From: Sumit Kumar (sumikum7) Date: Wed, 17 Apr 2024 07:15:53 +0000 (+0000) Subject: Pull request #4274: Porting into 7.7(master) release for CSCwh30257(snort3) X-Git-Tag: 3.2.1.0~22 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=186ce10b5c1e3a359be607c7d5eb664a74f5291f;p=thirdparty%2Fsnort3.git Pull request #4274: Porting into 7.7(master) release for CSCwh30257(snort3) Merge in SNORT/snort3 from ~SUMIKUM7/snort3:77_release to master Squashed commit of the following: commit 264970ec565d5ab79d186865b11f59faaed5653c Author: Sumit Kumar Date: Wed Apr 10 12:38:00 2024 +0530 file_api: porting fixes of two crashes in file inspector in master(77 release) --- diff --git a/src/file_api/file_flows.cc b/src/file_api/file_flows.cc index 04ee6a65e..c37e0e08f 100644 --- a/src/file_api/file_flows.cc +++ b/src/file_api/file_flows.cc @@ -333,23 +333,6 @@ void FileFlows::remove_processed_file_context(uint64_t file_id) current_context_delete_pending = true; } -// Remove file context explicitly -void FileFlows::remove_processed_file_context(uint64_t file_id, uint64_t multi_file_processing_id) -{ - bool is_new_context = false; - - if (!multi_file_processing_id) - multi_file_processing_id = file_id; - - FileContext* context = get_file_context(file_id, false, is_new_context, multi_file_processing_id); - if (context) - { - set_current_file_context(context); - context->processing_complete = true; - remove_processed_file_context(multi_file_processing_id); - } -} - /* This function is used to process file that is sent in pieces * * Return: @@ -390,7 +373,10 @@ bool FileFlows::file_process(Packet* p, uint64_t file_id, const uint8_t* file_da if (!cacheable) context->set_not_cacheable(); - set_current_file_context(context); + if(!context->processing_complete) + set_current_file_context(context); + else + current_file_id = file_id; // Only increase file count when there are no queued segments // This will ensure we only count a file once in case it has diff --git a/src/file_api/file_flows.h b/src/file_api/file_flows.h index 21446a45d..abd6ad13a 100644 --- a/src/file_api/file_flows.h +++ b/src/file_api/file_flows.h @@ -78,8 +78,6 @@ public: // Remove a file from the flow object when processing is complete void remove_processed_file_context(uint64_t file_id); - void remove_processed_file_context(uint64_t file_id, uint64_t multi_file_processing_id); - uint64_t get_new_file_instance(); bool set_file_name(const uint8_t* fname, uint32_t name_size, uint64_t file_id=0, diff --git a/src/file_api/file_lib.cc b/src/file_api/file_lib.cc index 2c2f402ce..aca3b17c7 100644 --- a/src/file_api/file_lib.cc +++ b/src/file_api/file_lib.cc @@ -641,7 +641,8 @@ void FileContext::find_file_type_from_ips(Packet* pkt, const uint8_t* file_data, if ((int64_t)processed_bytes + data_size >= config->file_type_depth) { data_size = config->file_type_depth - processed_bytes; - assert(data_size > 0); + if (data_size < 0) + return; depth_exhausted = true; } const FileConfig* const conf = get_file_config(); @@ -679,7 +680,8 @@ void FileContext::process_file_type(Packet* pkt,const uint8_t* file_data, int da FilePosition position) { /* file type already found and no magics to continue */ - find_file_type_from_ips(pkt, file_data, data_size, position); + if (SNORT_FILE_TYPE_CONTINUE == file_type_id) + find_file_type_from_ips(pkt, file_data, data_size, position); } void FileContext::process_file_signature_sha256(const uint8_t* file_data, int data_size,