From: Ron Dempster (rdempste) Date: Thu, 1 Sep 2022 15:34:15 +0000 (+0000) Subject: Pull request #3573: Const changes X-Git-Tag: 3.1.41.0~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2e3d749ac97d768b29d7cb8267956adfce5be12a;p=thirdparty%2Fsnort3.git Pull request #3573: Const changes Merge in SNORT/snort3 from ~RDEMPSTE/snort3:const_changes to master Squashed commit of the following: commit 49533a8a6b24ba425331b874f32326666bb3b6e0 Author: Ron Dempster (rdempste) Date: Fri Aug 19 13:29:40 2022 -0400 stream: free flow data, if flow is blocked commit 3634e7e499ca310d8b3a92938682098d5e0aeba8 Author: Ron Dempster (rdempste) Date: Thu Aug 18 16:45:24 2022 -0400 framework, rna, pub_sub: make data bus get_packet method a const commit 47beb51ab6055c7bdac4594a2aceed0d96128471 Author: Ron Dempster (rdempste) Date: Thu Aug 18 16:42:05 2022 -0400 stream: use a const packet to populate the flow key commit 546c8888f600b139a7877e47b75d469ed3752824 Author: Ron Dempster (rdempste) Date: Thu Aug 18 16:40:44 2022 -0400 flow: update flow statistics before processing a flow --- diff --git a/src/flow/flow.cc b/src/flow/flow.cc index 6f2e8f823..3e5342ae5 100644 --- a/src/flow/flow.cc +++ b/src/flow/flow.cc @@ -333,6 +333,8 @@ void Flow::free_flow_data(uint32_t proto) void Flow::free_flow_data() { + if (!flow_data) + return; const SnortConfig* sc = SnortConfig::get_conf(); PolicySelector* ps = sc->policy_map->get_policy_selector(); NetworkPolicy* np = nullptr; diff --git a/src/flow/flow_control.cc b/src/flow/flow_control.cc index b336c15d8..35699d3f2 100644 --- a/src/flow/flow_control.cc +++ b/src/flow/flow_control.cc @@ -452,8 +452,8 @@ unsigned FlowControl::process(Flow* flow, Packet* p) set_ips_policy(p->context->conf, flow->ips_policy_id); } p->filtering_state = flow->filtering_state; + update_stats(flow, p); } - else { flow->network_policy_id = get_network_policy()->policy_id; @@ -465,6 +465,8 @@ unsigned FlowControl::process(Flow* flow, Packet* p) // process expected flows check_expected_flow(flow, p); + update_stats(flow, p); + flow->set_client_initiate(p); DataBus::publish(FLOW_STATE_SETUP_EVENT, p); @@ -525,7 +527,6 @@ unsigned FlowControl::process(Flow* flow, Packet* p) break; } - update_stats(flow, p); return news; } diff --git a/src/framework/data_bus.cc b/src/framework/data_bus.cc index debd6a880..03bb9c749 100644 --- a/src/framework/data_bus.cc +++ b/src/framework/data_bus.cc @@ -56,7 +56,7 @@ public: PacketEvent(Packet* p) { packet = p; } - const Packet* get_packet() override + const Packet* get_packet() const override { return packet; } private: diff --git a/src/framework/data_bus.h b/src/framework/data_bus.h index 3b7f8c711..9770aa5e9 100644 --- a/src/framework/data_bus.h +++ b/src/framework/data_bus.h @@ -45,7 +45,7 @@ class DataEvent public: virtual ~DataEvent() = default; - virtual const Packet* get_packet() + virtual const Packet* get_packet() const { return nullptr; } virtual const uint8_t* get_data() diff --git a/src/network_inspectors/appid/appid_ssh_event_handler.cc b/src/network_inspectors/appid/appid_ssh_event_handler.cc index 0308c4765..916a92353 100644 --- a/src/network_inspectors/appid/appid_ssh_event_handler.cc +++ b/src/network_inspectors/appid/appid_ssh_event_handler.cc @@ -136,7 +136,7 @@ static void service_success(SshAppIdInfo& fd, const Packet& p, AppIdSession& asd asd.set_service_detected(); } -static void handle_success(SshEventFlowData& data, SshEvent& event, +static void handle_success(SshEventFlowData& data, const SshEvent& event, AppIdSession& asd, AppidChangeBits& change_bits) { service_success(data.service_info, *event.get_packet(), asd, change_bits); diff --git a/src/network_inspectors/rna/rna_cpe_os.h b/src/network_inspectors/rna/rna_cpe_os.h index 780abbdd0..61debb7e1 100644 --- a/src/network_inspectors/rna/rna_cpe_os.h +++ b/src/network_inspectors/rna/rna_cpe_os.h @@ -28,7 +28,7 @@ class SO_PUBLIC CpeOsInfoEvent : public snort::DataEvent public: CpeOsInfoEvent(const snort::Packet& p) : p(p) { } - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return &p; } diff --git a/src/pub_sub/active_events.h b/src/pub_sub/active_events.h index 17ef2a047..eb532a5d9 100644 --- a/src/pub_sub/active_events.h +++ b/src/pub_sub/active_events.h @@ -44,7 +44,7 @@ public: Active::ActiveActionType get_previous_action() const { return previous_action; } - const Packet* get_pkt() const + const Packet* get_packet() const override { return pkt; } private: diff --git a/src/pub_sub/appid_events.h b/src/pub_sub/appid_events.h index bb93019cc..e2650de90 100644 --- a/src/pub_sub/appid_events.h +++ b/src/pub_sub/appid_events.h @@ -135,7 +135,7 @@ public: const snort::AppIdSessionApi& get_appid_session_api() const { return api; } - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return &p; } private: diff --git a/src/pub_sub/assistant_gadget_event.h b/src/pub_sub/assistant_gadget_event.h index ae826d4a3..c777fe2e7 100644 --- a/src/pub_sub/assistant_gadget_event.h +++ b/src/pub_sub/assistant_gadget_event.h @@ -41,7 +41,7 @@ public: p(packet), service(_service) { } - snort::Packet* get_packet() override + snort::Packet* get_packet() const override { return p; } const char* get_service() diff --git a/src/pub_sub/cip_events.h b/src/pub_sub/cip_events.h index 9ac5681f6..c35ffde18 100644 --- a/src/pub_sub/cip_events.h +++ b/src/pub_sub/cip_events.h @@ -47,7 +47,7 @@ class SO_PUBLIC CipEvent : public snort::DataEvent public: CipEvent(const snort::Packet*, const CipEventData*); - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return p; } private: diff --git a/src/pub_sub/dcerpc_events.h b/src/pub_sub/dcerpc_events.h index 7dd6d58e0..ab1577483 100644 --- a/src/pub_sub/dcerpc_events.h +++ b/src/pub_sub/dcerpc_events.h @@ -26,7 +26,7 @@ public: dst_ip(dst_ip), dst_port(dst_port), proto(proto), protocol_id(protocol_id) { } - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return p; } const snort::SfIp* get_src_ip() const diff --git a/src/pub_sub/dhcp_events.h b/src/pub_sub/dhcp_events.h index 653a606fc..3c26481b7 100644 --- a/src/pub_sub/dhcp_events.h +++ b/src/pub_sub/dhcp_events.h @@ -42,7 +42,7 @@ public: memcpy(eth_addr, eth, sizeof(eth_addr)); } - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return pkt; } uint32_t get_ip_address() const @@ -82,7 +82,7 @@ public: memcpy(eth_addr, eth, sizeof(eth_addr)); } - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return pkt; } unsigned get_op55_len() const diff --git a/src/pub_sub/eve_process_event.h b/src/pub_sub/eve_process_event.h index 53d425ceb..62d94ce4e 100644 --- a/src/pub_sub/eve_process_event.h +++ b/src/pub_sub/eve_process_event.h @@ -33,7 +33,7 @@ public: EveProcessEvent(const snort::Packet& p, const char* server) : p(p), server_name(server) { } - const snort::Packet* get_packet() override { return &p; } + const snort::Packet* get_packet() const override { return &p; } const std::string& get_process_name() const { diff --git a/src/pub_sub/expect_events.h b/src/pub_sub/expect_events.h index b980b2e77..20520eee7 100644 --- a/src/pub_sub/expect_events.h +++ b/src/pub_sub/expect_events.h @@ -47,7 +47,7 @@ public: flow_data = fd; } - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return p; } snort::ExpectFlow* get_expect_flow() diff --git a/src/pub_sub/finalize_packet_event.h b/src/pub_sub/finalize_packet_event.h index 5ec6fc37a..6c56021ef 100644 --- a/src/pub_sub/finalize_packet_event.h +++ b/src/pub_sub/finalize_packet_event.h @@ -40,7 +40,7 @@ public: { } - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return pkt; } DAQ_Verdict& get_verdict() diff --git a/src/pub_sub/netflow_event.h b/src/pub_sub/netflow_event.h index 4be64a503..b7e1cabd1 100644 --- a/src/pub_sub/netflow_event.h +++ b/src/pub_sub/netflow_event.h @@ -36,7 +36,7 @@ public: : pkt(p), record(rec), create_host(cre_host), create_service(cre_serv), swapped(swp_initiator), serviceID(s_id) { } - const Packet* get_packet() override + const Packet* get_packet() const override { return pkt; } const NetFlowSessionRecord* get_record() diff --git a/src/pub_sub/opportunistic_tls_event.h b/src/pub_sub/opportunistic_tls_event.h index 4d7b046ad..51a31c091 100644 --- a/src/pub_sub/opportunistic_tls_event.h +++ b/src/pub_sub/opportunistic_tls_event.h @@ -37,7 +37,7 @@ public: OpportunisticTlsEvent(const snort::Packet* p, const char* service) : pkt(p), next_service(service) { } - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return pkt; } const char* get_next_service() diff --git a/src/pub_sub/rna_events.h b/src/pub_sub/rna_events.h index 986a44c0b..5af57d745 100644 --- a/src/pub_sub/rna_events.h +++ b/src/pub_sub/rna_events.h @@ -34,7 +34,7 @@ public: RNAEvent(const snort::Packet* p, const NetFlowSessionRecord* rec, const uint32_t service) : pkt(p), record(rec), service_id(service) { } - const Packet* get_packet() override + const Packet* get_packet() const override { return pkt; } const NetFlowSessionRecord* get_record() diff --git a/src/pub_sub/sip_events.h b/src/pub_sub/sip_events.h index 2ccedd301..f49cb9c2f 100644 --- a/src/pub_sub/sip_events.h +++ b/src/pub_sub/sip_events.h @@ -83,7 +83,7 @@ public: SipEvent(const snort::Packet*, const SIPMsg*, const SIP_DialogData*); ~SipEvent() override; - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return p; } const char* get_from() const diff --git a/src/pub_sub/smb_events.h b/src/pub_sub/smb_events.h index 61872f5db..abbc5b891 100644 --- a/src/pub_sub/smb_events.h +++ b/src/pub_sub/smb_events.h @@ -33,7 +33,7 @@ public: FpSMBDataEvent(const snort::Packet* p, unsigned major, unsigned minor, uint32_t flags) : pkt(p), major_version(major), minor_version(minor), flags(flags) { } - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return pkt; } unsigned get_fp_smb_major() const diff --git a/src/pub_sub/ssh_events.h b/src/pub_sub/ssh_events.h index 236da101c..da8fcecd5 100644 --- a/src/pub_sub/ssh_events.h +++ b/src/pub_sub/ssh_events.h @@ -59,7 +59,7 @@ public: uint8_t get_direction() const { return direction; } - const snort::Packet* get_packet() override + const snort::Packet* get_packet() const override { return packet; } private: diff --git a/src/stream/stream.cc b/src/stream/stream.cc index 023321cb4..68db50a01 100644 --- a/src/stream/stream.cc +++ b/src/stream/stream.cc @@ -117,7 +117,7 @@ Flow* Stream::get_flow( return get_flow(&key); } -void Stream::populate_flow_key(Packet* p, FlowKey* key) +void Stream::populate_flow_key(const Packet* p, FlowKey* key) { if (!key || !p) return; @@ -221,6 +221,7 @@ void Stream::check_flow_closed(Packet* p) else if (flow->session_state & STREAM_STATE_BLOCK_PENDING) { flow->session->clear(); + flow->free_flow_data(); flow->set_state(Flow::FlowState::BLOCK); if ( !(p->packet_flags & PKT_STATELESS) ) diff --git a/src/stream/stream.h b/src/stream/stream.h index 6c5c82572..b9dc615a1 100644 --- a/src/stream/stream.h +++ b/src/stream/stream.h @@ -213,7 +213,7 @@ public: static FlowKey* get_flow_key(Packet*); // Populate a session key from the Packet - static void populate_flow_key(Packet*, FlowKey*); + static void populate_flow_key(const Packet*, FlowKey*); static void set_snort_protocol_id_from_ha(Flow*, const SnortProtocolId);