From: Philippe Antoine Date: Thu, 21 Mar 2024 08:38:25 +0000 (+0100) Subject: conf: avoid quadratic complexity X-Git-Tag: suricata-8.0.0-beta1~1468 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=240e068b81275e287ffe6555d4c457a0b3916066;p=thirdparty%2Fsuricata.git conf: avoid quadratic complexity Ticket: 6878 Follow up on 15649424a76d01eb332d85620ffc4956d4f3d9be When adding many sequence nodes, either from start or scalar event We add "sequence nodes" whose name is an integer cf sequence_node_name and then run ConfNodeLookupChild to see if it had been already set (from the command line cf comment in the code) And ConfNodeLookupChild iterates the whole linked list... 1. We add node 1 2. To add node 2, we check if node 1 equals this new node 3. To add node 3, we check if nodes 1, or 2 equals this new node's name And so on... This commits avoids these checks ig the list is empty at the beginning --- diff --git a/src/conf-yaml-loader.c b/src/conf-yaml-loader.c index ea64563609..463eb2e582 100644 --- a/src/conf-yaml-loader.c +++ b/src/conf-yaml-loader.c @@ -394,8 +394,19 @@ static int ConfYamlParse(yaml_parser_t *parser, ConfNode *parent, int inseq, int if (inseq) { char sequence_node_name[DEFAULT_NAME_LEN]; snprintf(sequence_node_name, DEFAULT_NAME_LEN, "%d", seq_idx++); - ConfNode *seq_node = ConfNodeLookupChild(node, - sequence_node_name); + ConfNode *seq_node = NULL; + if (was_empty < 0) { + // initialize was_empty + if (TAILQ_EMPTY(&node->head)) { + was_empty = 1; + } else { + was_empty = 0; + } + } + // we only check if the node's list was not empty at first + if (was_empty == 0) { + seq_node = ConfNodeLookupChild(node, sequence_node_name); + } if (seq_node != NULL) { /* The sequence node has already been set, probably * from the command line. Remove it so it gets