From: Victor Julien Date: Wed, 9 Feb 2022 07:23:19 +0000 (+0100) Subject: frames: address coverity issue X-Git-Tag: suricata-7.0.0-beta1~915 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=27cd54dc0d04bdbe5a4c626f4b977011bee9ce01;p=thirdparty%2Fsuricata.git frames: address coverity issue Minor cleanups to assist coverity. Bug: #5065. --- diff --git a/src/output-json-alert.c b/src/output-json-alert.c index c14cfa43ed..0465184fb6 100644 --- a/src/output-json-alert.c +++ b/src/output-json-alert.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2013-2021 Open Information Security Foundation +/* Copyright (C) 2013-2022 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -610,18 +610,19 @@ static void AlertAddFrame(const Packet *p, JsonBuilder *jb, const int64_t frame_ stream = &ssn->server; frames = &frames_container->toclient; } + Frame *frame = FrameGetById(frames, frame_id); + if (frame != NULL) { + FrameJsonLogOneFrame(IPPROTO_TCP, frame, p->flow, stream, p, jb); + } } else if (p->proto == IPPROTO_UDP) { if (PKT_IS_TOSERVER(p)) { frames = &frames_container->toserver; } else { frames = &frames_container->toclient; } - } - - if (frames) { Frame *frame = FrameGetById(frames, frame_id); if (frame != NULL) { - FrameJsonLogOneFrame(frame, p->flow, stream, p, jb); + FrameJsonLogOneFrame(IPPROTO_UDP, frame, p->flow, NULL, p, jb); } } } diff --git a/src/output-json-frame.c b/src/output-json-frame.c index 4cbde9ce00..e0caf1de03 100644 --- a/src/output-json-frame.c +++ b/src/output-json-frame.c @@ -212,20 +212,26 @@ static void FrameAddPayloadUDP(JsonBuilder *js, const Packet *p, const Frame *fr } // TODO separate between stream_offset and frame_offset -void FrameJsonLogOneFrame(const Frame *frame, const Flow *f, const TcpStream *stream, - const Packet *p, JsonBuilder *jb) +/** \brief log a single frame + * \note ipproto argument is passed to assist static code analyzers + */ +void FrameJsonLogOneFrame(const uint8_t ipproto, const Frame *frame, const Flow *f, + const TcpStream *stream, const Packet *p, JsonBuilder *jb) { + DEBUG_VALIDATE_BUG_ON(ipproto != p->proto); + DEBUG_VALIDATE_BUG_ON(ipproto != f->proto); + jb_open_object(jb, "frame"); - jb_set_string(jb, "type", AppLayerParserGetFrameNameById(f->proto, f->alproto, frame->type)); + jb_set_string(jb, "type", AppLayerParserGetFrameNameById(ipproto, f->alproto, frame->type)); jb_set_uint(jb, "id", frame->id); jb_set_string(jb, "direction", PKT_IS_TOSERVER(p) ? "toserver" : "toclient"); - if (f->proto == IPPROTO_TCP) { + if (ipproto == IPPROTO_TCP) { DEBUG_VALIDATE_BUG_ON(stream == NULL); int64_t abs_offset = frame->rel_offset + (int64_t)STREAM_BASE_OFFSET(stream); jb_set_uint(jb, "stream_offset", (uint64_t)abs_offset); - if (f->proto == IPPROTO_TCP && frame->len < 0) { + if (frame->len < 0) { uint64_t usable = StreamTcpGetUsable(stream, true); uint64_t len = usable - abs_offset; jb_set_uint(jb, "length", len); @@ -270,7 +276,7 @@ static int FrameJsonUdp( return TM_ECODE_OK; jb_set_string(jb, "app_proto", AppProtoToString(f->alproto)); - FrameJsonLogOneFrame(frame, p->flow, NULL, p, jb); + FrameJsonLogOneFrame(IPPROTO_UDP, frame, p->flow, NULL, p, jb); OutputJsonBuilderBuffer(jb, aft->ctx); jb_free(jb); frame->flags |= FRAME_FLAG_LOGGED; @@ -345,7 +351,7 @@ static int FrameJson(ThreadVars *tv, JsonFrameLogThread *aft, const Packet *p) return TM_ECODE_OK; jb_set_string(jb, "app_proto", AppProtoToString(p->flow->alproto)); - FrameJsonLogOneFrame(frame, p->flow, stream, p, jb); + FrameJsonLogOneFrame(IPPROTO_TCP, frame, p->flow, stream, p, jb); OutputJsonBuilderBuffer(jb, aft->ctx); jb_free(jb); frame->flags |= FRAME_FLAG_LOGGED; diff --git a/src/output-json-frame.h b/src/output-json-frame.h index 73c07ba927..5560a07eea 100644 --- a/src/output-json-frame.h +++ b/src/output-json-frame.h @@ -27,8 +27,8 @@ #ifndef __OUTPUT_JSON_FRAME_H__ #define __OUTPUT_JSON_FRAME_H__ -void FrameJsonLogOneFrame(const Frame *frame, const Flow *f, const TcpStream *stream, - const Packet *p, JsonBuilder *jb); +void FrameJsonLogOneFrame(const uint8_t ipproto, const Frame *frame, const Flow *f, + const TcpStream *stream, const Packet *p, JsonBuilder *jb); void JsonFrameLogRegister(void); #endif /* __OUTPUT_JSON_FRAME_H__ */