delete kv.second;
 
-    for (auto kv : udp_detectors)
+    for (const auto& kv : udp_detectors)
         delete kv.second;
 }
 

diff --git a/src/network_inspectors/appid/appid_http_session.h b/src/network_inspectors/appid/appid_http_session.h
index c8bf149a9514c4fb49c1e4e8eda514304367c3a8..0f9b33c36c7d6d5e9a6575d7ffc2f227c636168c 100644 (file)
--- a/src/network_inspectors/appid/appid_http_session.h
+++ b/src/network_inspectors/appid/appid_http_session.h
@@ -50,6 +50,7 @@ struct TunnelDest
     uint16_t port = 0;
     TunnelDest(const char* string_srcip, uint16_t tun_port)
     {
+        ip.clear();
         if ( ip.set(string_srcip) == SFIP_SUCCESS )
             port = tun_port;
     }
@@ -200,4 +201,3 @@ protected:
 };
 
 #endif
-

diff --git a/src/network_inspectors/appid/appid_stats.cc b/src/network_inspectors/appid/appid_stats.cc
index 10ba315a723363184c034f3248347b984d38101e..02986750bddbfe92443ecdf781065dfdbe9bc577 100644 (file)
--- a/src/network_inspectors/appid/appid_stats.cc
+++ b/src/network_inspectors/appid/appid_stats.cc
@@ -106,7 +106,7 @@ void AppIdStatistics::dump_statistics()
     {
         if ( bucket->app_record_cnt )
         {
-            for (auto it : bucket->apps_tree)
+            for (auto& it : bucket->apps_tree)
             {
                 struct AppIdStatRecord& record = it.second;
 
@@ -266,4 +266,3 @@ void AppIdStatistics::flush()
         start_stats_period(now);
     }
 }
-

diff --git a/src/network_inspectors/appid/appid_stats.h b/src/network_inspectors/appid/appid_stats.h
index 9e3d171b3a06146076d2fa2969cf9e7f7bf4a000..81b096e876d4c27d31cfac17235145cc24ea75ba 100644 (file)
--- a/src/network_inspectors/appid/appid_stats.h
+++ b/src/network_inspectors/appid/appid_stats.h
@@ -47,7 +47,7 @@ struct AppIdStatRecord
 
 struct StatsBucket
 {
-    uint32_t start_time = 0;
+    time_t start_time = 0;
     std::map<AppId, AppIdStatRecord> apps_tree;
     struct
     {

diff --git a/src/network_inspectors/appid/client_plugins/client_app_bit.cc b/src/network_inspectors/appid/client_plugins/client_app_bit.cc
index 5a84bbb926149bb99b790a0ee1401b1c4d2b5922..f1007286034751649e2b417f05a081f0a8277176 100644 (file)
--- a/src/network_inspectors/appid/client_plugins/client_app_bit.cc
+++ b/src/network_inspectors/appid/client_plugins/client_app_bit.cc
@@ -124,9 +124,12 @@ int BitClientDetector::validate(AppIdDiscoveryArgs& args)
             fd->pos++;
             break;
         case BIT_STATE_MESSAGE_LEN:
+            if (fd->pos >= offsetof(ClientBITMsg, code))
+                break;
+
             fd->l.raw_len[fd->pos] = args.data[offset];
             fd->pos++;
-            if (fd->pos >= offsetof(ClientBITMsg, code))
+            if (fd->pos == offsetof(ClientBITMsg, code))
             {
                 fd->stringlen = ntohl(fd->l.len);
                 fd->state = BIT_STATE_MESSAGE_DATA;
@@ -157,4 +160,3 @@ done:
     add_app(args.asd, APP_ID_BITTORRENT, APP_ID_BITTORRENT, nullptr, args.change_bits);
     return APPID_SUCCESS;
 }
-

diff --git a/src/network_inspectors/appid/client_plugins/client_app_tns.cc b/src/network_inspectors/appid/client_plugins/client_app_tns.cc
index adedfc5434491be452f9e90ca505d95087c3ae72..8ee79c11c4399155527d69ae21e62473b363711c 100644 (file)
--- a/src/network_inspectors/appid/client_plugins/client_app_tns.cc
+++ b/src/network_inspectors/appid/client_plugins/client_app_tns.cc
@@ -224,9 +224,11 @@ int TnsClientDetector::validate(AppIdDiscoveryArgs& args)
             }
             break;
         case TNS_STATE_MESSAGE_CONNECT:
+            if (fd->pos >= (CONNECT_VERSION_OFFSET + 2))
+                break;
             fd->l.raw_len[fd->pos - CONNECT_VERSION_OFFSET] = args.data[offset];
             fd->pos++;
-            if (fd->pos >= (CONNECT_VERSION_OFFSET + 2))
+            if (fd->pos == (CONNECT_VERSION_OFFSET + 2))
             {
                 {
                     switch (ntohs(fd->l.len))
@@ -344,4 +346,3 @@ done:
     }
     return APPID_SUCCESS;
 }
-

diff --git a/src/network_inspectors/appid/client_plugins/client_discovery.cc b/src/network_inspectors/appid/client_plugins/client_discovery.cc
index da661210d97009f01fbaa7c50897d3bb8a12e4ba..a62d3e41fc6bccaa441ce7695b61d31b0e588253 100644 (file)
--- a/src/network_inspectors/appid/client_plugins/client_discovery.cc
+++ b/src/network_inspectors/appid/client_plugins/client_discovery.cc
@@ -65,18 +65,18 @@ void ClientDiscovery::initialize(AppIdInspector& inspector)
     new TnsClientDetector(this);
     new VncClientDetector(this);
 
-    for ( auto kv : tcp_detectors )
+    for ( auto& kv : tcp_detectors )
         kv.second->initialize(inspector);
 
-    for ( auto kv : udp_detectors )
+    for ( auto& kv : udp_detectors )
         kv.second->initialize(inspector);
 }
 
 void ClientDiscovery::reload()
 {
-    for ( auto kv : tcp_detectors )
+    for ( auto& kv : tcp_detectors )
         kv.second->reload();
-    for ( auto kv : udp_detectors )
+    for ( auto& kv : udp_detectors )
         kv.second->reload();
 }