From: Victor Julien Date: Thu, 28 Mar 2024 08:41:06 +0000 (+0100) Subject: decode: use macro's instead of direct ptr checks X-Git-Tag: suricata-8.0.0-beta1~1387 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2001ddc58301362485e415bab8c1fb7bc0311e88;p=thirdparty%2Fsuricata.git decode: use macro's instead of direct ptr checks To prepare future changes to the Packet header pointers. Ticket: #5517. --- diff --git a/src/decode-geneve.c b/src/decode-geneve.c index 29038f8ce6..2aec534659 100644 --- a/src/decode-geneve.c +++ b/src/decode-geneve.c @@ -305,11 +305,11 @@ static int DecodeGeneveTest01(void) FlowInitConfig(FLOW_QUIET); DecodeUDP(&tv, &dtv, p, raw_geneve, sizeof(raw_geneve)); - FAIL_IF(p->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(p)); FAIL_IF(tv.decode_pq.top == NULL); Packet *tp = PacketDequeueNoLock(&tv.decode_pq); - FAIL_IF(tp->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(tp)); FAIL_IF_NOT(tp->sp == 546); FlowShutdown(); @@ -347,11 +347,11 @@ static int DecodeGeneveTest02(void) FlowInitConfig(FLOW_QUIET); DecodeUDP(&tv, &dtv, p, raw_geneve, sizeof(raw_geneve)); - FAIL_IF(p->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(p)); FAIL_IF(tv.decode_pq.top == NULL); Packet *tp = PacketDequeueNoLock(&tv.decode_pq); - FAIL_IF(tp->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(tp)); FAIL_IF_NOT(tp->sp == 53); FlowShutdown(); @@ -394,11 +394,11 @@ static int DecodeGeneveTest03(void) FlowInitConfig(FLOW_QUIET); DecodeUDP(&tv, &dtv, p, raw_geneve, sizeof(raw_geneve)); - FAIL_IF(p->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(p)); FAIL_IF(tv.decode_pq.top == NULL); Packet *tp = PacketDequeueNoLock(&tv.decode_pq); - FAIL_IF(tp->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(tp)); FAIL_IF_NOT(tp->sp == 53); FlowShutdown(); @@ -438,7 +438,7 @@ static int DecodeGeneveTest04(void) FlowInitConfig(FLOW_QUIET); DecodeUDP(&tv, &dtv, p, raw_geneve, sizeof(raw_geneve)); - FAIL_IF(p->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(p)); FAIL_IF(tv.decode_pq.top != NULL); /* Geneve packet should not have been processed */ DecodeGeneveConfigPorts(GENEVE_DEFAULT_PORT_S); /* Reset Geneve port list for future calls */ @@ -478,7 +478,7 @@ static int DecodeGeneveTest05(void) FlowInitConfig(FLOW_QUIET); DecodeUDP(&tv, &dtv, p, raw_geneve, sizeof(raw_geneve)); - FAIL_IF(p->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(p)); FAIL_IF(tv.decode_pq.top != NULL); /* Geneve packet should not have been processed */ FlowShutdown(); diff --git a/src/decode-tcp.c b/src/decode-tcp.c index 90cfc357bd..97ebf8a905 100644 --- a/src/decode-tcp.c +++ b/src/decode-tcp.c @@ -381,19 +381,16 @@ static int TCPV6CalculateInvalidChecksumtest04(void) /** \test Get the wscale of 2 */ static int TCPGetWscaleTest01(void) { - int retval = 0; static uint8_t raw_tcp[] = {0xda, 0xc1, 0x00, 0x50, 0xb6, 0x21, 0x7f, 0x58, 0x00, 0x00, 0x00, 0x00, 0xa0, 0x02, 0x16, 0xd0, 0x8a, 0xaf, 0x00, 0x00, 0x02, 0x04, 0x05, 0xb4, 0x04, 0x02, 0x08, 0x0a, 0x00, 0x62, 0x88, 0x28, 0x00, 0x00, 0x00, 0x00, 0x01, 0x03, 0x03, 0x02}; Packet *p = PacketGetFromAlloc(); - if (unlikely(p == NULL)) - return 0; + FAIL_IF_NULL(p); IPV4Hdr ip4h; ThreadVars tv; DecodeThreadVars dtv; - memset(&tv, 0, sizeof(ThreadVars)); memset(&dtv, 0, sizeof(DecodeThreadVars)); memset(&ip4h, 0, sizeof(IPV4Hdr)); @@ -404,38 +401,27 @@ static int TCPGetWscaleTest01(void) FlowInitConfig(FLOW_QUIET); DecodeTCP(&tv, &dtv, p, raw_tcp, sizeof(raw_tcp)); - - if (p->tcph == NULL) { - printf("tcp packet decode failed: "); - goto end; - } + FAIL_IF_NOT(PKT_IS_TCP(p)); uint8_t wscale = TCP_GET_WSCALE(p); - if (wscale != 2) { - printf("wscale %"PRIu8", expected 2: ", wscale); - goto end; - } + FAIL_IF(wscale != 2); - retval = 1; -end: PacketRecycle(p); FlowShutdown(); SCFree(p); - return retval; + PASS; } /** \test Get the wscale of 15, so see if return 0 properly */ static int TCPGetWscaleTest02(void) { - int retval = 0; static uint8_t raw_tcp[] = {0xda, 0xc1, 0x00, 0x50, 0xb6, 0x21, 0x7f, 0x58, 0x00, 0x00, 0x00, 0x00, 0xa0, 0x02, 0x16, 0xd0, 0x8a, 0xaf, 0x00, 0x00, 0x02, 0x04, 0x05, 0xb4, 0x04, 0x02, 0x08, 0x0a, 0x00, 0x62, 0x88, 0x28, 0x00, 0x00, 0x00, 0x00, 0x01, 0x03, 0x03, 0x0f}; Packet *p = PacketGetFromAlloc(); - if (unlikely(p == NULL)) - return 0; + FAIL_IF_NULL(p); IPV4Hdr ip4h; ThreadVars tv; DecodeThreadVars dtv; @@ -450,41 +436,29 @@ static int TCPGetWscaleTest02(void) FlowInitConfig(FLOW_QUIET); DecodeTCP(&tv, &dtv, p, raw_tcp, sizeof(raw_tcp)); - - if (p->tcph == NULL) { - printf("tcp packet decode failed: "); - goto end; - } + FAIL_IF_NOT(PKT_IS_TCP(p)); uint8_t wscale = TCP_GET_WSCALE(p); - if (wscale != 0) { - printf("wscale %"PRIu8", expected 0: ", wscale); - goto end; - } + FAIL_IF(wscale != 0); - retval = 1; -end: PacketRecycle(p); FlowShutdown(); SCFree(p); - return retval; + PASS; } /** \test Get the wscale, but it's missing, so see if return 0 properly */ static int TCPGetWscaleTest03(void) { - int retval = 0; static uint8_t raw_tcp[] = {0xda, 0xc1, 0x00, 0x50, 0xb6, 0x21, 0x7f, 0x59, 0xdd, 0xa3, 0x6f, 0xf8, 0x80, 0x10, 0x05, 0xb4, 0x7c, 0x70, 0x00, 0x00, 0x01, 0x01, 0x08, 0x0a, 0x00, 0x62, 0x88, 0x9e, 0x00, 0x00, 0x00, 0x00}; Packet *p = PacketGetFromAlloc(); - if (unlikely(p == NULL)) - return 0; + FAIL_IF_NULL(p); IPV4Hdr ip4h; ThreadVars tv; DecodeThreadVars dtv; - memset(&tv, 0, sizeof(ThreadVars)); memset(&dtv, 0, sizeof(DecodeThreadVars)); memset(&ip4h, 0, sizeof(IPV4Hdr)); @@ -495,24 +469,15 @@ static int TCPGetWscaleTest03(void) FlowInitConfig(FLOW_QUIET); DecodeTCP(&tv, &dtv, p, raw_tcp, sizeof(raw_tcp)); - - if (p->tcph == NULL) { - printf("tcp packet decode failed: "); - goto end; - } + FAIL_IF_NOT(PKT_IS_TCP(p)); uint8_t wscale = TCP_GET_WSCALE(p); - if (wscale != 0) { - printf("wscale %"PRIu8", expected 0: ", wscale); - goto end; - } + FAIL_IF(wscale != 0); - retval = 1; -end: PacketRecycle(p); FlowShutdown(); SCFree(p); - return retval; + PASS; } static int TCPGetSackTest01(void) diff --git a/src/decode-vxlan.c b/src/decode-vxlan.c index 61dae9cfc2..5d06eb73c5 100644 --- a/src/decode-vxlan.c +++ b/src/decode-vxlan.c @@ -218,11 +218,11 @@ static int DecodeVXLANtest01 (void) FlowInitConfig(FLOW_QUIET); DecodeUDP(&tv, &dtv, p, raw_vxlan, sizeof(raw_vxlan)); - FAIL_IF(p->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(p)); FAIL_IF(tv.decode_pq.top == NULL); Packet *tp = PacketDequeueNoLock(&tv.decode_pq); - FAIL_IF(tp->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(tp)); FAIL_IF_NOT(tp->sp == 53); FlowShutdown(); @@ -257,7 +257,7 @@ static int DecodeVXLANtest02 (void) FlowInitConfig(FLOW_QUIET); DecodeUDP(&tv, &dtv, p, raw_vxlan, sizeof(raw_vxlan)); - FAIL_IF(p->udph == NULL); + FAIL_IF_NOT(PKT_IS_UDP(p)); FAIL_IF(tv.decode_pq.top != NULL); DecodeVXLANConfigPorts(VXLAN_DEFAULT_PORT_S); /* reset */ diff --git a/src/detect-csum.c b/src/detect-csum.c index 3ad046d653..19c2e150b0 100644 --- a/src/detect-csum.c +++ b/src/detect-csum.c @@ -327,7 +327,7 @@ static int DetectTCPV4CsumMatch(DetectEngineThreadCtx *det_ctx, { const DetectCsumData *cd = (const DetectCsumData *)ctx; - if (!PacketIsIPv4(p) || p->tcph == NULL || p->proto != IPPROTO_TCP || PKT_IS_PSEUDOPKT(p)) + if (!PacketIsIPv4(p) || !PKT_IS_TCP(p) || p->proto != IPPROTO_TCP || PKT_IS_PSEUDOPKT(p)) return 0; if (p->flags & PKT_IGNORE_CHECKSUM) { @@ -415,7 +415,7 @@ static int DetectTCPV6CsumMatch(DetectEngineThreadCtx *det_ctx, { const DetectCsumData *cd = (const DetectCsumData *)ctx; - if (!PacketIsIPv6(p) || p->tcph == NULL || p->proto != IPPROTO_TCP || PKT_IS_PSEUDOPKT(p)) + if (!PacketIsIPv6(p) || !PKT_IS_TCP(p) || p->proto != IPPROTO_TCP || PKT_IS_PSEUDOPKT(p)) return 0; if (p->flags & PKT_IGNORE_CHECKSUM) { @@ -504,7 +504,7 @@ static int DetectUDPV4CsumMatch(DetectEngineThreadCtx *det_ctx, { const DetectCsumData *cd = (const DetectCsumData *)ctx; - if (!PacketIsIPv4(p) || p->udph == NULL || p->proto != IPPROTO_UDP || PKT_IS_PSEUDOPKT(p) || + if (!PacketIsIPv4(p) || !PKT_IS_UDP(p) || p->proto != IPPROTO_UDP || PKT_IS_PSEUDOPKT(p) || p->udph->uh_sum == 0) return 0; @@ -593,7 +593,7 @@ static int DetectUDPV6CsumMatch(DetectEngineThreadCtx *det_ctx, { const DetectCsumData *cd = (const DetectCsumData *)ctx; - if (!PacketIsIPv6(p) || p->udph == NULL || p->proto != IPPROTO_UDP || PKT_IS_PSEUDOPKT(p)) + if (!PacketIsIPv6(p) || !PKT_IS_UDP(p) || p->proto != IPPROTO_UDP || PKT_IS_PSEUDOPKT(p)) return 0; if (p->flags & PKT_IGNORE_CHECKSUM) { diff --git a/src/detect-tcp-ack.c b/src/detect-tcp-ack.c index b2e35ca813..85f4a3d210 100644 --- a/src/detect-tcp-ack.c +++ b/src/detect-tcp-ack.c @@ -156,9 +156,8 @@ PrefilterPacketAckMatch(DetectEngineThreadCtx *det_ctx, Packet *p, const void *p if (!PrefilterPacketHeaderExtraMatch(ctx, p)) return; - if ((p->proto) == IPPROTO_TCP && !(PKT_IS_PSEUDOPKT(p)) && - (p->tcph != NULL) && (TCP_GET_ACK(p) == ctx->v1.u32[0])) - { + if (p->proto == IPPROTO_TCP && !(PKT_IS_PSEUDOPKT(p)) && PKT_IS_TCP(p) && + (TCP_GET_ACK(p) == ctx->v1.u32[0])) { SCLogDebug("packet matches TCP ack %u", ctx->v1.u32[0]); PrefilterAddSids(&det_ctx->pmq, ctx->sigs_array, ctx->sigs_cnt); } diff --git a/src/detect-tcp-seq.c b/src/detect-tcp-seq.c index 0a34f5633d..57e763d853 100644 --- a/src/detect-tcp-seq.c +++ b/src/detect-tcp-seq.c @@ -151,9 +151,8 @@ PrefilterPacketSeqMatch(DetectEngineThreadCtx *det_ctx, Packet *p, const void *p if (!PrefilterPacketHeaderExtraMatch(ctx, p)) return; - if ((p->proto) == IPPROTO_TCP && !(PKT_IS_PSEUDOPKT(p)) && - (p->tcph != NULL) && (TCP_GET_SEQ(p) == ctx->v1.u32[0])) - { + if (p->proto == IPPROTO_TCP && !(PKT_IS_PSEUDOPKT(p)) && PKT_IS_TCP(p) && + (TCP_GET_SEQ(p) == ctx->v1.u32[0])) { SCLogDebug("packet matches TCP seq %u", ctx->v1.u32[0]); PrefilterAddSids(&det_ctx->pmq, ctx->sigs_array, ctx->sigs_cnt); } diff --git a/src/detect-tcphdr.c b/src/detect-tcphdr.c index f054e35509..18969ca7a0 100644 --- a/src/detect-tcphdr.c +++ b/src/detect-tcphdr.c @@ -101,7 +101,7 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id); if (buffer->inspect == NULL) { - if (p->tcph == NULL) { + if (!PKT_IS_TCP(p)) { // may happen when DecodeTCPPacket fails // for instance with invalid header length return NULL; diff --git a/src/detect-udphdr.c b/src/detect-udphdr.c index 8aa645b926..f123db7103 100644 --- a/src/detect-udphdr.c +++ b/src/detect-udphdr.c @@ -99,7 +99,7 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id); if (buffer->inspect == NULL) { - if (p->udph == NULL) { + if (!PKT_IS_UDP(p)) { return NULL; } if (((uint8_t *)p->udph + (ptrdiff_t)UDP_HEADER_LEN) > diff --git a/src/detect.c b/src/detect.c index 1575d9d81c..2786c47d70 100644 --- a/src/detect.c +++ b/src/detect.c @@ -407,7 +407,7 @@ static inline void DetectPrefilterBuildNonPrefilterList( static inline void DetectPrefilterSetNonPrefilterList(const Packet *p, DetectEngineThreadCtx *det_ctx, DetectRunScratchpad *scratch) { - if ((p->proto == IPPROTO_TCP) && (p->tcph != NULL) && (p->tcph->th_flags & TH_SYN)) { + if ((p->proto == IPPROTO_TCP) && PKT_IS_TCP(p) && (p->tcph->th_flags & TH_SYN)) { det_ctx->non_pf_store_ptr = scratch->sgh->non_pf_syn_store_array; det_ctx->non_pf_store_cnt = scratch->sgh->non_pf_syn_store_cnt; } else { diff --git a/src/flow-hash.c b/src/flow-hash.c index 150a2f02a7..4f78c5a684 100644 --- a/src/flow-hash.c +++ b/src/flow-hash.c @@ -192,7 +192,7 @@ static inline uint32_t FlowGetHash(const Packet *p) uint32_t hash = 0; if (PacketIsIPv4(p)) { - if (p->tcph != NULL || p->udph != NULL) { + if (PKT_IS_TCP(p) || PKT_IS_UDP(p)) { FlowHashKey4 fhk = { .pad[0] = 0 }; int ai = (p->src.addr_data32[0] > p->dst.addr_data32[0]); diff --git a/src/flow-util.c b/src/flow-util.c index a820ff1d72..97d48a5baa 100644 --- a/src/flow-util.c +++ b/src/flow-util.c @@ -170,10 +170,10 @@ void FlowInit(Flow *f, const Packet *p) DEBUG_VALIDATE_BUG_ON(1); } - if (p->tcph != NULL) { /* XXX MACRO */ + if (PKT_IS_TCP(p)) { SET_TCP_SRC_PORT(p,&f->sp); SET_TCP_DST_PORT(p,&f->dp); - } else if (p->udph != NULL) { /* XXX MACRO */ + } else if (PKT_IS_UDP(p)) { SET_UDP_SRC_PORT(p,&f->sp); SET_UDP_DST_PORT(p,&f->dp); } else if (p->icmpv4h != NULL) { diff --git a/src/respond-reject-libnet11.c b/src/respond-reject-libnet11.c index a0856671e6..2325c8dfda 100644 --- a/src/respond-reject-libnet11.c +++ b/src/respond-reject-libnet11.c @@ -282,7 +282,7 @@ int RejectSendLibnet11IPv4TCP(ThreadVars *tv, Packet *p, void *data, enum Reject lpacket.flow = 0; lpacket.class = 0; - if (p->tcph == NULL) + if (!PKT_IS_TCP(p)) return 1; libnet_t *c = GetCtx(p, LIBNET_RAW4); @@ -425,8 +425,8 @@ int RejectSendLibnet11IPv6TCP(ThreadVars *tv, Packet *p, void *data, enum Reject lpacket.flow = 0; lpacket.class = 0; - if (p->tcph == NULL) - return 1; + if (!PKT_IS_TCP(p)) + return 1; libnet_t *c = GetCtx(p, LIBNET_RAW6); if (c == NULL) diff --git a/src/stream-tcp-reassemble.c b/src/stream-tcp-reassemble.c index 5a8bffec0f..2a969545c3 100644 --- a/src/stream-tcp-reassemble.c +++ b/src/stream-tcp-reassemble.c @@ -1958,7 +1958,7 @@ int StreamTcpReassembleHandleSegment(ThreadVars *tv, TcpReassemblyThreadCtx *ra_ { SCEnter(); - DEBUG_VALIDATE_BUG_ON(p->tcph == NULL); + DEBUG_VALIDATE_BUG_ON(!PKT_IS_TCP(p)); SCLogDebug("ssn %p, stream %p, p %p, p->payload_len %"PRIu16"", ssn, stream, p, p->payload_len); diff --git a/src/stream-tcp.c b/src/stream-tcp.c index d42d990a89..142c6ebe54 100644 --- a/src/stream-tcp.c +++ b/src/stream-tcp.c @@ -5849,7 +5849,7 @@ static int TcpSessionReuseDoneEnough(const Packet *p, const Flow *f, const TcpSe int TcpSessionPacketSsnReuse(const Packet *p, const Flow *f, const void *tcp_ssn) { - if (p->proto == IPPROTO_TCP && p->tcph != NULL) { + if (p->proto == IPPROTO_TCP && PKT_IS_TCP(p)) { if (TcpSessionPacketIsStreamStarter(p) == 1) { if (TcpSessionReuseDoneEnough(p, f, tcp_ssn) == 1) { return 1; diff --git a/src/tmqh-flow.c b/src/tmqh-flow.c index e11d05d713..e6e422deec 100644 --- a/src/tmqh-flow.c +++ b/src/tmqh-flow.c @@ -282,8 +282,8 @@ static void TmqhOutputFlowFTPHash(ThreadVars *tv, Packet *p) if (p->flags & PKT_WANTS_FLOW) { uint32_t hash = p->flow_hash; - if (p->tcph != NULL && ((p->sp >= 1024 && p->dp >= 1024) || p->dp == 21 || p->sp == 21 || - p->dp == 20 || p->sp == 20)) { + if (PKT_IS_TCP(p) && ((p->sp >= 1024 && p->dp >= 1024) || p->dp == 21 || p->sp == 21 || + p->dp == 20 || p->sp == 20)) { hash = FlowGetIpPairProtoHash(p); } qid = hash % ctx->size;