From: Michael Altizer (mialtize) Date: Sat, 27 Jun 2020 18:24:01 +0000 (+0000) Subject: Merge pull request #2295 in SNORT/snort3 from ~MIALTIZE/snort3:cppcheck to master X-Git-Tag: 3.0.2-1~16 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=25f69c51746c24f2e7aa827f67e574de27dc9214;p=thirdparty%2Fsnort3.git Merge pull request #2295 in SNORT/snort3 from ~MIALTIZE/snort3:cppcheck to master Squashed commit of the following: commit b0a6542cf89eb02f16c71c8447332c0437249896 Author: Michael Altizer Date: Sat Jun 27 12:15:19 2020 -0400 build: Fix various cppcheck warnings about constness --- diff --git a/src/detection/rules.cc b/src/detection/rules.cc index 1795229bc..4690a8c41 100644 --- a/src/detection/rules.cc +++ b/src/detection/rules.cc @@ -83,7 +83,7 @@ void RuleStateMap::apply(SnortConfig* sc) } void RuleStateMap::apply( - SnortConfig* sc, OptTreeNode* otn, unsigned ips_num, RuleState& s) + SnortConfig* sc, OptTreeNode* otn, unsigned ips_num, const RuleState& s) { IpsPolicy* policy = nullptr; RuleTreeNode* rtn = getRtnFromOtn(otn, ips_num); diff --git a/src/detection/rules.h b/src/detection/rules.h index e0521cfe4..8ff47e270 100644 --- a/src/detection/rules.h +++ b/src/detection/rules.h @@ -98,7 +98,7 @@ public: private: RuleTreeNode* dup_rtn(RuleTreeNode*); void update_rtn(RuleTreeNode*, const RuleState&); - void apply(snort::SnortConfig*, OptTreeNode*, unsigned ips_num, RuleState&); + void apply(snort::SnortConfig*, OptTreeNode*, unsigned ips_num, const RuleState&); private: std::map map; diff --git a/src/file_api/file_policy.cc b/src/file_api/file_policy.cc index b79587204..15f069e2f 100644 --- a/src/file_api/file_policy.cc +++ b/src/file_api/file_policy.cc @@ -184,7 +184,7 @@ FileVerdict FilePolicy::type_lookup(Packet*, FileInfo* file) FileVerdict FilePolicy::signature_lookup(Packet*, FileInfo* file) { - FileRule& rule = match_file_rule(nullptr, file); + const FileRule& rule = match_file_rule(nullptr, file); if (rule.use.capture_enabled) { diff --git a/src/helpers/test/bitop_test.cc b/src/helpers/test/bitop_test.cc index b8acf7be1..f5be7c711 100644 --- a/src/helpers/test/bitop_test.cc +++ b/src/helpers/test/bitop_test.cc @@ -25,7 +25,7 @@ #include "../bitop.h" -static unsigned num_set(BitOp& bitop, size_t max) +static unsigned num_set(const BitOp& bitop, size_t max) { unsigned c = 0; @@ -37,7 +37,7 @@ static unsigned num_set(BitOp& bitop, size_t max) return c; } -static bool is_clear(BitOp& bitop, size_t max) +static bool is_clear(const BitOp& bitop, size_t max) { return num_set(bitop, max) == 0; } TEST_CASE( "bitop", "[bitop]" ) diff --git a/src/ips_options/ips_base64.cc b/src/ips_options/ips_base64.cc index 765118da0..b2f5014c9 100644 --- a/src/ips_options/ips_base64.cc +++ b/src/ips_options/ips_base64.cc @@ -286,7 +286,7 @@ public: IpsOption::EvalStatus Base64DataOption::eval(Cursor& c, Packet* p) { RuleProfile profile(base64PerfStats); - DataBuffer& base64_decode_buffer = DetectionEngine::get_alt_buffer(p); + const DataBuffer& base64_decode_buffer = DetectionEngine::get_alt_buffer(p); if ( !base64_decode_buffer.len ) return NO_MATCH; diff --git a/src/ips_options/ips_content.cc b/src/ips_options/ips_content.cc index 30183a6e7..378e60b18 100644 --- a/src/ips_options/ips_content.cc +++ b/src/ips_options/ips_content.cc @@ -244,7 +244,7 @@ bool ContentOption::operator==(const IpsOption& ips) const if ( !IpsOption::operator==(ips) ) return false; - ContentOption& rhs = (ContentOption&)ips; + const ContentOption& rhs = (const ContentOption&)ips; const ContentData& left = *config; const ContentData& right = *rhs.config; diff --git a/src/latency/latency_module.cc b/src/latency/latency_module.cc index 0007dccf6..577b6dc09 100644 --- a/src/latency/latency_module.cc +++ b/src/latency/latency_module.cc @@ -123,7 +123,7 @@ static const PegInfo latency_pegs[] = // latency module // ----------------------------------------------------------------------------- -static inline bool latency_set(Value& v, PacketLatencyConfig& config) +static inline bool latency_set(const Value& v, PacketLatencyConfig& config) { if ( v.is("max_time") ) { @@ -143,7 +143,7 @@ static inline bool latency_set(Value& v, PacketLatencyConfig& config) return true; } -static inline bool latency_set(Value& v, RuleLatencyConfig& config) +static inline bool latency_set(const Value& v, RuleLatencyConfig& config) { if ( v.is("max_time") ) { diff --git a/src/network_inspectors/appid/app_info_table.cc b/src/network_inspectors/appid/app_info_table.cc index b9cef01c0..58b3ef081 100644 --- a/src/network_inspectors/appid/app_info_table.cc +++ b/src/network_inspectors/appid/app_info_table.cc @@ -623,7 +623,7 @@ SnortProtocolId AppInfoManager::add_appid_protocol_reference(const char* protoco return snort_protocol_id; } -void AppInfoManager::init_appid_info_table(AppIdConfig& config, +void AppInfoManager::init_appid_info_table(const AppIdConfig& config, SnortConfig* sc, OdpContext& odp_ctxt) { if (!config.app_detector_dir) diff --git a/src/network_inspectors/appid/app_info_table.h b/src/network_inspectors/appid/app_info_table.h index 51b950b8c..f3c0c5391 100644 --- a/src/network_inspectors/appid/app_info_table.h +++ b/src/network_inspectors/appid/app_info_table.h @@ -134,7 +134,7 @@ public: return entry ? entry->priority : 0; } - void init_appid_info_table(AppIdConfig&, snort::SnortConfig*, OdpContext& odp_ctxt); + void init_appid_info_table(const AppIdConfig&, snort::SnortConfig*, OdpContext& odp_ctxt); void cleanup_appid_info_table(); void dump_app_info_table(); SnortProtocolId add_appid_protocol_reference(const char* protocol, snort::SnortConfig*); diff --git a/src/network_inspectors/appid/appid_api.cc b/src/network_inspectors/appid/appid_api.cc index e62c0538c..1fcd8141f 100644 --- a/src/network_inspectors/appid/appid_api.cc +++ b/src/network_inspectors/appid/appid_api.cc @@ -51,7 +51,7 @@ AppIdSession* AppIdApi::get_appid_session(const Flow& flow) return asd; } -const char* AppIdApi::get_application_name(AppId app_id, AppIdContext& ctxt) +const char* AppIdApi::get_application_name(AppId app_id, const AppIdContext& ctxt) { return ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(app_id); } @@ -85,7 +85,7 @@ const char* AppIdApi::get_application_name(const Flow& flow, bool from_client) return app_name; } -AppId AppIdApi::get_application_id(const char* appName, AppIdContext& ctxt) +AppId AppIdApi::get_application_id(const char* appName, const AppIdContext& ctxt) { return ctxt.get_odp_ctxt().get_app_info_mgr().get_appid_by_name(appName); } diff --git a/src/network_inspectors/appid/appid_api.h b/src/network_inspectors/appid/appid_api.h index 56472c16d..1291f5280 100644 --- a/src/network_inspectors/appid/appid_api.h +++ b/src/network_inspectors/appid/appid_api.h @@ -53,9 +53,9 @@ public: SO_PRIVATE AppIdApi() = default; AppIdSession* get_appid_session(const Flow& flow); - const char* get_application_name(AppId app_id, AppIdContext& ctxt); + const char* get_application_name(AppId app_id, const AppIdContext& ctxt); const char* get_application_name(const Flow& flow, bool from_client); - AppId get_application_id(const char* appName, AppIdContext& ctxt); + AppId get_application_id(const char* appName, const AppIdContext& ctxt); uint32_t produce_ha_state(const Flow& flow, uint8_t* buf); uint32_t consume_ha_state(Flow& flow, const uint8_t* buf, uint8_t length, IpProtocol, SfIp*, uint16_t initiatorPort); diff --git a/src/network_inspectors/appid/appid_config.cc b/src/network_inspectors/appid/appid_config.cc index ce5b5ff8a..9ffb9c454 100644 --- a/src/network_inspectors/appid/appid_config.cc +++ b/src/network_inspectors/appid/appid_config.cc @@ -133,7 +133,7 @@ void AppIdContext::show() const config.show(); } -OdpContext::OdpContext(AppIdConfig& config, SnortConfig* sc) +OdpContext::OdpContext(const AppIdConfig& config, SnortConfig* sc) { app_info_mgr.init_appid_info_table(config, sc, *this); client_pattern_detector = new PatternClientDetector(&client_disco_mgr); diff --git a/src/network_inspectors/appid/appid_config.h b/src/network_inspectors/appid/appid_config.h index 8617fbcfb..8b06d9f3c 100644 --- a/src/network_inspectors/appid/appid_config.h +++ b/src/network_inspectors/appid/appid_config.h @@ -101,7 +101,7 @@ public: uint16_t max_packet_before_service_fail = MIN_MAX_PKTS_BEFORE_SERVICE_FAIL; uint16_t max_packet_service_fail_ignore_bytes = MIN_MAX_PKT_BEFORE_SERVICE_FAIL_IGNORE_BYTES; - OdpContext(AppIdConfig&, snort::SnortConfig*); + OdpContext(const AppIdConfig&, snort::SnortConfig*); void initialize(); AppInfoManager& get_app_info_mgr() diff --git a/src/network_inspectors/appid/appid_data_decrypt_event_handler.h b/src/network_inspectors/appid/appid_data_decrypt_event_handler.h index b2043081e..3f9633bcc 100644 --- a/src/network_inspectors/appid/appid_data_decrypt_event_handler.h +++ b/src/network_inspectors/appid/appid_data_decrypt_event_handler.h @@ -38,7 +38,7 @@ public: AppIdSession* asd = snort::appid_api.get_appid_session(*flow); if (!asd) return; - DataDecryptEvent& data_decrypt_event = static_cast(event); + const DataDecryptEvent& data_decrypt_event = static_cast(event); if (data_decrypt_event.get_type() == DataDecryptEvent::DATA_DECRYPT_MONITOR_EVENT) { asd->set_session_flags(APPID_SESSION_DECRYPT_MONITOR); diff --git a/src/network_inspectors/appid/appid_stats.cc b/src/network_inspectors/appid/appid_stats.cc index 0d3590f7a..5d3bdbd22 100644 --- a/src/network_inspectors/appid/appid_stats.cc +++ b/src/network_inspectors/appid/appid_stats.cc @@ -251,7 +251,7 @@ static void update_stats(const AppIdSession& asd, AppId app_id, StatsBucket* buc } } -void AppIdStatistics::update(AppIdSession& asd) +void AppIdStatistics::update(const AppIdSession& asd) { time_t now = get_time(); diff --git a/src/network_inspectors/appid/appid_stats.h b/src/network_inspectors/appid/appid_stats.h index b45a6b0ee..51faeb89c 100644 --- a/src/network_inspectors/appid/appid_stats.h +++ b/src/network_inspectors/appid/appid_stats.h @@ -51,7 +51,7 @@ public: static AppIdStatistics* initialize_manager(const AppIdConfig&); static AppIdStatistics* get_stats_manager(); static void cleanup(); - void update(AppIdSession&); + void update(const AppIdSession&); void flush(); private: diff --git a/src/network_inspectors/appid/detector_plugins/detector_dns.cc b/src/network_inspectors/appid/detector_plugins/detector_dns.cc index 167d12351..adc53a230 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_dns.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_dns.cc @@ -431,7 +431,7 @@ int DnsValidator::dns_validate_answer(const uint8_t* data, uint16_t* offset, uin } int DnsValidator::dns_validate_header(const AppidSessionDirection dir, const DNSHeader* hdr, - bool host_reporting, AppIdSession& asd) + bool host_reporting, const AppIdSession& asd) { if (hdr->Opcode > MAX_OPCODE || hdr->Opcode == INVALID_OPCODE) return APPID_NOMATCH; diff --git a/src/network_inspectors/appid/detector_plugins/detector_dns.h b/src/network_inspectors/appid/detector_plugins/detector_dns.h index c623c71f3..8ccecb20b 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_dns.h +++ b/src/network_inspectors/appid/detector_plugins/detector_dns.h @@ -41,7 +41,8 @@ public: uint16_t id, bool host_reporting, AppIdSession&); int dns_validate_answer(const uint8_t* data, uint16_t* offset, uint16_t size, uint16_t id, uint8_t rcode, bool host_reporting, AppIdSession&); - int dns_validate_header(const AppidSessionDirection dir, const DNSHeader*, bool host_reporting, AppIdSession&); + int dns_validate_header(const AppidSessionDirection dir, const DNSHeader*, bool host_reporting, + const AppIdSession&); int validate_packet(const uint8_t* data, uint16_t size, const int, bool host_reporting, AppIdSession&); }; diff --git a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h index 855df582c..27ac396b1 100644 --- a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h +++ b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h @@ -220,7 +220,7 @@ void ServiceDiscovery::initialize() int ServiceDiscovery::add_service_port(AppIdDetector*, const ServiceDetectorPort&) { return 0; } -OdpContext::OdpContext(AppIdConfig&, snort::SnortConfig*) +OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } #endif diff --git a/src/network_inspectors/appid/host_port_app_cache.cc b/src/network_inspectors/appid/host_port_app_cache.cc index 0e875be8b..08139d609 100644 --- a/src/network_inspectors/appid/host_port_app_cache.cc +++ b/src/network_inspectors/appid/host_port_app_cache.cc @@ -35,7 +35,7 @@ using namespace snort; HostPortVal* HostPortCache::find(const SfIp* ip, uint16_t port, IpProtocol protocol, - OdpContext& odp_ctxt) + const OdpContext& odp_ctxt) { HostPortKey hk; @@ -60,7 +60,7 @@ bool HostPortCache::add(const SfIp* ip, uint16_t port, IpProtocol proto, unsigne hk.ip = *ip; AppIdInspector* inspector = (AppIdInspector*) InspectorManager::get_inspector(MOD_NAME); assert(inspector); - AppIdContext& ctxt = inspector->get_ctxt(); + const AppIdContext& ctxt = inspector->get_ctxt(); hk.port = (ctxt.get_odp_ctxt().allow_port_wildcard_host_cache)? 0 : port; hk.proto = proto; diff --git a/src/network_inspectors/appid/host_port_app_cache.h b/src/network_inspectors/appid/host_port_app_cache.h index 864e477d6..de49bce53 100644 --- a/src/network_inspectors/appid/host_port_app_cache.h +++ b/src/network_inspectors/appid/host_port_app_cache.h @@ -63,7 +63,7 @@ struct HostPortVal class HostPortCache { public: - HostPortVal* find(const snort::SfIp*, uint16_t port, IpProtocol, OdpContext&); + HostPortVal* find(const snort::SfIp*, uint16_t port, IpProtocol, const OdpContext&); bool add(const snort::SfIp*, uint16_t port, IpProtocol, unsigned type, AppId); void dump(); diff --git a/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h b/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h index 40c056479..c7f49494f 100644 --- a/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h +++ b/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h @@ -204,7 +204,7 @@ void ServiceDiscoveryState::set_service_id_valid(ServiceDetector*) { } static OdpContext stub_odp_ctxt(stub_config, nullptr); OdpContext* AppIdContext::odp_ctxt = &stub_odp_ctxt; -OdpContext::OdpContext(AppIdConfig&, snort::SnortConfig*) +OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } #endif diff --git a/src/network_inspectors/appid/test/appid_discovery_test.cc b/src/network_inspectors/appid/test/appid_discovery_test.cc index 0f7c040a2..dfbcf2071 100644 --- a/src/network_inspectors/appid/test/appid_discovery_test.cc +++ b/src/network_inspectors/appid/test/appid_discovery_test.cc @@ -250,7 +250,7 @@ bool ClientDiscovery::do_client_discovery(AppIdSession&, Packet*, } // Stubs for misc items -HostPortVal* HostPortCache::find(const SfIp*, uint16_t, IpProtocol, OdpContext&) +HostPortVal* HostPortCache::find(const SfIp*, uint16_t, IpProtocol, const OdpContext&) { return nullptr; } diff --git a/src/network_inspectors/appid/test/appid_http_session_test.cc b/src/network_inspectors/appid/test/appid_http_session_test.cc index ad24c4be6..6d4646cd8 100644 --- a/src/network_inspectors/appid/test/appid_http_session_test.cc +++ b/src/network_inspectors/appid/test/appid_http_session_test.cc @@ -155,7 +155,7 @@ MemoryContext::~MemoryContext() { } void memory::MemoryCap::update_allocations(unsigned long) { } void memory::MemoryCap::update_deallocations(unsigned long) { } -OdpContext::OdpContext(AppIdConfig&, snort::SnortConfig*) { } +OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } AppIdConfig::~AppIdConfig() { } unsigned AppIdSession::inspector_id = 0; diff --git a/src/network_inspectors/appid/test/appid_mock_session.h b/src/network_inspectors/appid/test/appid_mock_session.h index 91be114d7..7f014b36e 100644 --- a/src/network_inspectors/appid/test/appid_mock_session.h +++ b/src/network_inspectors/appid/test/appid_mock_session.h @@ -71,7 +71,7 @@ public: }; AppIdConfig::~AppIdConfig() { } -OdpContext::OdpContext(AppIdConfig&, snort::SnortConfig*) { } +OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } static AppIdConfig stub_config; static AppIdContext stub_ctxt(stub_config); diff --git a/src/network_inspectors/appid/test/tp_lib_handler_test.cc b/src/network_inspectors/appid/test/tp_lib_handler_test.cc index 350a4b16b..1a427e9b0 100644 --- a/src/network_inspectors/appid/test/tp_lib_handler_test.cc +++ b/src/network_inspectors/appid/test/tp_lib_handler_test.cc @@ -59,7 +59,7 @@ HttpPatternMatchers::~HttpPatternMatchers() { } SipPatternMatchers::~SipPatternMatchers() { } SslPatternMatchers::~SslPatternMatchers() { } AppIdConfig::~AppIdConfig() { } -OdpContext::OdpContext(AppIdConfig&, snort::SnortConfig*) { } +OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } void ServiceDiscovery::initialize() { } int ServiceDiscovery::add_service_port(AppIdDetector*, const ServiceDetectorPort&) { return 0; } diff --git a/src/network_inspectors/appid/tp_appid_session_api.h b/src/network_inspectors/appid/tp_appid_session_api.h index 0f6cbebb2..521a5c1f0 100644 --- a/src/network_inspectors/appid/tp_appid_session_api.h +++ b/src/network_inspectors/appid/tp_appid_session_api.h @@ -37,7 +37,7 @@ class ThirdPartyAppIdContext; class ThirdPartyAppIdSession { public: - ThirdPartyAppIdSession(ThirdPartyAppIdContext& ctxt) + ThirdPartyAppIdSession(const ThirdPartyAppIdContext& ctxt) : appid(APP_ID_NONE), confidence(100), state(TP_STATE_INIT), ctxt(ctxt) { } virtual ~ThirdPartyAppIdSession() { } diff --git a/src/network_inspectors/normalize/norm_module.cc b/src/network_inspectors/normalize/norm_module.cc index 30335ac16..40d622585 100644 --- a/src/network_inspectors/normalize/norm_module.cc +++ b/src/network_inspectors/normalize/norm_module.cc @@ -213,7 +213,7 @@ NormalizeModule::~NormalizeModule() ProfileStats* NormalizeModule::get_profile() const { return &norm_perf_stats; } -bool NormalizeModule::set_ip4(const char*, Value& v, SnortConfig*) +bool NormalizeModule::set_ip4(const char*, const Value& v, SnortConfig*) { if ( v.is("base") ) Norm_Set(&config, NORM_IP4_BASE, v.get_bool()); @@ -236,7 +236,7 @@ bool NormalizeModule::set_ip4(const char*, Value& v, SnortConfig*) return true; } -bool NormalizeModule::set_tcp(const char*, Value& v, SnortConfig*) +bool NormalizeModule::set_tcp(const char*, const Value& v, SnortConfig*) { if ( v.is("base") ) { diff --git a/src/network_inspectors/normalize/norm_module.h b/src/network_inspectors/normalize/norm_module.h index 213c90ed2..8e185684f 100644 --- a/src/network_inspectors/normalize/norm_module.h +++ b/src/network_inspectors/normalize/norm_module.h @@ -50,8 +50,8 @@ public: { return INSPECT; } private: - bool set_ip4(const char*, snort::Value&, snort::SnortConfig*); - bool set_tcp(const char*, snort::Value&, snort::SnortConfig*); + bool set_ip4(const char*, const snort::Value&, snort::SnortConfig*); + bool set_tcp(const char*, const snort::Value&, snort::SnortConfig*); void add_test_peg(const PegInfo&) const; diff --git a/src/service_inspectors/dce_rpc/dce_common.cc b/src/service_inspectors/dce_rpc/dce_common.cc index a687227ca..c1a6f0b8c 100644 --- a/src/service_inspectors/dce_rpc/dce_common.cc +++ b/src/service_inspectors/dce_rpc/dce_common.cc @@ -82,7 +82,7 @@ static const char* dce2_get_policy_name(DCE2_Policy policy) return policyStr; } -bool dce2_set_common_config(Value& v, dce2CommonProtoConf& common) +bool dce2_set_common_config(const Value& v, dce2CommonProtoConf& common) { if ( v.is("limit_alerts") ) common.limit_alerts = v.get_bool(); @@ -99,7 +99,7 @@ bool dce2_set_common_config(Value& v, dce2CommonProtoConf& common) return true; } -bool dce2_set_co_config(Value& v, dce2CoProtoConf& co) +bool dce2_set_co_config(const Value& v, dce2CoProtoConf& co) { if (dce2_set_common_config(v, co.common)) return true; diff --git a/src/service_inspectors/dce_rpc/dce_common.h b/src/service_inspectors/dce_rpc/dce_common.h index 6b8bad3b5..90d8c19d8 100644 --- a/src/service_inspectors/dce_rpc/dce_common.h +++ b/src/service_inspectors/dce_rpc/dce_common.h @@ -395,9 +395,9 @@ inline void dce_alert(uint32_t gid, uint32_t sid, dce2CommonStats* stats, DCE2_S stats->events++; } -bool dce2_set_common_config(snort::Value&, dce2CommonProtoConf&); +bool dce2_set_common_config(const snort::Value&, dce2CommonProtoConf&); void print_dce2_common_config(const dce2CommonProtoConf&); -bool dce2_set_co_config(snort::Value&, dce2CoProtoConf&); +bool dce2_set_co_config(const snort::Value&, dce2CoProtoConf&); void print_dce2_co_config(const dce2CoProtoConf&); bool dce2_paf_abort(DCE2_SsnData*); void DCE2_Detect(DCE2_SsnData*); diff --git a/src/service_inspectors/dce_rpc/dce_expected_session.cc b/src/service_inspectors/dce_rpc/dce_expected_session.cc index e6a58fe91..a4c61eef9 100644 --- a/src/service_inspectors/dce_rpc/dce_expected_session.cc +++ b/src/service_inspectors/dce_rpc/dce_expected_session.cc @@ -61,7 +61,7 @@ void DceExpSsnManager::create_expected_session(const SfIp* ept_ip, DataBus::publish(DCERPC_EXP_SESSION_EVENT_KEY, map_resp_event, pkt->flow); } -DceTcpExpSsnManager::DceTcpExpSsnManager(dce2TcpProtoConf& config) : +DceTcpExpSsnManager::DceTcpExpSsnManager(const dce2TcpProtoConf& config) : DceExpSsnManager("dce-tcp", IpProtocol::TCP, PktType::TCP), pc(config) { } diff --git a/src/service_inspectors/dce_rpc/dce_expected_session.h b/src/service_inspectors/dce_rpc/dce_expected_session.h index 0db9bd29e..1da899102 100644 --- a/src/service_inspectors/dce_rpc/dce_expected_session.h +++ b/src/service_inspectors/dce_rpc/dce_expected_session.h @@ -65,7 +65,7 @@ class DceTcpExpSsnManager : public DceExpSsnManager { public: DceTcpExpSsnManager() = delete; - DceTcpExpSsnManager(dce2TcpProtoConf&); + DceTcpExpSsnManager(const dce2TcpProtoConf&); DceTcpExpSsnManager(const DceTcpExpSsnManager&) = delete; DceTcpExpSsnManager& operator=(const DceTcpExpSsnManager&) =delete; diff --git a/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.cc b/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.cc index 5e0335334..a3d3cf658 100644 --- a/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.cc +++ b/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.cc @@ -113,7 +113,7 @@ StreamSplitter::Status DceHttpProxySplitter::match_response_head(const uint8_t* /* match_request() is only used by the s2c splitter instance. */ StreamSplitter::Status - DceHttpProxySplitter::match_response(const uint8_t* data, uint32_t& len) + DceHttpProxySplitter::match_response(const uint8_t* data, const uint32_t& len) { uint32_t starting_index = 0; diff --git a/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.h b/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.h index abf1801d1..bb4abd41c 100644 --- a/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.h +++ b/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.h @@ -45,7 +45,7 @@ public: private: Status match_request_head(const uint8_t* data, uint32_t& len); Status match_response_head(const uint8_t* data, uint32_t& len); - Status match_response(const uint8_t* data, uint32_t& len); + Status match_response(const uint8_t* data, const uint32_t& len); enum DceHttpProxyState { diff --git a/src/service_inspectors/http_inspect/http_inspect.cc b/src/service_inspectors/http_inspect/http_inspect.cc index de3cb008f..73c532c05 100644 --- a/src/service_inspectors/http_inspect/http_inspect.cc +++ b/src/service_inspectors/http_inspect/http_inspect.cc @@ -232,7 +232,7 @@ bool HttpInspect::get_buf(unsigned id, Packet* p, InspectionBuffer& b) } const Field& HttpInspect::http_get_buf(Cursor& c, Packet* p, - HttpBufferInfo& buffer_info) + const HttpBufferInfo& buffer_info) { HttpMsgSection* current_section = HttpContextData::get_snapshot(p); diff --git a/src/service_inspectors/http_inspect/http_inspect.h b/src/service_inspectors/http_inspect/http_inspect.h index 24e15e99b..cf5995567 100644 --- a/src/service_inspectors/http_inspect/http_inspect.h +++ b/src/service_inspectors/http_inspect/http_inspect.h @@ -47,7 +47,7 @@ public: snort::InspectionBuffer& b) override; bool get_buf(unsigned id, snort::Packet* p, snort::InspectionBuffer& b) override; const Field& http_get_buf(Cursor& c, snort::Packet* p, - HttpBufferInfo& buffer_info); + const HttpBufferInfo& buffer_info); bool get_fp_buf(snort::InspectionBuffer::Type ibt, snort::Packet* p, snort::InspectionBuffer& b) override; bool configure(snort::SnortConfig*) override; diff --git a/src/service_inspectors/http_inspect/http_msg_section.cc b/src/service_inspectors/http_inspect/http_msg_section.cc index 43b4be6c5..b403369a3 100644 --- a/src/service_inspectors/http_inspect/http_msg_section.cc +++ b/src/service_inspectors/http_inspect/http_msg_section.cc @@ -156,7 +156,7 @@ const Field& HttpMsgSection::get_classic_buffer(unsigned id, uint64_t sub_id, ui return get_classic_buffer(c, buffer_info); } -const Field& HttpMsgSection::get_classic_buffer(Cursor& c, HttpBufferInfo& buf) +const Field& HttpMsgSection::get_classic_buffer(Cursor& c, const HttpBufferInfo& buf) { // buffer_side replaces source_id for buffers that support the request option const SourceId buffer_side = (buf.form & FORM_REQUEST) ? SRC_CLIENT : source_id; diff --git a/src/service_inspectors/http_inspect/http_msg_section.h b/src/service_inspectors/http_inspect/http_msg_section.h index 97e698d89..660d74511 100644 --- a/src/service_inspectors/http_inspect/http_msg_section.h +++ b/src/service_inspectors/http_inspect/http_msg_section.h @@ -67,7 +67,7 @@ public: virtual void update_flow() = 0; const Field& get_classic_buffer(unsigned id, uint64_t sub_id, uint64_t form); - const Field& get_classic_buffer(Cursor& c, HttpBufferInfo& buf); + const Field& get_classic_buffer(Cursor& c, const HttpBufferInfo& buf); HttpEnums::MethodId get_method_id() const { return method_id; } diff --git a/src/stream/tcp/tcp_stream_session.cc b/src/stream/tcp/tcp_stream_session.cc index db3ec77aa..9c9026bb3 100644 --- a/src/stream/tcp/tcp_stream_session.cc +++ b/src/stream/tcp/tcp_stream_session.cc @@ -255,7 +255,7 @@ bool TcpStreamSession::check_alerted(Packet* p, uint32_t gid, uint32_t sid) if (!(p->packet_flags & PKT_REBUILT_STREAM)) return false; - TcpStreamTracker& st = p->ptrs.ip_api.get_src()->equals(flow->client_ip) ? server : client; + const TcpStreamTracker& st = p->ptrs.ip_api.get_src()->equals(flow->client_ip) ? server : client; for (int i = 0; i < st.alert_count; i++) { /* This is a rebuilt packet and if we've seen this alert before, @@ -276,7 +276,7 @@ int TcpStreamSession::update_alert(Packet* p, uint32_t gid, uint32_t sid, for (unsigned i = 0; i < st.alert_count; i++) { - StreamAlertInfo* ai = st.alerts + i; + StreamAlertInfo* ai = &st.alerts[i]; if (ai->gid == gid && ai->sid == sid && SEQ_EQ(ai->seq, seq_num)) {