From: Victor Julien Date: Sun, 16 Jul 2023 08:33:11 +0000 (+0200) Subject: classification: fix multi-tenant loading issues X-Git-Tag: suricata-7.0.0~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2859eeae816f8376bd4b36e2ec14cf6abdec9ff3;p=thirdparty%2Fsuricata.git classification: fix multi-tenant loading issues Move pcre2 data structures used for parsing into the detect engine context, so that multiple tenant loading threads don't use the same data structures. Bug: #4797. --- diff --git a/src/detect-engine.c b/src/detect-engine.c index fbba52103f..346060f383 100644 --- a/src/detect-engine.c +++ b/src/detect-engine.c @@ -2514,6 +2514,7 @@ static DetectEngineCtx *DetectEngineCtxInitReal(enum DetectEngineType type, cons /* init iprep... ignore errors for now */ (void)SRepInit(de_ctx); + SCClassConfInit(de_ctx); if (!SCClassConfLoadClassificationConfigFile(de_ctx, NULL)) { if (RunmodeGetCurrent() == RUNMODE_CONF_TEST) goto error; @@ -2658,6 +2659,7 @@ void DetectEngineCtxFree(DetectEngineCtx *de_ctx) DetectBufferTypeFreeDetectEngine(de_ctx); /* freed our var name hash */ VarNameStoreFree(de_ctx->version); + SCClassConfDeinit(de_ctx); SCFree(de_ctx); //DetectAddressGroupPrintMemory(); diff --git a/src/detect.h b/src/detect.h index 7dd42a1477..1a5fac560f 100644 --- a/src/detect.h +++ b/src/detect.h @@ -853,8 +853,6 @@ typedef struct DetectEngineCtx_ { /* used by the signature ordering module */ struct SCSigOrderFunc_ *sc_sig_order_funcs; - /* hash table used for holding the classification config info */ - HashTable *class_conf_ht; /* hash table used for holding the reference config info */ HashTable *reference_conf_ht; @@ -1011,6 +1009,13 @@ typedef struct DetectEngineCtx_ { * run. */ bool sm_types_prefilter[DETECT_TBLSIZE]; bool sm_types_silent_error[DETECT_TBLSIZE]; + + /* classification config parsing */ + + /* hash table used for holding the classification config info */ + HashTable *class_conf_ht; + pcre2_code *class_conf_regex; + pcre2_match_data *class_conf_regex_match; } DetectEngineCtx; /* Engine groups profiles (low, medium, high, custom) */ diff --git a/src/runmode-unittests.c b/src/runmode-unittests.c index d7899a144e..fa69d48f84 100644 --- a/src/runmode-unittests.c +++ b/src/runmode-unittests.c @@ -254,7 +254,6 @@ void RunUnittests(int list_unittests, const char *regex_arg) TagInitCtx(); SCReferenceConfInit(); - SCClassConfInit(); UtInitialize(); diff --git a/src/suricata.c b/src/suricata.c index 7172a49dba..2aa633363f 100644 --- a/src/suricata.c +++ b/src/suricata.c @@ -385,7 +385,6 @@ static void GlobalsDestroy(SCInstance *suri) TimeDeinit(); if (!suri->disabled_detect) { SCReferenceConfDeinit(); - SCClassConfDeinit(); } TmqhCleanup(); TmModuleRunDeInit(); @@ -2550,7 +2549,6 @@ void PostConfLoadedDetectSetup(SCInstance *suri) { DetectEngineCtx *de_ctx = NULL; if (!suri->disabled_detect) { - SCClassConfInit(); SCReferenceConfInit(); SetupDelayedDetect(suri); int mt_enabled = 0; diff --git a/src/tests/fuzz/fuzz_siginit.c b/src/tests/fuzz/fuzz_siginit.c index e649eb070d..d37aa5cae6 100644 --- a/src/tests/fuzz/fuzz_siginit.c +++ b/src/tests/fuzz/fuzz_siginit.c @@ -29,7 +29,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) EngineModeSetIDS(); SigTableSetup(); SCReferenceConfInit(); - SCClassConfInit(); } if (cnt++ == 1024) { DetectEngineCtxFree(de_ctx); diff --git a/src/util-classification-config.c b/src/util-classification-config.c index dbaac9a29f..be42469e6d 100644 --- a/src/util-classification-config.c +++ b/src/util-classification-config.c @@ -48,9 +48,6 @@ #define SC_CLASS_CONF_DEF_CONF_FILEPATH CONFIG_DIR "/classification.config" #endif -static pcre2_code *regex = NULL; -static pcre2_match_data *regex_match = NULL; - uint32_t SCClassConfClasstypeHashFunc(HashTable *ht, void *data, uint16_t datalen); char SCClassConfClasstypeHashCompareFunc(void *data1, uint16_t datalen1, void *data2, uint16_t datalen2); @@ -61,15 +58,15 @@ static SCClassConfClasstype *SCClassConfAllocClasstype(uint16_t classtype_id, const char *classtype, const char *classtype_desc, int priority); static void SCClassConfDeAllocClasstype(SCClassConfClasstype *ct); -void SCClassConfInit(void) +void SCClassConfInit(DetectEngineCtx *de_ctx) { int en; PCRE2_SIZE eo; int opts = 0; - regex = pcre2_compile( + de_ctx->class_conf_regex = pcre2_compile( (PCRE2_SPTR8)DETECT_CLASSCONFIG_REGEX, PCRE2_ZERO_TERMINATED, opts, &en, &eo, NULL); - if (regex == NULL) { + if (de_ctx->class_conf_regex == NULL) { PCRE2_UCHAR errbuffer[256]; pcre2_get_error_message(en, errbuffer, sizeof(errbuffer)); SCLogWarning("pcre2 compile of \"%s\" failed at " @@ -77,19 +74,20 @@ void SCClassConfInit(void) DETECT_CLASSCONFIG_REGEX, (int)eo, errbuffer); return; } - regex_match = pcre2_match_data_create_from_pattern(regex, NULL); + de_ctx->class_conf_regex_match = + pcre2_match_data_create_from_pattern(de_ctx->class_conf_regex, NULL); return; } -void SCClassConfDeinit(void) +void SCClassConfDeinit(DetectEngineCtx *de_ctx) { - if (regex != NULL) { - pcre2_code_free(regex); - regex = NULL; + if (de_ctx->class_conf_regex != NULL) { + pcre2_code_free(de_ctx->class_conf_regex); + de_ctx->class_conf_regex = NULL; } - if (regex_match != NULL) { - pcre2_match_data_free(regex_match); - regex_match = NULL; + if (de_ctx->class_conf_regex_match != NULL) { + pcre2_match_data_free(de_ctx->class_conf_regex_match); + de_ctx->class_conf_regex_match = NULL; } } @@ -248,7 +246,8 @@ int SCClassConfAddClasstype(DetectEngineCtx *de_ctx, char *rawstr, uint16_t inde int ret = 0; - ret = pcre2_match(regex, (PCRE2_SPTR8)rawstr, strlen(rawstr), 0, 0, regex_match, NULL); + ret = pcre2_match(de_ctx->class_conf_regex, (PCRE2_SPTR8)rawstr, strlen(rawstr), 0, 0, + de_ctx->class_conf_regex_match, NULL); if (ret < 0) { SCLogError("Invalid Classtype in " "classification.config file %s: \"%s\"", @@ -258,7 +257,8 @@ int SCClassConfAddClasstype(DetectEngineCtx *de_ctx, char *rawstr, uint16_t inde size_t copylen = sizeof(ct_name); /* retrieve the classtype name */ - ret = pcre2_substring_copy_bynumber(regex_match, 1, (PCRE2_UCHAR8 *)ct_name, ©len); + ret = pcre2_substring_copy_bynumber( + de_ctx->class_conf_regex_match, 1, (PCRE2_UCHAR8 *)ct_name, ©len); if (ret < 0) { SCLogInfo("pcre2_substring_copy_bynumber() failed"); goto error; @@ -266,7 +266,8 @@ int SCClassConfAddClasstype(DetectEngineCtx *de_ctx, char *rawstr, uint16_t inde /* retrieve the classtype description */ copylen = sizeof(ct_desc); - ret = pcre2_substring_copy_bynumber(regex_match, 2, (PCRE2_UCHAR8 *)ct_desc, ©len); + ret = pcre2_substring_copy_bynumber( + de_ctx->class_conf_regex_match, 2, (PCRE2_UCHAR8 *)ct_desc, ©len); if (ret < 0) { SCLogInfo("pcre2_substring_copy_bynumber() failed"); goto error; @@ -274,7 +275,8 @@ int SCClassConfAddClasstype(DetectEngineCtx *de_ctx, char *rawstr, uint16_t inde /* retrieve the classtype priority */ copylen = sizeof(ct_priority_str); - ret = pcre2_substring_copy_bynumber(regex_match, 3, (PCRE2_UCHAR8 *)ct_priority_str, ©len); + ret = pcre2_substring_copy_bynumber( + de_ctx->class_conf_regex_match, 3, (PCRE2_UCHAR8 *)ct_priority_str, ©len); if (ret < 0) { SCLogInfo("pcre2_substring_copy_bynumber() failed"); goto error; diff --git a/src/util-classification-config.h b/src/util-classification-config.h index f0b98979e3..9ac00c85d0 100644 --- a/src/util-classification-config.h +++ b/src/util-classification-config.h @@ -51,8 +51,8 @@ SCClassConfClasstype *SCClassConfGetClasstype(const char *, DetectEngineCtx *); void SCClassConfDeInitContext(DetectEngineCtx *); -void SCClassConfInit(void); -void SCClassConfDeinit(void); +void SCClassConfInit(DetectEngineCtx *de_ctx); +void SCClassConfDeinit(DetectEngineCtx *de_ctx); /* for unittests */ #ifdef UNITTESTS