From: Michael Altizer (mialtize) Date: Wed, 25 Dec 2019 14:35:11 +0000 (+0000) Subject: Merge pull request #1906 in SNORT/snort3 from ~MIALTIZE/snort3:f31_warnings to master X-Git-Tag: 3.0.0-268~69 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3127a0e93c61ed427473375be415789934edfc40;p=thirdparty%2Fsnort3.git Merge pull request #1906 in SNORT/snort3 from ~MIALTIZE/snort3:f31_warnings to master Squashed commit of the following: commit a5cd61e97b73d70e9f38b136405c1a55238b0b87 Author: Michael Altizer Date: Fri Dec 20 13:36:37 2019 -0500 codecs: Use unions for checksum pseudoheaders This helps clear up static analysis confusion. commit ddcefc137ecd5229e1eca815a245346c8b539879 Author: Michael Altizer Date: Mon Dec 16 16:01:52 2019 -0500 build: Clean up accumulated tabs and trailing whitespace in the code commit 0c3a7f4f53af3bcee1b56962d06c61a039f69990 Author: Michael Altizer Date: Mon Dec 16 15:28:51 2019 -0500 build: Rename parameters that shadow class members (compiler warnings) commit 9f8664ec859c10ee2668a5cdb4a289b0c58ca1ed Author: Michael Altizer Date: Mon Dec 16 14:17:10 2019 -0500 build: Remove some extraneous semicolons (compiler warnings) --- diff --git a/src/codecs/ip/cd_icmp6.cc b/src/codecs/ip/cd_icmp6.cc index bd681ee50..06e9bb5ba 100644 --- a/src/codecs/ip/cd_icmp6.cc +++ b/src/codecs/ip/cd_icmp6.cc @@ -152,13 +152,13 @@ bool Icmp6Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort) if ( SnortConfig::icmp_checksums() && !valid_checksum_from_daq(raw)) { checksum::Pseudoheader6 ph6; - COPY4(ph6.sip, snort.ip_api.get_src()->get_ip6_ptr()); - COPY4(ph6.dip, snort.ip_api.get_dst()->get_ip6_ptr()); - ph6.zero = 0; - ph6.protocol = codec.ip6_csum_proto; - ph6.len = htons((unsigned short)raw.len); + COPY4(ph6.hdr.sip, snort.ip_api.get_src()->get_ip6_ptr()); + COPY4(ph6.hdr.dip, snort.ip_api.get_dst()->get_ip6_ptr()); + ph6.hdr.zero = 0; + ph6.hdr.protocol = codec.ip6_csum_proto; + ph6.hdr.len = htons((uint16_t)raw.len); - uint16_t csum = checksum::icmp_cksum((const uint16_t*)(icmp6h), raw.len, &ph6); + uint16_t csum = checksum::icmp_cksum((const uint16_t*)(icmp6h), raw.len, ph6); if (csum && !codec.is_cooked()) { @@ -365,12 +365,12 @@ void Icmp6Codec::update(const ip::IpApi& api, const EncodeFlags flags, checksum::Pseudoheader6 ps6; h->cksum = 0; - memcpy(ps6.sip, api.get_src()->get_ip6_ptr(), sizeof(ps6.sip)); - memcpy(ps6.dip, api.get_dst()->get_ip6_ptr(), sizeof(ps6.dip)); - ps6.zero = 0; - ps6.protocol = IpProtocol::ICMPV6; - ps6.len = htons((uint16_t)updated_len); - h->cksum = checksum::icmp_cksum((uint16_t*)h, updated_len, &ps6); + memcpy(ps6.hdr.sip, api.get_src()->get_ip6_ptr(), sizeof(ps6.hdr.sip)); + memcpy(ps6.hdr.dip, api.get_dst()->get_ip6_ptr(), sizeof(ps6.hdr.dip)); + ps6.hdr.zero = 0; + ps6.hdr.protocol = IpProtocol::ICMPV6; + ps6.hdr.len = htons((uint16_t)updated_len); + h->cksum = checksum::icmp_cksum((uint16_t*)h, updated_len, ps6); } } diff --git a/src/codecs/ip/cd_mobility.cc b/src/codecs/ip/cd_mobility.cc index ef2827e71..5d67abf3d 100644 --- a/src/codecs/ip/cd_mobility.cc +++ b/src/codecs/ip/cd_mobility.cc @@ -85,7 +85,7 @@ bool MobilityCodec::decode(const RawData& raw, CodecData& codec, DecodeData&) // must be called AFTER setting next_prot_id // Mobility Header must always be the last header in the header chain of an IPv6 packet CheckIPv6ExtensionOrder(codec, IpProtocol::MOBILITY_IPV6); - + return true; } diff --git a/src/codecs/ip/cd_tcp.cc b/src/codecs/ip/cd_tcp.cc index 9db2b9477..1b0be6140 100644 --- a/src/codecs/ip/cd_tcp.cc +++ b/src/codecs/ip/cd_tcp.cc @@ -172,13 +172,13 @@ bool TcpCodec::valid_checksum4(const RawData& raw, DecodeData& snort) const ip::IP4Hdr* ip4h = snort.ip_api.get_ip4h(); checksum::Pseudoheader ph; - ph.sip = ip4h->get_src(); - ph.dip = ip4h->get_dst(); - ph.zero = 0; - ph.protocol = ip4h->proto(); - ph.len = htons((uint16_t) raw.len); + ph.hdr.sip = ip4h->get_src(); + ph.hdr.dip = ip4h->get_dst(); + ph.hdr.zero = 0; + ph.hdr.protocol = ip4h->proto(); + ph.hdr.len = htons((uint16_t) raw.len); - return (checksum::tcp_cksum((const uint16_t*) raw.data, raw.len, &ph) == 0); + return (checksum::tcp_cksum((const uint16_t*) raw.data, raw.len, ph) == 0); } bool TcpCodec::valid_checksum6(const RawData& raw, const CodecData& codec, DecodeData& snort) @@ -186,13 +186,13 @@ bool TcpCodec::valid_checksum6(const RawData& raw, const CodecData& codec, Decod const ip::IP6Hdr* const ip6h = snort.ip_api.get_ip6h(); checksum::Pseudoheader6 ph6; - COPY4(ph6.sip, ip6h->get_src()->u6_addr32); - COPY4(ph6.dip, ip6h->get_dst()->u6_addr32); - ph6.zero = 0; - ph6.protocol = codec.ip6_csum_proto; - ph6.len = htons((uint16_t) raw.len); + COPY4(ph6.hdr.sip, ip6h->get_src()->u6_addr32); + COPY4(ph6.hdr.dip, ip6h->get_dst()->u6_addr32); + ph6.hdr.zero = 0; + ph6.hdr.protocol = codec.ip6_csum_proto; + ph6.hdr.len = htons((uint16_t) raw.len); - return (checksum::tcp_cksum((const uint16_t*) raw.data, raw.len, &ph6) == 0); + return (checksum::tcp_cksum((const uint16_t*) raw.data, raw.len, ph6) == 0); } bool TcpCodec::decode(const RawData& raw, CodecData& codec, DecodeData& snort) @@ -675,12 +675,12 @@ bool TcpCodec::encode(const uint8_t* const raw_in, const uint16_t /*raw_len*/, int len = buf.size(); const ip::IP4Hdr* const ip4h = ip_api.get_ip4h(); - ps.sip = ip4h->get_src(); - ps.dip = ip4h->get_dst(); - ps.zero = 0; - ps.protocol = IpProtocol::TCP; - ps.len = htons((uint16_t)len); - tcph_out->th_sum = checksum::tcp_cksum((uint16_t*)tcph_out, len, &ps); + ps.hdr.sip = ip4h->get_src(); + ps.hdr.dip = ip4h->get_dst(); + ps.hdr.zero = 0; + ps.hdr.protocol = IpProtocol::TCP; + ps.hdr.len = htons((uint16_t)len); + tcph_out->th_sum = checksum::tcp_cksum((uint16_t*)tcph_out, len, ps); } else if (ip_api.is_ip6()) { @@ -688,12 +688,12 @@ bool TcpCodec::encode(const uint8_t* const raw_in, const uint16_t /*raw_len*/, int len = buf.size(); const ip::IP6Hdr* const ip6h = ip_api.get_ip6h(); - memcpy(&ps6.sip, ip6h->get_src()->u6_addr8, sizeof(ps6.sip)); - memcpy(&ps6.dip, ip6h->get_dst()->u6_addr8, sizeof(ps6.dip)); - ps6.zero = 0; - ps6.protocol = IpProtocol::TCP; - ps6.len = htons((uint16_t)len); - tcph_out->th_sum = checksum::tcp_cksum((uint16_t*)tcph_out, len, &ps6); + memcpy(&ps6.hdr.sip, ip6h->get_src()->u6_addr8, sizeof(ps6.hdr.sip)); + memcpy(&ps6.hdr.dip, ip6h->get_dst()->u6_addr8, sizeof(ps6.hdr.dip)); + ps6.hdr.zero = 0; + ps6.hdr.protocol = IpProtocol::TCP; + ps6.hdr.len = htons((uint16_t)len); + tcph_out->th_sum = checksum::tcp_cksum((uint16_t*)tcph_out, len, ps6); } return true; @@ -714,23 +714,23 @@ void TcpCodec::update(const ip::IpApi& api, const EncodeFlags flags, uint8_t* ra { checksum::Pseudoheader ps; const ip::IP4Hdr* const ip4h = api.get_ip4h(); - ps.sip = ip4h->get_src(); - ps.dip = ip4h->get_dst(); - ps.zero = 0; - ps.protocol = IpProtocol::TCP; - ps.len = htons((uint16_t)updated_len); - h->th_sum = checksum::tcp_cksum((uint16_t*)h, updated_len, &ps); + ps.hdr.sip = ip4h->get_src(); + ps.hdr.dip = ip4h->get_dst(); + ps.hdr.zero = 0; + ps.hdr.protocol = IpProtocol::TCP; + ps.hdr.len = htons((uint16_t)updated_len); + h->th_sum = checksum::tcp_cksum((uint16_t*)h, updated_len, ps); } else { checksum::Pseudoheader6 ps6; const ip::IP6Hdr* const ip6h = api.get_ip6h(); - memcpy(ps6.sip, ip6h->get_src()->u6_addr32, sizeof(ps6.sip)); - memcpy(ps6.dip, ip6h->get_dst()->u6_addr32, sizeof(ps6.dip)); - ps6.zero = 0; - ps6.protocol = IpProtocol::TCP; - ps6.len = htons((uint16_t)updated_len); - h->th_sum = checksum::tcp_cksum((uint16_t*)h, updated_len, &ps6); + memcpy(ps6.hdr.sip, ip6h->get_src()->u6_addr32, sizeof(ps6.hdr.sip)); + memcpy(ps6.hdr.dip, ip6h->get_dst()->u6_addr32, sizeof(ps6.hdr.dip)); + ps6.hdr.zero = 0; + ps6.hdr.protocol = IpProtocol::TCP; + ps6.hdr.len = htons((uint16_t)updated_len); + h->th_sum = checksum::tcp_cksum((uint16_t*)h, updated_len, ps6); } } } diff --git a/src/codecs/ip/cd_udp.cc b/src/codecs/ip/cd_udp.cc index 9af2959e2..d4e6ff977 100644 --- a/src/codecs/ip/cd_udp.cc +++ b/src/codecs/ip/cd_udp.cc @@ -182,13 +182,13 @@ bool UdpCodec::valid_checksum4(const RawData& raw, const DecodeData& snort) const ip::IP4Hdr* const ip4h = snort.ip_api.get_ip4h(); checksum::Pseudoheader ph; - ph.sip = ip4h->get_src(); - ph.dip = ip4h->get_dst(); - ph.zero = 0; - ph.protocol = ip4h->proto(); - ph.len = htons((uint16_t) raw.len); + ph.hdr.sip = ip4h->get_src(); + ph.hdr.dip = ip4h->get_dst(); + ph.hdr.zero = 0; + ph.hdr.protocol = ip4h->proto(); + ph.hdr.len = htons((uint16_t) raw.len); - return (checksum::udp_cksum((const uint16_t*) raw.data, raw.len, &ph) == 0); + return (checksum::udp_cksum((const uint16_t*) raw.data, raw.len, ph) == 0); } bool UdpCodec::valid_checksum6(const RawData& raw, const CodecData& codec, const DecodeData& snort) @@ -196,13 +196,13 @@ bool UdpCodec::valid_checksum6(const RawData& raw, const CodecData& codec, const const ip::IP6Hdr* const ip6h = snort.ip_api.get_ip6h(); checksum::Pseudoheader6 ph6; - COPY4(ph6.sip, ip6h->ip6_src.u6_addr32); - COPY4(ph6.dip, ip6h->ip6_dst.u6_addr32); - ph6.zero = 0; - ph6.protocol = codec.ip6_csum_proto; - ph6.len = htons((uint16_t) raw.len); + COPY4(ph6.hdr.sip, ip6h->get_src()->u6_addr32); + COPY4(ph6.hdr.dip, ip6h->get_dst()->u6_addr32); + ph6.hdr.zero = 0; + ph6.hdr.protocol = codec.ip6_csum_proto; + ph6.hdr.len = htons((uint16_t) raw.len); - return (checksum::udp_cksum((const uint16_t*) raw.data, raw.len, &ph6) == 0); + return (checksum::udp_cksum((const uint16_t*) raw.data, raw.len, ph6) == 0); } void UdpCodec::get_protocol_ids(std::vector& v) @@ -411,23 +411,23 @@ bool UdpCodec::encode(const uint8_t* const raw_in, const uint16_t /*raw_len*/, { checksum::Pseudoheader ps; const ip::IP4Hdr* const ip4h = ip_api.get_ip4h(); - ps.sip = ip4h->get_src(); - ps.dip = ip4h->get_dst(); - ps.zero = 0; - ps.protocol = IpProtocol::UDP; - ps.len = udph_out->uh_len; - udph_out->uh_chk = checksum::udp_cksum((uint16_t*)udph_out, len, &ps); + ps.hdr.sip = ip4h->get_src(); + ps.hdr.dip = ip4h->get_dst(); + ps.hdr.zero = 0; + ps.hdr.protocol = IpProtocol::UDP; + ps.hdr.len = udph_out->uh_len; + udph_out->uh_chk = checksum::udp_cksum((uint16_t*)udph_out, len, ps); } else if (ip_api.is_ip6()) { checksum::Pseudoheader6 ps6; const ip::IP6Hdr* const ip6h = ip_api.get_ip6h(); - memcpy(ps6.sip, ip6h->get_src()->u6_addr8, sizeof(ps6.sip)); - memcpy(ps6.dip, ip6h->get_dst()->u6_addr8, sizeof(ps6.dip)); - ps6.zero = 0; - ps6.protocol = IpProtocol::UDP; - ps6.len = udph_out->uh_len; - udph_out->uh_chk = checksum::udp_cksum((uint16_t*)udph_out, len, &ps6); + memcpy(ps6.hdr.sip, ip6h->get_src()->u6_addr8, sizeof(ps6.hdr.sip)); + memcpy(ps6.hdr.dip, ip6h->get_dst()->u6_addr8, sizeof(ps6.hdr.dip)); + ps6.hdr.zero = 0; + ps6.hdr.protocol = IpProtocol::UDP; + ps6.hdr.len = udph_out->uh_len; + udph_out->uh_chk = checksum::udp_cksum((uint16_t*)udph_out, len, ps6); } enc.next_proto = IpProtocol::UDP; @@ -451,23 +451,23 @@ void UdpCodec::update(const ip::IpApi& ip_api, const EncodeFlags flags, { checksum::Pseudoheader ps; const ip::IP4Hdr* const ip4h = ip_api.get_ip4h(); - ps.sip = ip4h->get_src(); - ps.dip = ip4h->get_dst(); - ps.zero = 0; - ps.protocol = IpProtocol::UDP; - ps.len = htons((uint16_t)updated_len); - h->uh_chk = checksum::udp_cksum((uint16_t*)h, updated_len, &ps); + ps.hdr.sip = ip4h->get_src(); + ps.hdr.dip = ip4h->get_dst(); + ps.hdr.zero = 0; + ps.hdr.protocol = IpProtocol::UDP; + ps.hdr.len = htons((uint16_t)updated_len); + h->uh_chk = checksum::udp_cksum((uint16_t*)h, updated_len, ps); } else if (ip_api.is_ip6()) { checksum::Pseudoheader6 ps6; const ip::IP6Hdr* const ip6h = ip_api.get_ip6h(); - memcpy(ps6.sip, ip6h->ip6_src.u6_addr32, sizeof(ps6.sip)); - memcpy(ps6.dip, ip6h->ip6_dst.u6_addr32, sizeof(ps6.dip)); - ps6.zero = 0; - ps6.protocol = IpProtocol::UDP; - ps6.len = htons((uint16_t)updated_len); - h->uh_chk = checksum::udp_cksum((uint16_t*)h, updated_len, &ps6); + memcpy(ps6.hdr.sip, ip6h->get_src()->u6_addr32, sizeof(ps6.hdr.sip)); + memcpy(ps6.hdr.dip, ip6h->get_dst()->u6_addr32, sizeof(ps6.hdr.dip)); + ps6.hdr.zero = 0; + ps6.hdr.protocol = IpProtocol::UDP; + ps6.hdr.len = htons((uint16_t)updated_len); + h->uh_chk = checksum::udp_cksum((uint16_t*)h, updated_len, ps6); } } } diff --git a/src/codecs/ip/checksum.h b/src/codecs/ip/checksum.h index 53e303d5c..e7c0d8d8d 100644 --- a/src/codecs/ip/checksum.h +++ b/src/codecs/ip/checksum.h @@ -26,31 +26,41 @@ namespace checksum { -struct Pseudoheader6 +union Pseudoheader { - uint32_t sip[4]; - uint32_t dip[4]; - uint8_t zero; - IpProtocol protocol; - uint16_t len; + struct + { + uint32_t sip; + uint32_t dip; + uint8_t zero; + IpProtocol protocol; + uint16_t len; + } hdr; + uint16_t arr[6]; + static_assert(sizeof(hdr) == sizeof(arr), "IPv4 pseudoheader must be 12 bytes"); }; -struct Pseudoheader +union Pseudoheader6 { - uint32_t sip; - uint32_t dip; - uint8_t zero; - IpProtocol protocol; - uint16_t len; + struct + { + uint32_t sip[4]; + uint32_t dip[4]; + uint8_t zero; + IpProtocol protocol; + uint16_t len; + } hdr; + uint16_t arr[18]; + static_assert(sizeof(hdr) == sizeof(arr), "IPv6 pseudoheader must be 36 bytes"); }; // calculate the checksum for this general case. static uint16_t cksum_add(const uint16_t* buf, std::size_t buf_len); -inline uint16_t tcp_cksum(const uint16_t* buf, std::size_t len, const Pseudoheader* const); -inline uint16_t tcp_cksum(const uint16_t* buf, std::size_t len, const Pseudoheader6* const); -inline uint16_t udp_cksum(const uint16_t* buf, std::size_t len, const Pseudoheader* const); -inline uint16_t udp_cksum(const uint16_t* buf, std::size_t len, const Pseudoheader6* const); -inline uint16_t icmp_cksum(const uint16_t* buf, std::size_t len, const Pseudoheader6* const); +inline uint16_t tcp_cksum(const uint16_t* buf, std::size_t len, const Pseudoheader&); +inline uint16_t tcp_cksum(const uint16_t* buf, std::size_t len, const Pseudoheader6&); +inline uint16_t udp_cksum(const uint16_t* buf, std::size_t len, const Pseudoheader&); +inline uint16_t udp_cksum(const uint16_t* buf, std::size_t len, const Pseudoheader6&); +inline uint16_t icmp_cksum(const uint16_t* buf, std::size_t len, const Pseudoheader6&); inline uint16_t icmp_cksum(const uint16_t* buf, std::size_t len); inline uint16_t ip_cksum(const uint16_t* buf, std::size_t len); @@ -69,24 +79,6 @@ inline uint16_t ip_cksum(const uint16_t* buf, std::size_t len); */ namespace detail { -struct PsuedoheaderUnion -{ - union - { - Pseudoheader ph4; - uint16_t ph4_arr[12]; - }; -}; - -struct Psuedoheader6Union -{ - union - { - Pseudoheader ph6; - uint16_t ph6_arr[18]; - }; -}; - inline uint16_t cksum_add(const uint16_t* buf, std::size_t len, uint32_t cksum) { const uint16_t* sp = buf; @@ -177,16 +169,9 @@ inline uint16_t cksum_add(const uint16_t* buf, std::size_t len, uint32_t cksum) return (uint16_t)(~cksum); } -inline void add_ipv4_pseudoheader(const Pseudoheader* const ph4, - uint32_t& cksum) +inline void add_ipv4_pseudoheader(const Pseudoheader& ph4, uint32_t& cksum) { - /* - * This mess is necessary to make static analyzers happy. - * Otherwise they assume we are reading garbage values - */ - const PsuedoheaderUnion* const ph4_u = reinterpret_cast - (ph4); - const uint16_t* const h = ph4_u->ph4_arr; + const uint16_t* h = ph4.arr; /* ipv4 pseudo header must have 12 bytes */ cksum += h[0]; @@ -197,16 +182,9 @@ inline void add_ipv4_pseudoheader(const Pseudoheader* const ph4, cksum += h[5]; } -inline void add_ipv6_pseudoheader(const Pseudoheader6* const ph6, - uint32_t& cksum) +inline void add_ipv6_pseudoheader(const Pseudoheader6& ph6, uint32_t& cksum) { - /* - * This mess is necessary to make static analyzers happy. - * Otherwise they assume we are reading garbage values - */ - const Psuedoheader6Union* const ph6_u = reinterpret_cast - (ph6); - const uint16_t* const h = ph6_u->ph6_arr; + const uint16_t* h = ph6.arr; /* PseudoHeader must have 36 bytes */ cksum += h[0]; @@ -283,7 +261,7 @@ inline void add_ip_header(const uint16_t*& d, inline uint16_t icmp_cksum(const uint16_t* buf, std::size_t len, - const Pseudoheader6* const ph) + const Pseudoheader6& ph) { uint32_t cksum = 0; @@ -298,7 +276,7 @@ inline uint16_t icmp_cksum(const uint16_t* buf, size_t len) inline uint16_t tcp_cksum(const uint16_t* h, std::size_t len, - const Pseudoheader* const ph) + const Pseudoheader& ph) { uint32_t cksum = 0; @@ -309,7 +287,7 @@ inline uint16_t tcp_cksum(const uint16_t* h, inline uint16_t tcp_cksum(const uint16_t* buf, std::size_t len, - const Pseudoheader6* const ph) + const Pseudoheader6& ph) { uint32_t cksum = 0; @@ -320,7 +298,7 @@ inline uint16_t tcp_cksum(const uint16_t* buf, inline uint16_t udp_cksum(const uint16_t* buf, std::size_t len, - const Pseudoheader* const ph) + const Pseudoheader& ph) { uint32_t cksum = 0; @@ -331,7 +309,7 @@ inline uint16_t udp_cksum(const uint16_t* buf, inline uint16_t udp_cksum(const uint16_t* buf, std::size_t len, - const Pseudoheader6* const ph) + const Pseudoheader6& ph) { uint32_t cksum = 0; diff --git a/src/codecs/link/cd_mpls.cc b/src/codecs/link/cd_mpls.cc index 556b96b95..49d49b472 100644 --- a/src/codecs/link/cd_mpls.cc +++ b/src/codecs/link/cd_mpls.cc @@ -290,13 +290,13 @@ int MplsCodec::checkMplsHdr(const CodecData& codec, uint32_t label, uint8_t bos) break; } //if bos is false we are believed to NOT be at the bottom of the stack - //and if we arent at the bottom of the stack then we should NOT see + //and if we arent at the bottom of the stack then we should NOT see //label 0 or 2 (according to RFC 3032) - else + else { if ( label == 0 ) codec_event(codec, DECODE_BAD_MPLS_LABEL0); - //it MUST be label 2 + //it MUST be label 2 else codec_event(codec, DECODE_BAD_MPLS_LABEL2); } diff --git a/src/codecs/misc/cd_llc.cc b/src/codecs/misc/cd_llc.cc index 12a7d4e63..d68660022 100644 --- a/src/codecs/misc/cd_llc.cc +++ b/src/codecs/misc/cd_llc.cc @@ -119,7 +119,7 @@ bool LlcCodec::decode(const RawData& raw, CodecData& codec, DecodeData&) const EthLlcOther* ehllcother = reinterpret_cast(raw.data + sizeof(EthLlc)); - + if (ehllcother->org_code[0] == 0 && ehllcother->org_code[1] == 0 && ehllcother->org_code[2] == 0) diff --git a/src/connectors/tcp_connector/tcp_connector.cc b/src/connectors/tcp_connector/tcp_connector.cc index 4a61801d3..c975c42a7 100644 --- a/src/connectors/tcp_connector/tcp_connector.cc +++ b/src/connectors/tcp_connector/tcp_connector.cc @@ -167,7 +167,7 @@ void TcpConnector::process_receive() { if (errno != EINTR) { - + char error_msg[1024] = {0}; if (strerror_r(errno, error_msg, sizeof(error_msg)) == 0) ErrorMessage("TcpC Input Thread: Error polling on socket %d: %s\n", pfds[0].fd, error_msg); @@ -413,7 +413,7 @@ static TcpConnector* tcp_connector_tinit_answer(TcpConnectorConfig* cfg, const c if (strerror_r(errno, error_msg, sizeof(error_msg)) == 0) ErrorMessage("accept() failure: %s\n", error_msg); else - ErrorMessage("accept() failure: %d\n", errno); + ErrorMessage("accept() failure: %d\n", errno); return nullptr; } diff --git a/src/connectors/tcp_connector/test/tcp_connector_test.cc b/src/connectors/tcp_connector/test/tcp_connector_test.cc index 1fa6d9cc3..b844907ce 100644 --- a/src/connectors/tcp_connector/test/tcp_connector_test.cc +++ b/src/connectors/tcp_connector/test/tcp_connector_test.cc @@ -79,7 +79,7 @@ void ErrorMessage(const char*, ...) { } void LogMessage(const char*, ...) { } } -int connect (int, const struct sockaddr*, socklen_t) { return s_connect_return; } +int connect (int, const struct sockaddr*, socklen_t) { return s_connect_return; } ssize_t send (int, const void*, size_t n, int) { if ( n == sizeof(TcpConnectorMsgHdr) ) diff --git a/src/decompress/file_decomp.cc b/src/decompress/file_decomp.cc index 3749b6e7e..45e7c194a 100644 --- a/src/decompress/file_decomp.cc +++ b/src/decompress/file_decomp.cc @@ -420,7 +420,7 @@ void File_Decomp_Alert(fd_session_t* SessionPtr, int Event) } // namespace snort //-------------------------------------------------------------------------- -// unit tests +// unit tests //-------------------------------------------------------------------------- #ifdef UNIT_TEST diff --git a/src/decompress/file_decomp_pdf.cc b/src/decompress/file_decomp_pdf.cc index e19e152c9..501272380 100644 --- a/src/decompress/file_decomp_pdf.cc +++ b/src/decompress/file_decomp_pdf.cc @@ -1144,7 +1144,7 @@ fd_status_t File_Decomp_PDF(fd_session_t* SessionPtr) } //-------------------------------------------------------------------------- -// unit tests +// unit tests //-------------------------------------------------------------------------- #ifdef UNIT_TEST diff --git a/src/decompress/file_decomp_swf.cc b/src/decompress/file_decomp_swf.cc index 466da4392..cfcdbf185 100644 --- a/src/decompress/file_decomp_swf.cc +++ b/src/decompress/file_decomp_swf.cc @@ -333,7 +333,7 @@ fd_status_t File_Decomp_SWF(fd_session_t* SessionPtr) } //-------------------------------------------------------------------------- -// unit tests +// unit tests //-------------------------------------------------------------------------- #ifdef UNIT_TEST diff --git a/src/detection/context_switcher.cc b/src/detection/context_switcher.cc index 46b53c0ab..3c2f9c949 100644 --- a/src/detection/context_switcher.cc +++ b/src/detection/context_switcher.cc @@ -70,7 +70,7 @@ void ContextSwitcher::start() IpsContext* c = idle.back(); assert(c->state == IpsContext::IDLE); assert(!c->has_callbacks()); - + c->context_num = ++global_context_num; trace_logf(detection, TRACE_DETECTION_ENGINE, "(wire) %" PRIu64 " cs::start %" PRIu64 " (i=%zu, b=%zu)\n", get_packet_number(), c->context_num, idle.size(), busy.size()); @@ -79,7 +79,7 @@ void ContextSwitcher::start() c->packet->active = c->packet->active_inst; c->packet->active->reset(); - c->packet->action = &c->packet->action_inst; + c->packet->action = &c->packet->action_inst; c->state = IpsContext::BUSY; busy.emplace_back(c); @@ -130,7 +130,7 @@ void ContextSwitcher::abort() if ( c->packet->flow ) c->packet->flow->context_chain.abort(); - + c->abort(); c->state = IpsContext::IDLE; c->clear_callbacks(); @@ -176,7 +176,7 @@ IpsContext* ContextSwitcher::complete() c->clear_context_data(); c->state = IpsContext::IDLE; idle.emplace_back(c); - + if ( busy.empty() ) return nullptr; @@ -189,7 +189,7 @@ void ContextSwitcher::suspend() IpsContext* c = busy.back(); assert(c->state == IpsContext::BUSY); - + trace_logf(detection, TRACE_DETECTION_ENGINE, "%" PRIu64 " cs::suspend %" PRIu64 " (i=%zu, b=%zu, wh=%zu)\n", c->packet_number, c->context_num, idle.size(), busy.size(), contexts.size() - idle.size() - busy.size()); @@ -271,7 +271,7 @@ TEST_CASE("ContextSwitcher single wire", "[ContextSwitcher]") _2_ _3_ / | \ / | \ *4*5 6 7 8 9 - + 6 2 7 8 9 3 1 */ @@ -291,7 +291,7 @@ TEST_CASE("ContextSwitcher single wire", "[ContextSwitcher]") CHECK(c5->state == IpsContext::BUSY); mgr.complete(); CHECK(c5->state == IpsContext::IDLE); - + c6 = mgr.interrupt(); CHECK(c6->state == IpsContext::BUSY); c6->packet->set_offloaded(); @@ -333,7 +333,7 @@ TEST_CASE("ContextSwitcher single wire", "[ContextSwitcher]") CHECK(c1->state == IpsContext::SUSPENDED); std::vector expected = { c6, c2, c7, c8, c9, c3, c1 }; - + for ( auto& e : expected ) { mgr.resume(e); @@ -361,7 +361,7 @@ TEST_CASE("ContextSwitcher multi wire", "[ContextSwitcher]") c->packet->flow = new Flow; mgr.push(c); } - + mgr.start(); c1 = mgr.get_context(); mgr.suspend(); diff --git a/src/detection/detection_engine.cc b/src/detection/detection_engine.cc index 040c09c1b..cb4bb57f1 100644 --- a/src/detection/detection_engine.cc +++ b/src/detection/detection_engine.cc @@ -176,7 +176,7 @@ Packet* DetectionEngine::set_next_packet(Packet* parent) p->active = parent->active; p->action = parent->action; } - + // processing but parent is already gone (flow cache flush etc..) else if ( Analyzer::get_switcher()->get_context() ) { @@ -185,7 +185,7 @@ Packet* DetectionEngine::set_next_packet(Packet* parent) p->active = get_current_packet()->active; p->action = get_current_packet()->action; } - + // shutdown, so use a dummy so null checking is not needed everywhere else { @@ -227,7 +227,7 @@ void DetectionEngine::finish_inspect(Packet* p, bool inspected) // this also handles block pending state Stream::check_flow_closed(p); - if ( inspected and !p->context->next() ) + if ( inspected and !p->context->next() ) InspectorManager::clear(p); clear_events(p); @@ -296,16 +296,16 @@ IpsContextData* DetectionEngine::get_data(unsigned id, IpsContext* context) } void DetectionEngine::add_replacement(const std::string& s, unsigned off) -{ +{ Replacement r; r.data = s; r.offset = off; - Analyzer::get_switcher()->get_context()->rpl.emplace_back(r); + Analyzer::get_switcher()->get_context()->rpl.emplace_back(r); } bool DetectionEngine::get_replacement(std::string& s, unsigned& off) -{ +{ if ( Analyzer::get_switcher()->get_context()->rpl.empty() ) return false; @@ -459,12 +459,12 @@ void DetectionEngine::onload() trace_logf(detection, TRACE_DETECTION_ENGINE, "%" PRIu64 " de::onload %" PRIu64 " (r=%d)\n", p->context->packet_number, p->context->context_num, offloader->count()); - + p->clear_offloaded(); - + IpsContextChain& chain = p->flow ? p->flow->context_chain : Analyzer::get_switcher()->non_flow_chain; - + resume_ready_suspends(chain); } } @@ -488,8 +488,8 @@ void DetectionEngine::complete(Packet* p) ContextSwitcher* sw = Analyzer::get_switcher(); sw->resume(p->context); - - if ( p->is_detection_enabled(p->packet_flags & PKT_FROM_CLIENT) ) + + if ( p->is_detection_enabled(p->packet_flags & PKT_FROM_CLIENT) ) fp_complete(p); } diff --git a/src/detection/detection_engine.h b/src/detection/detection_engine.h index 4dd5db3e5..5edf575f2 100644 --- a/src/detection/detection_engine.h +++ b/src/detection/detection_engine.h @@ -88,7 +88,7 @@ public: static int queue_event(const struct OptTreeNode*); static int queue_event(unsigned gid, unsigned sid, Actions::Type = Actions::NONE); - + static void disable_all(Packet*); static bool all_disabled(Packet*); diff --git a/src/detection/fp_detect.cc b/src/detection/fp_detect.cc index 7985f9254..b7ac4fc29 100644 --- a/src/detection/fp_detect.cc +++ b/src/detection/fp_detect.cc @@ -115,7 +115,7 @@ static inline void fpLogOther( otn->sigInfo.gid, otn->sigInfo.sid, otn->sigInfo.rev, Actions::get_string((Actions::Type)action)); } - + // rule option actions are queued here (eg replace) otn_trigger_actions(otn, p); diff --git a/src/detection/ips_context.cc b/src/detection/ips_context.cc index 1d6e0b29d..15196214e 100644 --- a/src/detection/ips_context.cc +++ b/src/detection/ips_context.cc @@ -204,7 +204,7 @@ TEST_CASE("IpsContext post detection", "[IpsContext]") TEST_CASE("IpsContext Link", "[IpsContext]") { IpsContext c0, c1, c2; - + CHECK(c0.dependencies() == nullptr); CHECK(c0.next() == nullptr); @@ -256,7 +256,7 @@ TEST_CASE("IpsContext Abort, [IpsContext]") c0.link(&c1); c1.link(&c2); c2.link(&c3); - + // mid list // c0 <- c1 <- c2 <- c3 // c0 <- c2 <- c3 @@ -289,7 +289,7 @@ TEST_CASE("IpsContext Abort, [IpsContext]") CHECK(c2.next() == nullptr); CHECK(c3.dependencies() == nullptr); CHECK(c3.next() == nullptr); - + // only c2.abort(); CHECK(c2.dependencies() == nullptr); diff --git a/src/detection/ips_context.h b/src/detection/ips_context.h index 17ec32ab3..00c773493 100644 --- a/src/detection/ips_context.h +++ b/src/detection/ips_context.h @@ -126,7 +126,7 @@ public: next_to_process->depends_on = depends_on; if ( depends_on ) - depends_on->next_to_process = next_to_process; + depends_on->next_to_process = next_to_process; depends_on = next_to_process = nullptr; } @@ -153,7 +153,7 @@ public: uint64_t context_num; uint64_t packet_number; ActiveRules active_rules; - State state; + State state; bool check_tags; bool clear_inspectors; diff --git a/src/detection/ips_context_chain.cc b/src/detection/ips_context_chain.cc index 96e247030..a7de53c3e 100644 --- a/src/detection/ips_context_chain.cc +++ b/src/detection/ips_context_chain.cc @@ -49,7 +49,7 @@ void IpsContextChain::push_back(IpsContext* new_back) else { assert(!_front); - _front = _back = new_back; + _front = _back = new_back; } } @@ -85,7 +85,7 @@ TEST_CASE("IpsContextChain pop", "[IpsContextChain]") { IpsContextChain chain; IpsContext a, b, c; - + chain.push_back(&a); chain.push_back(&b); chain.push_back(&c); @@ -107,7 +107,7 @@ TEST_CASE("IpsContextChain abort", "[IpsContextChain]") { IpsContextChain chain; IpsContext a, b; - + chain.push_back(&a); chain.push_back(&b); chain.abort(); diff --git a/src/detection/ips_context_data.cc b/src/detection/ips_context_data.cc index d4c92d82e..3b673034b 100644 --- a/src/detection/ips_context_data.cc +++ b/src/detection/ips_context_data.cc @@ -40,10 +40,10 @@ using namespace snort; unsigned IpsContextData::ips_id = 0; unsigned IpsContextData::get_ips_id() -{ +{ ++ips_id; assert(ips_id < IpsContext::max_ips_id); - return ips_id; + return ips_id; } void IpsContextData::clear_ips_id() diff --git a/src/events/event_queue.cc b/src/events/event_queue.cc index caa53f757..a8a271893 100644 --- a/src/events/event_queue.cc +++ b/src/events/event_queue.cc @@ -35,7 +35,7 @@ ** event (gid,sid pair). This is now required to get events ** to be logged. The decoders and preprocessors are still ** configured independently, which allows them to inspect and -** call the alerting functions DetectionEngine::queue_event. +** call the alerting functions DetectionEngine::queue_event. ** ** Any event that has no otn associated with it's gid,sid pair ** will/should not alert, even if the preprocessor or decoder is diff --git a/src/flow/expect_cache.cc b/src/flow/expect_cache.cc index c2c8831a9..ae5425539 100644 --- a/src/flow/expect_cache.cc +++ b/src/flow/expect_cache.cc @@ -397,8 +397,7 @@ int ExpectCache::add_flow(const Packet *ctrlPkt, PktType type, IpProtocol ip_pro node->count = 0; last = nullptr; /* Only add TCP and UDP expected flows for now via the DAQ module. */ - if ((ip_proto == IpProtocol::TCP || ip_proto == IpProtocol::UDP) - && ctrlPkt->daq_instance) + if ((ip_proto == IpProtocol::TCP || ip_proto == IpProtocol::UDP) && ctrlPkt->daq_instance) ctrlPkt->daq_instance->add_expected(ctrlPkt, cliIP, cliPort, srvIP, srvPort, ip_proto, 1000, 0); } diff --git a/src/flow/flow.cc b/src/flow/flow.cc index c04fb0a45..272b1e02d 100644 --- a/src/flow/flow.cc +++ b/src/flow/flow.cc @@ -139,7 +139,7 @@ void Flow::term() if (assistant_gadget) assistant_gadget->rem_ref(); - + if ( ha_state ) delete ha_state; @@ -530,7 +530,7 @@ bool Flow::is_pdu_inorder(uint8_t dir) } void Flow::set_service(Packet* pkt, const char* new_service) -{ +{ service = new_service; DataBus::publish(FLOW_SERVICE_CHANGE_EVENT, pkt); -} +} diff --git a/src/flow/flow_cache.cc b/src/flow/flow_cache.cc index 9ff56697b..c31376a28 100644 --- a/src/flow/flow_cache.cc +++ b/src/flow/flow_cache.cc @@ -358,38 +358,38 @@ unsigned FlowCache::timeout(unsigned num_flows, time_t thetime) unsigned FlowCache::delete_active_flows(unsigned mode, unsigned num_to_delete, unsigned &deleted) { unsigned flows_to_check = hash_table->get_count(); - while ( num_to_delete && flows_to_check-- ) - { - auto flow = static_cast(hash_table->first()); - assert(flow); - if ( (mode == ALLOWED_FLOWS_ONLY and (flow->was_blocked() || flow->is_suspended())) - or (mode == OFFLOADED_FLOWS_TOO and flow->was_blocked()) ) - { - if (!hash_table->touch()) - break; - - continue; - } - - // we have a winner... - hash_table->remove(flow->key); - if ( flow->next ) - unlink_uni(flow); - - if ( flow->was_blocked() ) - delete_stats.update(FlowDeleteState::BLOCKED); - else if ( flow->is_suspended() ) + while ( num_to_delete && flows_to_check-- ) + { + auto flow = static_cast(hash_table->first()); + assert(flow); + if ( (mode == ALLOWED_FLOWS_ONLY and (flow->was_blocked() || flow->is_suspended())) + or (mode == OFFLOADED_FLOWS_TOO and flow->was_blocked()) ) + { + if (!hash_table->touch()) + break; + + continue; + } + + // we have a winner... + hash_table->remove(flow->key); + if ( flow->next ) + unlink_uni(flow); + + if ( flow->was_blocked() ) + delete_stats.update(FlowDeleteState::BLOCKED); + else if ( flow->is_suspended() ) delete_stats.update(FlowDeleteState::OFFLOADED); - else + else delete_stats.update(FlowDeleteState::ALLOWED); - delete flow; - --flows_allocated; - ++deleted; - --num_to_delete; - } + delete flow; + --flows_allocated; + ++deleted; + --num_to_delete; + } - return num_to_delete; + return num_to_delete; } unsigned FlowCache::delete_flows(unsigned num_to_delete) diff --git a/src/flow/flow_cache.h b/src/flow/flow_cache.h index 91be91ebc..394a0bb86 100644 --- a/src/flow/flow_cache.h +++ b/src/flow/flow_cache.h @@ -94,9 +94,8 @@ public: const FlowCacheConfig& get_flow_cache_config() const { return config; } - unsigned get_flows_allocated() const - { return flows_allocated; } - + unsigned get_flows_allocated() const + { return flows_allocated; } private: void push(snort::Flow*); @@ -104,8 +103,8 @@ private: void remove(snort::Flow*); void retire(snort::Flow*); unsigned prune_unis(PktType); - unsigned delete_active_flows - (unsigned mode, unsigned num_to_delete, unsigned &deleted); + unsigned delete_active_flows + (unsigned mode, unsigned num_to_delete, unsigned &deleted); private: static const unsigned cleanup_flows = 1; diff --git a/src/flow/flow_control.h b/src/flow/flow_control.h index a80ea4213..7e2ede91f 100644 --- a/src/flow/flow_control.h +++ b/src/flow/flow_control.h @@ -74,7 +74,7 @@ public: int add_expected( const snort::Packet* ctrlPkt, PktType, IpProtocol, const snort::SfIp *srcIP, uint16_t srcPort, - const snort::SfIp *dstIP, uint16_t dstPort, + const snort::SfIp *dstIP, uint16_t dstPort, char direction, snort::FlowData*); int add_expected( diff --git a/src/flow/ha.cc b/src/flow/ha.cc index 93708ec99..248f940bf 100644 --- a/src/flow/ha.cc +++ b/src/flow/ha.cc @@ -660,8 +660,8 @@ Flow* HighAvailability::process_daq_import(Packet& p, FlowKey& key) { if (FlowKey::compare(&key, flow->key, 0) == 0) { - if (flow->flow_state == Flow::FlowState::BLOCK) - { + if (flow->flow_state == Flow::FlowState::BLOCK) + { flow->disable_inspection(); p.disable_inspect = true; } diff --git a/src/flow/test/flow_cache_test.cc b/src/flow/test/flow_cache_test.cc index afcc5e548..c263a4017 100644 --- a/src/flow/test/flow_cache_test.cc +++ b/src/flow/test/flow_cache_test.cc @@ -115,8 +115,8 @@ void Stream::stop_inspection(Flow*, Packet*, char, int32_t, int) { } int ExpectCache::add_flow(const Packet*, PktType, IpProtocol, const SfIp*, uint16_t, const SfIp*, uint16_t, char, FlowData*, SnortProtocolId) -{ - return 1; +{ + return 1; } TEST_GROUP(flow_prune) { }; @@ -136,7 +136,7 @@ TEST(flow_prune, empty_cache_prune_flows) // Do not delete blocked flow TEST(flow_prune, blocked_flow_prune_flows) -{ +{ FlowCacheConfig fcg; fcg.max_flows = 2; FlowCache *cache = new FlowCache(fcg); @@ -148,7 +148,7 @@ TEST(flow_prune, blocked_flow_prune_flows) FlowKey flow_key; memset(&flow_key, 0, sizeof(FlowKey)); flow_key.pkt_type = PktType::TCP; - + flow_key.port_l = first_port; cache->allocate(&flow_key); @@ -165,7 +165,7 @@ TEST(flow_prune, blocked_flow_prune_flows) flow_key.port_l = first_port; CHECK(cache->find(&flow_key) != nullptr); - // Prune one flow. This should delete the MRU flow, since + // Prune one flow. This should delete the MRU flow, since // LRU flow is blocked CHECK(cache->delete_flows(1) == 1); @@ -255,4 +255,4 @@ TEST(flow_prune, prune_all_blocked_flows) int main(int argc, char** argv) { return CommandLineTestRunner::RunAllTests(argc, argv); -} +} diff --git a/src/flow/test/flow_control_test.cc b/src/flow/test/flow_control_test.cc index 0a9bf5a8e..b6518acc6 100644 --- a/src/flow/test/flow_control_test.cc +++ b/src/flow/test/flow_control_test.cc @@ -73,10 +73,10 @@ Flow* FlowCache::find(const FlowKey*) { return nullptr; } Flow* FlowCache::allocate(const FlowKey*) { return nullptr; } void FlowCache::push(Flow*) { } bool FlowCache::prune_one(PruneReason, bool) { return true; } -unsigned FlowCache::delete_flows(unsigned) { return 0; } +unsigned FlowCache::delete_flows(unsigned) { return 0; } unsigned FlowCache::timeout(unsigned, time_t) { return 1; } void Flow::init(PktType) { } -void set_network_policy(SnortConfig*, unsigned) { } +void set_network_policy(SnortConfig*, unsigned) { } void DataBus::publish(const char*, const uint8_t*, unsigned, Flow*) { } void DataBus::publish(const char*, Packet*, Flow*) { } SnortConfig* SnortConfig::get_conf() { return nullptr; } diff --git a/src/flow/test/flow_test.cc b/src/flow/test/flow_test.cc index f1080fbf0..6dc767d8f 100644 --- a/src/flow/test/flow_test.cc +++ b/src/flow/test/flow_test.cc @@ -106,10 +106,10 @@ TEST(nondefault_timeout, hard_expiration) flow->set_default_session_timeout(validate, true); flow->set_hard_expiration(); flow->set_expire(&pkt, validate); - + CHECK( flow->is_hard_expiration() == true); CHECK( flow->expire_time == validate ); - + delete flow; } diff --git a/src/framework/codec.cc b/src/framework/codec.cc index 2c83030df..10456512f 100644 --- a/src/framework/codec.cc +++ b/src/framework/codec.cc @@ -217,7 +217,7 @@ TEST_CASE("clear", "[buffer]") Buffer buf(raw_buf, 1); buf.allocate(1); buf.clear(); - + CHECK( buf.data() == &raw_buf[1] ); // 1 past the "known" buffer CHECK( buf.size() == 0 ); } diff --git a/src/framework/range.cc b/src/framework/range.cc index aaf0c3b19..69c7b8f51 100644 --- a/src/framework/range.cc +++ b/src/framework/range.cc @@ -611,7 +611,7 @@ TEST_CASE("validate", "[RangeCheck]") CHECK(rc.validate("2<>4", ":8")); // in hex CHECK(rc.validate("2<>4", "0x1:0x0A")); - + // invalid low CHECK(!rc.validate("2<>4", "3:")); // invalid hi diff --git a/src/hash/hashfcn.cc b/src/hash/hashfcn.cc index 56f6964ba..b8efc25b1 100644 --- a/src/hash/hashfcn.cc +++ b/src/hash/hashfcn.cc @@ -77,9 +77,7 @@ HashFnc* hashfcn_new(int m) void hashfcn_free(HashFnc* p) { if ( p ) - { snort_free(p); - } } unsigned hashfcn_hash(HashFnc* p, const unsigned char* d, int n) @@ -167,22 +165,20 @@ void mix_str( } } -size_t str_to_hash(const uint8_t *str, int length ) +uint32_t str_to_hash(const uint8_t *str, size_t length) { - size_t a = 0, b = 0, c = 0; + uint32_t a = 0, b = 0, c = 0; - for (int i = 0, j = 0; i < length; i += 4) + for (size_t i = 0, j = 0; i < length; i += 4) { - size_t tmp = 0; - int k = length - i; + uint32_t tmp = 0; + size_t k = length - i; if (k > 4) - k=4; + k = 4; - for (int m = 0; m < k; m++) - { - tmp |= *(str + i + m) << m*8; - } + for (size_t m = 0; m < k; m++) + tmp |= *(str + i + m) << m * 8; switch (j) { @@ -200,12 +196,12 @@ size_t str_to_hash(const uint8_t *str, int length ) if (j == 3) { - mix(a,b,c); + mix(a, b, c); j = 0; } } - finalize(a,b,c); + finalize(a, b, c); return c; } } //namespace snort diff --git a/src/hash/hashfcn.h b/src/hash/hashfcn.h index eb7742868..706f45c0c 100644 --- a/src/hash/hashfcn.h +++ b/src/hash/hashfcn.h @@ -17,32 +17,33 @@ // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. //-------------------------------------------------------------------------- -#ifndef HashFnc_H -#define HashFnc_H +#ifndef HASHFCN_H +#define HASHFCN_H #include "main/snort_types.h" -#define rot(x,k) (((x)<<(k)) | ((x)>>(32-(k)))) - -#define mix(a,b,c) \ -{ \ - (a) -= (c); (a) ^= rot(c, 4); (c) += (b); \ - (b) -= (a); (b) ^= rot(a, 6); (a) += (c); \ - (c) -= (b); (c) ^= rot(b, 8); (b) += (a); \ - (a) -= (c); (a) ^= rot(c,16); (c) += (b); \ - (b) -= (a); (b) ^= rot(a,19); (a) += (c); \ - (c) -= (b); (c) ^= rot(b, 4); (b) += (a); \ -} - -#define finalize(a,b,c) \ -{ \ - (c) ^= (b); (c) -= rot(b,14); \ - (a) ^= (c); (a) -= rot(c,11); \ - (b) ^= (a); (b) -= rot(a,25); \ - (c) ^= (b); (c) -= rot(b,16); \ - (a) ^= (c); (a) -= rot(c,4); \ - (b) ^= (a); (b) -= rot(a,14); \ - (c) ^= (b); (c) -= rot(b,24); \ +namespace +{ + inline uint32_t rot(uint32_t x, unsigned k) { return (x << k) | (x >> (32 - k)); } + inline void mix(uint32_t& a, uint32_t& b, uint32_t& c) + { + a -= c; a ^= rot(c, 4); c += b; + b -= a; b ^= rot(a, 6); a += c; + c -= b; c ^= rot(b, 8); b += a; + a -= c; a ^= rot(c,16); c += b; + b -= a; b ^= rot(a,19); a += c; + c -= b; c ^= rot(b, 4); b += a; + } + inline void finalize(uint32_t& a, uint32_t& b, uint32_t& c) + { + c ^= b; c -= rot(b,14); + a ^= c; a -= rot(c,11); + b ^= a; b -= rot(a,25); + c ^= b; c -= rot(b,16); + a ^= c; a -= rot(c,4); + b ^= a; b -= rot(a,14); + c ^= b; c -= rot(b,24); + } } namespace snort @@ -52,7 +53,7 @@ SO_PUBLIC void mix_str( // n == 0 => strlen(s) const char* s, unsigned n = 0); -SO_PUBLIC size_t str_to_hash(const uint8_t *str, int length); +SO_PUBLIC uint32_t str_to_hash(const uint8_t *str, size_t length); } struct HashFnc @@ -74,7 +75,7 @@ int hashfcn_set_keyops( HashFnc*, // FIXIT-H use types for these callbacks unsigned (* hash_fcn)(HashFnc* p, const unsigned char* d, int n), - int (* keycmp_fcn)(const void* s1, const void* s2, size_t n) ); + int (* keycmp_fcn)(const void* s1, const void* s2, size_t n)); #endif diff --git a/src/hash/test/ghash_test.cc b/src/hash/test/ghash_test.cc index 4033b5ced..23ea06246 100644 --- a/src/hash/test/ghash_test.cc +++ b/src/hash/test/ghash_test.cc @@ -190,7 +190,7 @@ TEST(ghash, userfree_test) // it should not be found CHECK(ghash_find(t, str) == nullptr); - + // try to remove a node that is not in the table CHECK(ghash_remove(t, str) == GHASH_ERR); diff --git a/src/hash/test/lru_cache_shared_test.cc b/src/hash/test/lru_cache_shared_test.cc index 3993a6cd4..9ec099676 100644 --- a/src/hash/test/lru_cache_shared_test.cc +++ b/src/hash/test/lru_cache_shared_test.cc @@ -149,10 +149,10 @@ TEST(lru_cache_shared, find_else_insert) std::shared_ptr data(new std::string("12345")); LruCacheShared > lru_cache(1); - CHECK(false == lru_cache.find_else_insert(1,data)); + CHECK(false == lru_cache.find_else_insert(1,data)); CHECK(1 == lru_cache.size()); - CHECK(true == lru_cache.find_else_insert(1,data)); + CHECK(true == lru_cache.find_else_insert(1,data)); CHECK(1 == lru_cache.size()); } diff --git a/src/hash/test/xhash_test.cc b/src/hash/test/xhash_test.cc index 709573c98..4ee2daeb1 100644 --- a/src/hash/test/xhash_test.cc +++ b/src/hash/test/xhash_test.cc @@ -66,10 +66,10 @@ TEST(xhash, create_xhash_test) TEST(xhash, free_anr_lru_invalid_test) { int ret = xhash_free_anr_lru(nullptr); - CHECK(ret == XHASH_ERR); + CHECK(ret == XHASH_ERR); } -// Create a free node in xhash and verifies if xhash_free_anr_lru() deletes it +// Create a free node in xhash and verifies if xhash_free_anr_lru() deletes it TEST(xhash, free_anr_lru_delete_free_node_test) { XHash* test_table = xhash_new(3, sizeof(struct xhash_test_key), @@ -86,7 +86,7 @@ TEST(xhash, free_anr_lru_delete_free_node_test) CHECK(ret == XHASH_OK); ret = xhash_free_anr_lru(test_table); - CHECK(ret == XHASH_OK); + CHECK(ret == XHASH_OK); XHashNode* xhnode = xhash_find_node(test_table, &xtk); CHECK(xhnode == nullptr); @@ -179,7 +179,7 @@ TEST(xhash, xhash_change_memcap_less_than_used_test) unsigned max_work = 0; unsigned new_memcap = test_table->mc.memused-1; - ret = xhash_change_memcap(test_table, new_memcap, &max_work); + ret = xhash_change_memcap(test_table, new_memcap, &max_work); CHECK(ret == XHASH_OK); CHECK(test_table->mc.memcap == new_memcap); xhash_delete(test_table); diff --git a/src/ips_options/ips_byte_jump.cc b/src/ips_options/ips_byte_jump.cc index 87ecab86d..8083d1d0d 100644 --- a/src/ips_options/ips_byte_jump.cc +++ b/src/ips_options/ips_byte_jump.cc @@ -523,7 +523,7 @@ bool ByteJumpModule::set(const char*, Value& v, SnortConfig*) else if ( v.is("bitmask") ) data.bitmask_val = v.get_uint32(); - + else return false; diff --git a/src/ips_options/ips_byte_test.cc b/src/ips_options/ips_byte_test.cc index 905d47f6f..bf66ae0ae 100644 --- a/src/ips_options/ips_byte_test.cc +++ b/src/ips_options/ips_byte_test.cc @@ -78,7 +78,7 @@ * msg: "got DEADBEEF!";) * * alert tcp any any -> any any \ - * (byte_test:2, =, 568, 0, bitmask 0x3FF0; \ + * (byte_test:2, =, 568, 0, bitmask 0x3FF0; \ * msg:"got 568 after applying bitmask 0x3FF0 on 2 bytes extracted";) * * Effect: diff --git a/src/loggers/alert_fast.cc b/src/loggers/alert_fast.cc index af2085241..04b564adf 100644 --- a/src/loggers/alert_fast.cc +++ b/src/loggers/alert_fast.cc @@ -183,7 +183,7 @@ FastLogger::FastLogger(FastModule* m) // could be configurable; and should be should be shared with u2 Inspector* ins = InspectorManager::get_inspector("http_inspect"); - + if ( !ins ) return; diff --git a/src/main.cc b/src/main.cc index 717d426c2..89affe47a 100644 --- a/src/main.cc +++ b/src/main.cc @@ -343,9 +343,9 @@ int main_reload_config(lua_State* L) if ( !sc ) { if (get_reload_errors()) - current_request->respond("== reload failed - restart required\n"); + current_request->respond("== reload failed - restart required\n"); else - current_request->respond("== reload failed - bad config\n"); + current_request->respond("== reload failed - bad config\n"); SnortConfig::set_parser_conf(nullptr); return 0; diff --git a/src/main/analyzer_command.cc b/src/main/analyzer_command.cc index 8bad70d9b..c1b32a603 100644 --- a/src/main/analyzer_command.cc +++ b/src/main/analyzer_command.cc @@ -180,7 +180,7 @@ ACDAQSwap::~ACDAQSwap() LogMessage("== daq module reload complete\n"); } -SFDAQInstance* AnalyzerCommand::get_daq_instance(Analyzer& analyzer) +SFDAQInstance* AnalyzerCommand::get_daq_instance(Analyzer& analyzer) { return analyzer.get_daq_instance(); } diff --git a/src/main/request.cc b/src/main/request.cc index a028d0953..8d7a0d192 100644 --- a/src/main/request.cc +++ b/src/main/request.cc @@ -47,9 +47,9 @@ bool Request::read(const int& f) fd = f; while ( (bytes_read < sizeof(read_buf)) and ((n = ::read(fd, &buf, 1)) > 0) ) { - read_buf[bytes_read++] = buf; + read_buf[bytes_read++] = buf; - if (buf == '\n') + if (buf == '\n') { newline_found = true; break; @@ -87,7 +87,7 @@ void Request::respond(const char* s, bool queue_response, bool remote_only) { if (remote_only && (fd == STDOUT_FILENO)) return; - + if ( fd < 1 ) { if (!remote_only) diff --git a/src/main/snort_debug.cc b/src/main/snort_debug.cc index 03ac19db5..a6ed56a78 100644 --- a/src/main/snort_debug.cc +++ b/src/main/snort_debug.cc @@ -54,7 +54,7 @@ static inline void trace_vprintf(const char* name, Trace mask, const char* file, int size; if (name) - { + { size = snprintf(buf, buf_len, "%s: ", name); if ( size >= buf_len ) size = buf_len - 1; diff --git a/src/managers/inspector_manager.cc b/src/managers/inspector_manager.cc index 25aac0e86..ec700d209 100644 --- a/src/managers/inspector_manager.cc +++ b/src/managers/inspector_manager.cc @@ -518,7 +518,7 @@ bool InspectorManager::inspector_exists_in_any_policy(const char* key, SnortConf const InspectionPolicy* const pi = pm->get_inspection_policy(i); if ( !pi || !pi->framework_policy ) - continue; + continue; const PHInstance* const p = get_instance(pi->framework_policy, key); diff --git a/src/managers/module_manager.h b/src/managers/module_manager.h index a8c153d41..a7fc56904 100644 --- a/src/managers/module_manager.h +++ b/src/managers/module_manager.h @@ -83,7 +83,7 @@ public: static unsigned get_errors(); static void dump_stats(SnortConfig*, const char* skip = nullptr, bool dynamic = false); - + static void accumulate(SnortConfig*); static void accumulate_offload(const char* name); static void reset_stats(SnortConfig*); diff --git a/src/managers/plugin_manager.cc b/src/managers/plugin_manager.cc index 68b0a0492..418c02750 100644 --- a/src/managers/plugin_manager.cc +++ b/src/managers/plugin_manager.cc @@ -294,7 +294,7 @@ static void add_plugin(Plugin& p) case PT_INSPECTOR: // probes must always be global. they run regardless of selected policy. - assert( (m && ((const InspectApi*)p.api)->type == IT_PROBE) ? + assert( (m && ((const InspectApi*)p.api)->type == IT_PROBE) ? m->get_usage() == Module::GLOBAL : true ); diff --git a/src/network_inspectors/appid/appid_config.cc b/src/network_inspectors/appid/appid_config.cc index 1c6082d81..98ad1d64c 100644 --- a/src/network_inspectors/appid/appid_config.cc +++ b/src/network_inspectors/appid/appid_config.cc @@ -246,7 +246,7 @@ bool AppIdConfig::init_appid(SnortConfig* sc) // Handle the if condition in AppIdConfig::init_appid static bool once = false; if (!once) - { + { AppIdConfig::app_info_mgr.init_appid_info_table(mod_config, sc); HostPortCache::initialize(); HttpPatternMatchers* http_matchers = HttpPatternMatchers::get_instance(); diff --git a/src/network_inspectors/appid/appid_discovery.cc b/src/network_inspectors/appid/appid_discovery.cc index 91c747af1..a13dd5921 100644 --- a/src/network_inspectors/appid/appid_discovery.cc +++ b/src/network_inspectors/appid/appid_discovery.cc @@ -737,7 +737,7 @@ bool AppIdDiscovery::do_host_port_based_discovery(Packet* p, AppIdSession& asd, uint16_t port; const SfIp* ip; AppIdHttpSession* hsession = asd.get_http_session(); - + const TunnelDest* tun_dest = hsession->get_tun_dest(); if(tun_dest) { @@ -921,7 +921,7 @@ bool AppIdDiscovery::do_discovery(Packet* p, AppIdSession& asd, IpProtocol proto payload_id = asd.pick_payload_app_id(); client_id = asd.pick_client_app_id(); - misc_id = asd.pick_misc_app_id();; + misc_id = asd.pick_misc_app_id(); bool is_http_tunnel = ((asd.payload.get_id() == APP_ID_HTTP_TUNNEL) || (asd.payload.get_id() == APP_ID_HTTP_SSL_TUNNEL)) ? true:false; if (is_check_host_cache_valid(asd, service_id, client_id, payload_id, misc_id) or (is_http_tunnel)) diff --git a/src/network_inspectors/appid/appid_discovery.h b/src/network_inspectors/appid/appid_discovery.h index bd0354bf0..b89b26771 100644 --- a/src/network_inspectors/appid/appid_discovery.h +++ b/src/network_inspectors/appid/appid_discovery.h @@ -55,7 +55,7 @@ struct Packet; #define SCAN_HTTP_VENDOR_FLAG (1<<6) #define SCAN_HTTP_XWORKINGWITH_FLAG (1<<7) #define SCAN_HTTP_CONTENT_TYPE_FLAG (1<<8) -#define SCAN_HTTP_URI_FLAG (1<<9) +#define SCAN_HTTP_URI_FLAG (1<<9) class AppIdPatternMatchNode { diff --git a/src/network_inspectors/appid/appid_dns_session.h b/src/network_inspectors/appid/appid_dns_session.h index d13682fb5..207d481b8 100644 --- a/src/network_inspectors/appid/appid_dns_session.h +++ b/src/network_inspectors/appid/appid_dns_session.h @@ -34,7 +34,7 @@ public: void reset() { - host.clear();; + host.clear(); state = 0; response_type = 0; id = 0; diff --git a/src/network_inspectors/appid/appid_inspector.cc b/src/network_inspectors/appid/appid_inspector.cc index 8436d6ee5..18428ac41 100644 --- a/src/network_inspectors/appid/appid_inspector.cc +++ b/src/network_inspectors/appid/appid_inspector.cc @@ -178,7 +178,7 @@ void AppIdInspector::eval(Packet* p) { Profile profile(appid_perf_stats); appid_stats.packets++; - + if (p->flow) { AppIdDiscovery::do_application_discovery(p, *this); diff --git a/src/network_inspectors/appid/appid_session.cc b/src/network_inspectors/appid/appid_session.cc index 8b08e9ced..868f8e4c4 100644 --- a/src/network_inspectors/appid/appid_session.cc +++ b/src/network_inspectors/appid/appid_session.cc @@ -775,7 +775,7 @@ AppId AppIdSession::pick_payload_app_id() if (tp_payload_app_id_deferred) return tp_payload_app_id; - + if (payload.get_id() > APP_ID_NONE) return payload.get_id(); diff --git a/src/network_inspectors/appid/appid_types.h b/src/network_inspectors/appid/appid_types.h index a085a32e4..71ff249d7 100644 --- a/src/network_inspectors/appid/appid_types.h +++ b/src/network_inspectors/appid/appid_types.h @@ -26,7 +26,7 @@ enum AppidSessionDirection { APP_ID_FROM_INITIATOR, APP_ID_FROM_RESPONDER, - APP_ID_APPID_SESSION_DIRECTION_MAX + APP_ID_APPID_SESSION_DIRECTION_MAX }; #endif diff --git a/src/network_inspectors/appid/detector_plugins/detector_sip.cc b/src/network_inspectors/appid/detector_plugins/detector_sip.cc index 372888cc6..c64f5e905 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_sip.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_sip.cc @@ -329,14 +329,14 @@ static int get_sip_client_app(void* patternMatcher, const char* pattern, uint32_ } void SipServiceDetector::createRtpFlow(AppIdSession& asd, const Packet* pkt, const SfIp* cliIp, - uint16_t cliPort, const SfIp* srvIp, uint16_t srvPort, IpProtocol proto, int16_t app_id) + uint16_t cliPort, const SfIp* srvIp, uint16_t srvPort, IpProtocol protocol, int16_t app_id) { // FIXIT-RC: Passing app_id instead of SnortProtocolId to // create_future_session is incorrect. We need to look up // snort_protocol_id. AppIdSession* fp = AppIdSession::create_future_session( - pkt, cliIp, cliPort, srvIp, srvPort, proto, app_id, + pkt, cliIp, cliPort, srvIp, srvPort, protocol, app_id, APPID_EARLY_SESSION_FLAG_FW_RULE); if ( fp ) @@ -356,7 +356,7 @@ void SipServiceDetector::createRtpFlow(AppIdSession& asd, const Packet* pkt, con // create an RTCP flow as well AppIdSession* fp2 = AppIdSession::create_future_session( - pkt, cliIp, cliPort + 1, srvIp, srvPort + 1, proto, app_id, + pkt, cliIp, cliPort + 1, srvIp, srvPort + 1, protocol, app_id, APPID_EARLY_SESSION_FLAG_FW_RULE); if ( fp2 ) diff --git a/src/network_inspectors/appid/detector_plugins/detector_sip.h b/src/network_inspectors/appid/detector_plugins/detector_sip.h index 626c9fb68..3b4f72b12 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_sip.h +++ b/src/network_inspectors/appid/detector_plugins/detector_sip.h @@ -100,7 +100,7 @@ public: static void set_client(SipUdpClientDetector* cd) { SipEventHandler::client = cd; } static void set_service(SipServiceDetector* sd) { SipEventHandler::service = sd; } - + void subscribe(snort::SnortConfig* sc) { snort::DataBus::subscribe_global(SIP_EVENT_TYPE_SIP_DIALOG_KEY, this, sc); } diff --git a/src/network_inspectors/appid/detector_plugins/detector_smtp.cc b/src/network_inspectors/appid/detector_plugins/detector_smtp.cc index 007a78e38..4b159e227 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_smtp.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_smtp.cc @@ -594,7 +594,7 @@ done: if(args.asd.get_session_flags(APPID_SESSION_SERVICE_DETECTED)) args.asd.clear_session_flags(APPID_SESSION_CONTINUE | APPID_SESSION_CLIENT_GETS_SERVER_PACKETS); else - args.asd.clear_session_flags(APPID_SESSION_CLIENT_GETS_SERVER_PACKETS); + args.asd.clear_session_flags(APPID_SESSION_CLIENT_GETS_SERVER_PACKETS); args.asd.set_client_detected(); return APPID_SUCCESS; } diff --git a/src/network_inspectors/appid/http_xff_fields.h b/src/network_inspectors/appid/http_xff_fields.h index ac098e00d..073dec622 100644 --- a/src/network_inspectors/appid/http_xff_fields.h +++ b/src/network_inspectors/appid/http_xff_fields.h @@ -16,9 +16,9 @@ // with this program; if not, write to the Free Software Foundation, Inc., // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. //-------------------------------------------------------------------------- - -// http_xff_fields.h author Sourcefire Inc. - + +// http_xff_fields.h author Sourcefire Inc. + #ifndef HTTP_XFF_FIELDS_H #define HTTP_XFF_FIELDS_H diff --git a/src/network_inspectors/appid/lua_detector_api.h b/src/network_inspectors/appid/lua_detector_api.h index 82548da06..c613d73b1 100644 --- a/src/network_inspectors/appid/lua_detector_api.h +++ b/src/network_inspectors/appid/lua_detector_api.h @@ -107,7 +107,7 @@ public: // FIXIT-M: RELOAD - Don't use this class, required now to store LSD objects class LuaObject { - + public: LuaObject() = default; virtual ~LuaObject() = default; @@ -136,7 +136,7 @@ private: }; class LuaServiceObject: public LuaObject -{ +{ public: ServiceDetector* sd; LuaServiceObject(AppIdDiscovery* sdm, const std::string& detector_name, @@ -146,7 +146,7 @@ public: }; class LuaClientObject : public LuaObject -{ +{ public: ClientDetector* cd; LuaClientObject(AppIdDiscovery* cdm, const std::string& detector_name, diff --git a/src/network_inspectors/appid/lua_detector_module.cc b/src/network_inspectors/appid/lua_detector_module.cc index 7ec447068..81c341b24 100644 --- a/src/network_inspectors/appid/lua_detector_module.cc +++ b/src/network_inspectors/appid/lua_detector_module.cc @@ -90,7 +90,7 @@ bool get_lua_field(lua_State* L, int table, const char* field, IpProtocol& out) inline void set_control(lua_State* L, int is_control) { - lua_pushboolean (L, is_control); // push flag to stack + lua_pushboolean (L, is_control); // push flag to stack lua_setglobal(L, "is_control"); // create global key to store value lua_pop(L, 1); } diff --git a/src/network_inspectors/appid/service_plugins/service_ftp.cc b/src/network_inspectors/appid/service_plugins/service_ftp.cc index 011806cf3..ccc282311 100644 --- a/src/network_inspectors/appid/service_plugins/service_ftp.cc +++ b/src/network_inspectors/appid/service_plugins/service_ftp.cc @@ -81,7 +81,7 @@ struct ServiceFTPData uint16_t port; int part_code_resp = 0; int part_code_len; - + }; #pragma pack(1) @@ -307,7 +307,7 @@ static int CheckVendorVersion(const uint8_t* data, uint16_t init_offset, return 0; } -static FtpEolReturn ftp_parse_response(const uint8_t* data, uint16_t& offset, +static FtpEolReturn ftp_parse_response(const uint8_t* data, uint16_t& offset, uint16_t size, ServiceFTPData& fd, FTPReplyState rstate) { for (; offset < size; ++offset) @@ -347,26 +347,26 @@ static bool check_ret_digit_code(const uint8_t* code_raw, int start_digit_place, code += (code_raw[index] - '0') * 100; else ret = false; - break; + break; case 2: if (ret and fd.rstate == FTP_REPLY_BEGIN and code_raw[index ] >='0' and code_raw[index] <= '5') code += (code_raw[index] - '0') * 10; else if (ret and fd.rstate != FTP_REPLY_BEGIN and code_raw[index ] >='1' and code_raw[index] <= '5') code += (code_raw[index] - '0') * 10; - else + else ret = false; - break; - case 1: + break; + case 1: if (ret and isdigit(code_raw[index ])) code += (code_raw[index] - '0') ; - else + else ret = false; break; default: break; } } - + return ret; } @@ -397,9 +397,9 @@ static int ftp_validate_reply(const uint8_t* data, uint16_t& offset, fd.code = 0; ret_code = check_ret_digit_code(code_hdr->code, 3,1, fd.code, fd ); - + if(!ret_code) - return -1; + return -1; if (code_hdr->sp == '-') fd.rstate = FTP_REPLY_MULTI; @@ -465,12 +465,12 @@ static int ftp_validate_reply(const uint8_t* data, uint16_t& offset, } fd.rstate = FTP_REPLY_MID; - + if ( ftp_parse_response(data, offset, size, fd, tmp_state ) == FTP_INCORRECT_EOL) return -1; if (fd.rstate == FTP_REPLY_MID) fd.rstate = FTP_REPLY_LONG; - + break; case FTP_REPLY_MULTI: if (size - offset < (int)sizeof(ServiceFTPCode)) @@ -491,7 +491,7 @@ static int ftp_validate_reply(const uint8_t* data, uint16_t& offset, if (fd.rstate == FTP_REPLY_MID) fd.rstate = FTP_REPLY_LONG; - + } else { @@ -551,7 +551,7 @@ static int ftp_validate_reply(const uint8_t* data, uint16_t& offset, if(!ret_code) return -1; fd.code = tmp + fd.part_code_resp; - fd.part_code_resp = 0; + fd.part_code_resp = 0; if (ftp_parse_response(data, offset, size, fd, FTP_REPLY_LONG) == FTP_INCORRECT_EOL) return -1; @@ -877,7 +877,7 @@ static inline void WatchForCommandResult(ServiceFTPData* fd, AppIdSession& asd, } void FtpServiceDetector::create_expected_session(AppIdSession& asd, const Packet* pkt, const SfIp* cliIp, - uint16_t cliPort, const SfIp* srvIp, uint16_t srvPort, IpProtocol proto, + uint16_t cliPort, const SfIp* srvIp, uint16_t srvPort, IpProtocol protocol, int flags, AppidSessionDirection dir) { // FIXIT-M - Avoid thread locals @@ -886,7 +886,7 @@ void FtpServiceDetector::create_expected_session(AppIdSession& asd, const Packet ftp_data_snort_protocol_id = SnortConfig::get_conf()->proto_ref->find("ftp-data"); AppIdSession* fp = AppIdSession::create_future_session(pkt, cliIp, cliPort, srvIp, srvPort, - proto, ftp_data_snort_protocol_id, flags); + protocol, ftp_data_snort_protocol_id, flags); if (fp) // initialize data session { diff --git a/src/network_inspectors/appid/service_plugins/service_ftp.h b/src/network_inspectors/appid/service_plugins/service_ftp.h index 6f70d2f6b..cab73037c 100644 --- a/src/network_inspectors/appid/service_plugins/service_ftp.h +++ b/src/network_inspectors/appid/service_plugins/service_ftp.h @@ -34,9 +34,9 @@ public: int validate(AppIdDiscoveryArgs&) override; private: - void create_expected_session(AppIdSession& asd,const snort::Packet* pkt, + void create_expected_session(AppIdSession&, const snort::Packet*, const snort::SfIp* cliIp, uint16_t cliPort, const snort::SfIp* srvIp, - uint16_t srvPort, IpProtocol proto, int flags, AppidSessionDirection dir); + uint16_t srvPort, IpProtocol, int flags, AppidSessionDirection); }; #endif diff --git a/src/network_inspectors/appid/service_plugins/service_mdns.cc b/src/network_inspectors/appid/service_plugins/service_mdns.cc index 435bb4668..88e3fc20c 100644 --- a/src/network_inspectors/appid/service_plugins/service_mdns.cc +++ b/src/network_inspectors/appid/service_plugins/service_mdns.cc @@ -121,7 +121,7 @@ MdnsServiceDetector::~MdnsServiceDetector() } void MdnsServiceDetector::release_thread_resources() -{ +{ MatchedPatterns* node; destroy_match_list(); diff --git a/src/network_inspectors/appid/service_plugins/service_rexec.cc b/src/network_inspectors/appid/service_plugins/service_rexec.cc index b13d7104b..9fc83852e 100644 --- a/src/network_inspectors/appid/service_plugins/service_rexec.cc +++ b/src/network_inspectors/appid/service_plugins/service_rexec.cc @@ -105,7 +105,7 @@ static void rexec_free_state(void* data) void RexecServiceDetector::rexec_bail(ServiceREXECData* rd) { - if (!rd) + if (!rd) return; rd->state = REXEC_STATE_BAIL; if(rd->child) @@ -292,7 +292,7 @@ int RexecServiceDetector::validate(AppIdDiscoveryArgs& args) } goto bail; case REXEC_STATE_STDERR_WAIT: - if(!size) + if(!size) break; goto bail; case REXEC_STATE_STDERR_DONE: diff --git a/src/network_inspectors/appid/service_plugins/service_rshell.cc b/src/network_inspectors/appid/service_plugins/service_rshell.cc index 88302f27f..75e12b460 100644 --- a/src/network_inspectors/appid/service_plugins/service_rshell.cc +++ b/src/network_inspectors/appid/service_plugins/service_rshell.cc @@ -267,7 +267,7 @@ int RshellServiceDetector::validate(AppIdDiscoveryArgs& args) goto fail; if (size == 1 || *data == 0x01) { - if(size !=1) + if(size !=1) { data++; size--; @@ -278,12 +278,12 @@ int RshellServiceDetector::validate(AppIdDiscoveryArgs& args) } } if(rd->child) - { + { if(rd->child->state == RSHELL_STATE_STDERR_WAIT) rd->child->state = RSHELL_STATE_STDERR_DONE; else goto fail; - } + } args.asd.clear_session_flags(APPID_SESSION_CONTINUE); goto success; } diff --git a/src/network_inspectors/appid/service_plugins/service_ssl.cc b/src/network_inspectors/appid/service_plugins/service_ssl.cc index f97446254..69ea7bff5 100644 --- a/src/network_inspectors/appid/service_plugins/service_ssl.cc +++ b/src/network_inspectors/appid/service_plugins/service_ssl.cc @@ -495,7 +495,7 @@ static bool parse_certificates(ServiceSSLData* ss) { if ((start = strstr(cert_name, COMMON_NAME_STR))) { - int length; + int length; start += strlen(COMMON_NAME_STR); length = strlen(start); if (length > 2 and *start == '*' and *(start+1) == '.') diff --git a/src/network_inspectors/appid/test/appid_http_session_test.cc b/src/network_inspectors/appid/test/appid_http_session_test.cc index cb2e4c896..f5e9e7dc1 100644 --- a/src/network_inspectors/appid/test/appid_http_session_test.cc +++ b/src/network_inspectors/appid/test/appid_http_session_test.cc @@ -255,7 +255,7 @@ TEST(appid_http_session, set_tun_dest) AppidChangeBits change_bits; hsession.set_field(REQ_URI_FID, new std::string("[2001:db8:85a3::8a2e:370:7334]:51413"), change_bits); hsession.set_tun_dest(); - tun_dest = hsession.get_tun_dest(); + tun_dest = hsession.get_tun_dest(); CHECK(tun_dest != nullptr); CHECK_EQUAL(tun_dest->port, 51413); CHECK_EQUAL((ipv6 == tun_dest->ip), true); diff --git a/src/network_inspectors/appid/test/log_message_mock.h b/src/network_inspectors/appid/test/log_message_mock.h index e869af5b5..329c21477 100644 --- a/src/network_inspectors/appid/test/log_message_mock.h +++ b/src/network_inspectors/appid/test/log_message_mock.h @@ -12,7 +12,7 @@ using namespace std; namespace snort { // Note: without SO_PUBLIC this is not being exported so tp_mock.so won't -// load because of undefined symbol error. +// load because of undefined symbol error. SO_PUBLIC void ErrorMessage(const char* format,...) { va_list ap; diff --git a/src/network_inspectors/appid/tp_appid_utils.cc b/src/network_inspectors/appid/tp_appid_utils.cc index 8b0b53f58..9b1b9460f 100644 --- a/src/network_inspectors/appid/tp_appid_utils.cc +++ b/src/network_inspectors/appid/tp_appid_utils.cc @@ -210,7 +210,7 @@ static inline void process_http_session(AppIdSession& asd, hsession->set_offset(REQ_URI_FID, attribute_data.http_request_uri_begin(), attribute_data.http_request_uri_end()); - asd.scan_flags |= SCAN_HTTP_URI_FLAG; + asd.scan_flags |= SCAN_HTTP_URI_FLAG; if (appidDebug->is_active()) LogMessage("AppIdDbg %s URI (%u-%u) is %s\n", appidDebug->get_debug_session(), attribute_data.http_request_uri_begin(), @@ -447,28 +447,28 @@ static inline void process_rtmp(AppIdSession& asd, asd.scan_flags |= SCAN_HTTP_USER_AGENT_FLAG; } } - - if ( ( asd.scan_flags & SCAN_HTTP_USER_AGENT_FLAG ) and + + if ( ( asd.scan_flags & SCAN_HTTP_USER_AGENT_FLAG ) and asd.client.get_id() <= APP_ID_NONE and - ( field = hsession->get_field(REQ_AGENT_FID) ) and + ( field = hsession->get_field(REQ_AGENT_FID) ) and ( size = attribute_data.http_request_user_agent_end() - attribute_data.http_request_user_agent_begin() ) > 0 ) { char *version = nullptr; HttpPatternMatchers* http_matchers = HttpPatternMatchers::get_instance(); - - http_matchers->identify_user_agent(field->c_str(), size, service_id, + + http_matchers->identify_user_agent(field->c_str(), size, service_id, client_id, &version); - + asd.set_client_appid_data(client_id, change_bits, version); - + // do not overwrite a previously-set service if ( service_id <= APP_ID_NONE ) asd.set_service_appid_data(service_id, change_bits); - + asd.scan_flags |= ~SCAN_HTTP_USER_AGENT_FLAG; snort_free(version); - } + } if ( hsession->get_field(MISC_URL_FID) || (confidence == 100 && asd.session_packet_count > asd.config->mod_config->rtmp_max_packets) ) diff --git a/src/network_inspectors/binder/binder.cc b/src/network_inspectors/binder/binder.cc index aff1f41cd..f28b563f7 100644 --- a/src/network_inspectors/binder/binder.cc +++ b/src/network_inspectors/binder/binder.cc @@ -274,7 +274,7 @@ inline Binding::DirResult Binding::check_split_addr( if ( !when.src_nets && !when.dst_nets ) return dr; - + const SfIp* src_ip; const SfIp* dst_ip; @@ -299,14 +299,14 @@ inline Binding::DirResult Binding::check_split_port( { if ( !when.split_ports ) return dr; - + uint16_t src_port; uint16_t dst_port; if ( !p ) { - src_port = flow->client_port; - dst_port = flow->server_port; + src_port = flow->client_port; + dst_port = flow->server_port; } else if ( p->is_tcp() or p->is_udp() ) { @@ -399,7 +399,7 @@ bool Binding::check_all(const Flow* flow, Packet* p, const char* service) const { if (!check_service(service)) return false; - } + } else if ( !check_service(flow) ) return false; @@ -710,7 +710,7 @@ public: { Binder* binder = InspectorManager::get_binder(); AssistantGadgetEvent* assistant_event = (AssistantGadgetEvent*)&event; - + if (binder) binder->handle_assistant_gadget(assistant_event->get_service(), assistant_event->get_packet()); @@ -878,7 +878,7 @@ void Binder::handle_assistant_gadget(const char* service, Packet* p) Profile profile(bindPerfStats); Stuff stuff; Flow* flow = p->flow; - + get_bindings(flow, stuff, p, service); apply_assistant(flow, stuff, service); } diff --git a/src/network_inspectors/normalize/norm_module.cc b/src/network_inspectors/normalize/norm_module.cc index 6f170c774..cb894040f 100644 --- a/src/network_inspectors/normalize/norm_module.cc +++ b/src/network_inspectors/normalize/norm_module.cc @@ -191,7 +191,7 @@ static const Parameter s_params[] = //------------------------------------------------------------------------- // using string* instead of string because clang++ 5.1 -// vector::back() does not seem to return a reference +// vector::back() does not seem to return a reference // // FIXIT-L these are static since get_pegs() is const // consider making that non-const diff --git a/src/network_inspectors/packet_capture/capture_module.cc b/src/network_inspectors/packet_capture/capture_module.cc index e37f2834e..fefed5ed7 100644 --- a/src/network_inspectors/packet_capture/capture_module.cc +++ b/src/network_inspectors/packet_capture/capture_module.cc @@ -104,7 +104,7 @@ PacketCaptureDebug::PacketCaptureDebug(const char* f) { filter = f; enable = true; - } + } } bool PacketCaptureDebug::execute(Analyzer&, void**) diff --git a/src/network_inspectors/packet_capture/packet_capture.cc b/src/network_inspectors/packet_capture/packet_capture.cc index f5b45e892..60ce2a272 100644 --- a/src/network_inspectors/packet_capture/packet_capture.cc +++ b/src/network_inspectors/packet_capture/packet_capture.cc @@ -204,7 +204,7 @@ void PacketCapture::eval(Packet* p) if ( !capture_initialized() ) if ( !capture_init() ) return; - + if ( p->is_cooked() ) return; diff --git a/src/network_inspectors/packet_tracer/packet_tracer.cc b/src/network_inspectors/packet_tracer/packet_tracer.cc index 222fc00af..6b8a57f39 100644 --- a/src/network_inspectors/packet_tracer/packet_tracer.cc +++ b/src/network_inspectors/packet_tracer/packet_tracer.cc @@ -173,7 +173,7 @@ void PacketTracer::set_constraints(const PTSessionConstraints* constraints) LogMessage("Debugging packet tracer disabled\n"); s_pkt_trace->shell_enabled = false; } - else + else s_pkt_trace->update_constraints(constraints); } @@ -210,7 +210,7 @@ void PacketTracer::activate(const Packet& p) if ( p.pkth->flags & DAQ_PKT_FLAG_TRACE_ENABLED ) s_pkt_trace->daq_activated = true; - else + else s_pkt_trace->daq_activated = false; if (s_pkt_trace->daq_activated or s_pkt_trace->user_enabled or s_pkt_trace->shell_enabled) @@ -270,12 +270,12 @@ PacketTracer::~PacketTracer() } void PacketTracer::log(const char* format, va_list ap) -{ +{ // FIXIT-L Need to find way to add 'PktTracerDbg' string as part of format string. std::string dbg_str; if (shell_enabled) // only add debug string during shell execution { - dbg_str = "PktTracerDbg "; + dbg_str = "PktTracerDbg "; if (strcmp(format, "\n") != 0) dbg_str += get_debug_session(); dbg_str += format; @@ -301,7 +301,7 @@ void PacketTracer::add_ip_header_info(const Packet& p) const SfIp* actual_sip = p.ptrs.ip_api.get_src(); const SfIp* actual_dip = p.ptrs.ip_api.get_dst(); - + IpProtocol proto = p.get_ip_proto_next(); actual_sip->ntop(sipstr, sizeof(sipstr)); @@ -570,7 +570,7 @@ TEST_CASE("enable", "[PacketTracer]") CHECK(!TestPacketTracer::is_daq_enabled()); // user configuration remain enabled CHECK(TestPacketTracer::is_user_enabled()); - + TestPacketTracer::thread_term(); } @@ -617,14 +617,14 @@ TEST_CASE("reasons", "[PacketTracer]") TestPacketTracer::register_verdict_reason(low1, PacketTracer::PRIORITY_LOW); TestPacketTracer::register_verdict_reason(low2, PacketTracer::PRIORITY_LOW); TestPacketTracer::register_verdict_reason(high, PacketTracer::PRIORITY_HIGH); - + // Init CHECK((TestPacketTracer::get_reason() == VERDICT_REASON_NO_BLOCK)); - + // Update TestPacketTracer::set_reason(low1); CHECK((TestPacketTracer::get_reason() == low1)); - + // Don't update if already set TestPacketTracer::set_reason(VERDICT_REASON_NO_BLOCK); CHECK((TestPacketTracer::get_reason() == low1)); @@ -669,7 +669,7 @@ TEST_CASE("verbosity", "[PacketTracer]") TestPacketTracer::log(mute_2, "this should also log\n"); val = TestPacketTracer::get_buff(); CHECK((val == expected)); - + TestPacketTracer::thread_term(); } diff --git a/src/network_inspectors/packet_tracer/packet_tracer.h b/src/network_inspectors/packet_tracer/packet_tracer.h index d70e04df1..e8d28a60a 100644 --- a/src/network_inspectors/packet_tracer/packet_tracer.h +++ b/src/network_inspectors/packet_tracer/packet_tracer.h @@ -95,7 +95,7 @@ public: typedef uint8_t TracerMute; static const int max_buff_size = 2048; - // static functions + // static functions static void set_log_file(const std::string&); static void thread_init(); static void thread_term(); @@ -106,12 +106,12 @@ public: static void configure(bool status, const std::string& file_name); static void set_constraints(const PTSessionConstraints* constraints); static void activate(const snort::Packet&); - + static SO_PUBLIC void pause(); static SO_PUBLIC void unpause(); static SO_PUBLIC bool is_paused(); static SO_PUBLIC bool is_active(); - + static SO_PUBLIC TracerMute get_mute(); static SO_PUBLIC void register_verdict_reason(uint8_t reason_code, uint8_t priority); @@ -137,7 +137,7 @@ protected: char debug_session[PT_DEBUG_SESSION_ID_SIZE]; PTSessionConstraints info; - + // static functions template static void _thread_init(); @@ -157,9 +157,9 @@ protected: SO_PUBLIC extern THREAD_LOCAL PacketTracer* s_pkt_trace; -inline bool PacketTracer::is_active() +inline bool PacketTracer::is_active() { return s_pkt_trace ? s_pkt_trace->active : false; } } - + #endif diff --git a/src/network_inspectors/packet_tracer/packet_tracer_module.cc b/src/network_inspectors/packet_tracer/packet_tracer_module.cc index 9f7ab449f..c89162393 100644 --- a/src/network_inspectors/packet_tracer/packet_tracer_module.cc +++ b/src/network_inspectors/packet_tracer/packet_tracer_module.cc @@ -92,7 +92,7 @@ bool PacketTracerDebug::execute(Analyzer&, void**) { if (enable) PacketTracer::set_constraints(&constraints); - else + else PacketTracer::set_constraints(nullptr); return true; @@ -196,7 +196,7 @@ bool PacketTracerModule::begin(const char*, int, SnortConfig*) } bool PacketTracerModule::end(const char*, int, SnortConfig*) { - if (config != nullptr) + if (config != nullptr) { PacketTracer::configure(config->enabled, config->file); delete config; diff --git a/src/network_inspectors/perf_monitor/json_formatter.cc b/src/network_inspectors/perf_monitor/json_formatter.cc index 320532a35..3b4d30f92 100644 --- a/src/network_inspectors/perf_monitor/json_formatter.cc +++ b/src/network_inspectors/perf_monitor/json_formatter.cc @@ -48,7 +48,7 @@ void JSONFormatter::write(FILE* fh, time_t cur_time) for( unsigned i = 0; i < values.size(); i++ ) { bool head = false; - + for( unsigned j = 0; j < values[i].size(); j++ ) { switch( types[i][j] ) @@ -56,7 +56,7 @@ void JSONFormatter::write(FILE* fh, time_t cur_time) case FT_PEG_COUNT: if( *values[i][j].pc != 0 ) { - if( !head ) + if( !head ) { ss << ",\"" << section_names[i] << "\":{"; head = true; @@ -159,7 +159,7 @@ TEST_CASE("json output", "[JSONFormatter]") kvp.emplace_back(50); kvp.emplace_back(0); kvp.emplace_back(70); - + f.write(fh, (time_t)1234567890); one = 0; diff --git a/src/network_inspectors/port_scan/ipobj.cc b/src/network_inspectors/port_scan/ipobj.cc index 20549decf..f3d4636cb 100644 --- a/src/network_inspectors/port_scan/ipobj.cc +++ b/src/network_inspectors/port_scan/ipobj.cc @@ -36,9 +36,9 @@ using namespace snort; Snort Accepts: - IP-Address 192.168.1.1 - IP-Address/MaskBits 192.168.1.0/24 - IP-Address/Mask 192.168.1.0/255.255.255.0 + IP-Address 192.168.1.1 + IP-Address/MaskBits 192.168.1.0/24 + IP-Address/Mask 192.168.1.0/255.255.255.0 These can all be handled via the CIDR block notation : IP/MaskBits diff --git a/src/network_inspectors/port_scan/ipobj.h b/src/network_inspectors/port_scan/ipobj.h index 6717fdfea..5e6c6a655 100644 --- a/src/network_inspectors/port_scan/ipobj.h +++ b/src/network_inspectors/port_scan/ipobj.h @@ -62,9 +62,9 @@ struct IPSET Snort Accepts: - IP-Address 192.168.1.1 - IP-Address/MaskBits 192.168.1.0/24 - IP-Address/Mask 192.168.1.0/255.255.255.0 + IP-Address 192.168.1.1 + IP-Address/MaskBits 192.168.1.0/24 + IP-Address/Mask 192.168.1.0/255.255.255.0 These can all be handled via the CIDR block notation : IP/MaskBits diff --git a/src/network_inspectors/port_scan/port_scan.cc b/src/network_inspectors/port_scan/port_scan.cc index 4f96d9e6d..bd3f4de69 100644 --- a/src/network_inspectors/port_scan/port_scan.cc +++ b/src/network_inspectors/port_scan/port_scan.cc @@ -102,7 +102,7 @@ static void make_open_port_info(Packet* p, PS_PROTO* proto) static void make_open_port_info(Packet* p, uint16_t port) { DataBuffer& buf = DetectionEngine::get_alt_buffer(p); - + SfIpString ip_str; buf.len = safe_snprintf((char*)buf.data, sizeof(buf.data), diff --git a/src/packet_io/sfdaq_module.cc b/src/packet_io/sfdaq_module.cc index ee3bbeabf..d0d52cc58 100644 --- a/src/packet_io/sfdaq_module.cc +++ b/src/packet_io/sfdaq_module.cc @@ -49,7 +49,7 @@ static const Parameter daqvar_list_param[] = { nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr } }; -static const Parameter daq_module_param[] = +static const Parameter daq_module_param[] = { { "name", Parameter::PT_STRING, nullptr, nullptr, "DAQ module name (required)" }, { "mode", Parameter::PT_ENUM, "passive | inline | read-file", "passive", "DAQ module mode" }, diff --git a/src/parser/vars.cc b/src/parser/vars.cc index 5daab05e4..cd07d540a 100644 --- a/src/parser/vars.cc +++ b/src/parser/vars.cc @@ -819,7 +819,7 @@ void AddVarToTable(SnortConfig* sc, const char* name, const char* value) } //-------------------------------------------------------------------------- -// unit tests +// unit tests //-------------------------------------------------------------------------- #ifdef UNIT_TEST diff --git a/src/profiler/profiler_nodes.cc b/src/profiler/profiler_nodes.cc index efb770ec9..dec20d2d3 100644 --- a/src/profiler/profiler_nodes.cc +++ b/src/profiler/profiler_nodes.cc @@ -53,8 +53,8 @@ struct GetProfileFunctor struct GetProfileFromModule : public GetProfileFunctor { - GetProfileFromModule(const std::string& name, Module* m) : - GetProfileFunctor(name), m(m) { } + GetProfileFromModule(const std::string& pn, Module* m) : + GetProfileFunctor(pn), m(m) { } const ProfileStats* operator()() override { @@ -76,8 +76,8 @@ struct GetProfileFromModule : public GetProfileFunctor struct GetProfileFromFunction : public GetProfileFunctor { - GetProfileFromFunction(const std::string& name, get_profile_stats_fn fn) : - GetProfileFunctor(name), fn(fn) { } + GetProfileFromFunction(const std::string& pn, get_profile_stats_fn fn) : + GetProfileFunctor(pn), fn(fn) { } const ProfileStats* operator()() override { return fn(name.c_str()); } diff --git a/src/protocols/packet_manager.cc b/src/protocols/packet_manager.cc index e729c31a4..0fd3fb50d 100644 --- a/src/protocols/packet_manager.cc +++ b/src/protocols/packet_manager.cc @@ -590,13 +590,13 @@ const uint8_t* PacketManager::encode_reject(UnreachResponse type, checksum::Pseudoheader6 ps6; const int ip_len = buf.size(); - memcpy(ps6.sip, ip6h->get_src()->u6_addr8, sizeof(ps6.sip)); - memcpy(ps6.dip, ip6h->get_dst()->u6_addr8, sizeof(ps6.dip)); - ps6.zero = 0; - ps6.protocol = IpProtocol::ICMPV6; - ps6.len = htons((uint16_t)(ip_len)); + memcpy(ps6.hdr.sip, ip6h->get_src()->u6_addr8, sizeof(ps6.hdr.sip)); + memcpy(ps6.hdr.dip, ip6h->get_dst()->u6_addr8, sizeof(ps6.hdr.dip)); + ps6.hdr.zero = 0; + ps6.hdr.protocol = IpProtocol::ICMPV6; + ps6.hdr.len = htons((uint16_t)(ip_len)); - icmph->csum = checksum::icmp_cksum((uint16_t*)buf.data(), ip_len, &ps6); + icmph->csum = checksum::icmp_cksum((uint16_t*)buf.data(), ip_len, ps6); if (encode(p, flags, inner_ip_index, IpProtocol::ICMPV6, buf)) { diff --git a/src/protocols/ssl.h b/src/protocols/ssl.h index 6a0ebf155..10d79a7b5 100644 --- a/src/protocols/ssl.h +++ b/src/protocols/ssl.h @@ -201,7 +201,7 @@ struct SSLv2_shello_t #define SSL_IS_CKEYX(x) ((x) & SSL_CLIENT_KEYX_FLAG) #define SSL_IS_APP(x) (((x) & SSL_SAPP_FLAG) || ((x) & SSL_CAPP_FLAG)) #define SSL_IS_ALERT(x) ((x) & SSL_ALERT_FLAG) -#define SSL_CLEAR_TEMPORARY_FLAGS(x) x &= ~SSL_STATEFLAGS; +#define SSL_CLEAR_TEMPORARY_FLAGS(x) (x) &= ~SSL_STATEFLAGS /* Verifies that the error flags haven't been triggered */ #define SSL_IS_CLEAN(x) \ diff --git a/src/search_engines/acsmx.cc b/src/search_engines/acsmx.cc index 87291d0ef..77df5f641 100644 --- a/src/search_engines/acsmx.cc +++ b/src/search_engines/acsmx.cc @@ -62,8 +62,6 @@ using namespace snort; -#define MEMASSERT(p,s) if (!(p)) { fprintf(stderr,"ACSM-No Memory: %s\n",s); exit(0); } - static int max_memory = 0; static void* AC_MALLOC(int n) @@ -115,7 +113,6 @@ static ACSM_PATTERN* CopyMatchListEntry(ACSM_PATTERN* px) { ACSM_PATTERN* p; p = (ACSM_PATTERN*)AC_MALLOC(sizeof(ACSM_PATTERN)); - MEMASSERT(p, "CopyMatchListEntry"); memcpy(p, px, sizeof (ACSM_PATTERN)); px->udata->ref_count++; p->next = nullptr; @@ -130,7 +127,6 @@ static void AddMatchListEntry(ACSM_STRUCT* acsm, int state, ACSM_PATTERN* px) { ACSM_PATTERN* p; p = (ACSM_PATTERN*)AC_MALLOC(sizeof(ACSM_PATTERN)); - MEMASSERT(p, "AddMatchListEntry"); memcpy(p, px, sizeof (ACSM_PATTERN)); p->next = acsm->acsmStateTable[state].MatchList; acsm->acsmStateTable[state].MatchList = p; @@ -279,7 +275,6 @@ static void Convert_NFA_To_DFA(ACSM_STRUCT* acsm) ACSM_STRUCT* acsmNew(const MpseAgent* agent) { ACSM_STRUCT* p = (ACSM_STRUCT*)AC_MALLOC (sizeof (ACSM_STRUCT)); - MEMASSERT(p, "acsmNew"); if (p) { @@ -297,14 +292,12 @@ int acsmAddPattern( { ACSM_PATTERN* plist; plist = (ACSM_PATTERN*)AC_MALLOC (sizeof (ACSM_PATTERN)); - MEMASSERT(plist, "acsmAddPattern"); plist->patrn = (uint8_t*)AC_MALLOC (n); ConvertCaseEx (plist->patrn, pat, n); plist->casepatrn = (uint8_t*)AC_MALLOC (n); memcpy(plist->casepatrn, pat, n); plist->udata = (ACSM_USERDATA*)AC_MALLOC(sizeof(ACSM_USERDATA)); - MEMASSERT(plist->udata, "acsmAddPattern"); plist->udata->ref_count = 1; plist->udata->id = user; @@ -366,7 +359,6 @@ static inline int _acsmCompile(ACSM_STRUCT* acsm) } acsm->acsmStateTable = (ACSM_STATETABLE*)AC_MALLOC (sizeof (ACSM_STATETABLE) * acsm->acsmMaxStates); - MEMASSERT(acsm->acsmStateTable, "_acsmCompile"); /* Initialize state zero as a branch */ acsm->acsmNumStates = 0; diff --git a/src/search_engines/acsmx2.cc b/src/search_engines/acsmx2.cc index e5a3829b2..23036464f 100644 --- a/src/search_engines/acsmx2.cc +++ b/src/search_engines/acsmx2.cc @@ -128,8 +128,6 @@ using namespace snort; #define printf LogMessage -#define MEMASSERT(p,s) if (!(p)) { FatalError("ACSM-No Memory: %s\n",s); } - static int acsm2_total_memory = 0; static int acsm2_pattern_memory = 0; static int acsm2_matchlist_memory = 0; @@ -550,7 +548,6 @@ static ACSM_PATTERN2* CopyMatchListEntry(ACSM_PATTERN2* px) ACSM_PATTERN2* p; p = (ACSM_PATTERN2*)AC_MALLOC(sizeof (ACSM_PATTERN2), ACSM2_MEMORY_TYPE__MATCHLIST); - MEMASSERT(p, "CopyMatchListEntry"); memcpy(p, px, sizeof (ACSM_PATTERN2)); @@ -587,7 +584,6 @@ static void AddMatchListEntry(ACSM_STRUCT2* acsm, int state, ACSM_PATTERN2* px) ACSM_PATTERN2* p; p = (ACSM_PATTERN2*)AC_MALLOC(sizeof (ACSM_PATTERN2), ACSM2_MEMORY_TYPE__MATCHLIST); - MEMASSERT(p, "AddMatchListEntry"); memcpy(p, px, sizeof (ACSM_PATTERN2)); p->next = acsm->acsmMatchList[state]; @@ -1104,7 +1100,6 @@ static int Conv_Full_DFA_To_SparseBands(ACSM_STRUCT2* acsm) ACSM_STRUCT2* acsmNew2(const MpseAgent* agent, int format) { ACSM_STRUCT2* p = (ACSM_STRUCT2*)AC_MALLOC(sizeof (ACSM_STRUCT2), ACSM2_MEMORY_TYPE__NONE); - MEMASSERT(p, "acsmNew"); if (p) { @@ -1133,17 +1128,14 @@ int acsmAddPattern2( plist = (ACSM_PATTERN2*) AC_MALLOC(sizeof (ACSM_PATTERN2), ACSM2_MEMORY_TYPE__PATTERN); - MEMASSERT(plist, "acsmAddPattern"); plist->patrn = (uint8_t*)AC_MALLOC(n, ACSM2_MEMORY_TYPE__PATTERN); - MEMASSERT(plist->patrn, "acsmAddPattern"); ConvertCaseEx(plist->patrn, pat, n); plist->casepatrn = (uint8_t*)AC_MALLOC(n, ACSM2_MEMORY_TYPE__PATTERN); - MEMASSERT(plist->casepatrn, "acsmAddPattern"); memcpy(plist->casepatrn, pat, n); @@ -1250,13 +1242,11 @@ static inline int _acsmCompile2(ACSM_STRUCT2* acsm) acsm->acsmTransTable = (trans_node_t**)AC_MALLOC(sizeof(trans_node_t*) * acsm->acsmMaxStates, ACSM2_MEMORY_TYPE__TRANSTABLE); - MEMASSERT(acsm->acsmTransTable, "_acsmCompile2"); /* Alloc a MatchList table - this has a list of pattern matches for each state, if any */ acsm->acsmMatchList = (ACSM_PATTERN2**)AC_MALLOC(sizeof(ACSM_PATTERN2*) * acsm->acsmMaxStates, ACSM2_MEMORY_TYPE__MATCHLIST); - MEMASSERT(acsm->acsmMatchList, "_acsmCompile2"); /* Initialize state zero as a branch */ acsm->acsmNumStates = 0; @@ -1300,15 +1290,11 @@ static inline int _acsmCompile2(ACSM_STRUCT2* acsm) (acstate_t*)AC_MALLOC(sizeof(acstate_t) * acsm->acsmNumStates, ACSM2_MEMORY_TYPE__FAILSTATE); - MEMASSERT(acsm->acsmFailState, "_acsmCompile2"); - /* Alloc a separate state transition table == in state 's' due to event 'k', transition to 'next' state */ acsm->acsmNextState = (acstate_t**)AC_MALLOC_DFA(acsm->acsmNumStates * sizeof(acstate_t*), acsm->sizeofstate); - MEMASSERT(acsm->acsmNextState, "_acsmCompile2-NextState"); - /* Build the NFA */ Build_NFA(acsm); @@ -1690,21 +1676,21 @@ int acsm_search_dfa_full( { uint8_t* ps; uint8_t** NextState = (uint8_t**)acsm->acsmNextState; - AC_SEARCH; + AC_SEARCH } break; case 2: { uint16_t* ps; uint16_t** NextState = (uint16_t**)acsm->acsmNextState; - AC_SEARCH; + AC_SEARCH } break; default: { acstate_t* ps; acstate_t** NextState = acsm->acsmNextState; - AC_SEARCH; + AC_SEARCH } break; } @@ -1790,21 +1776,21 @@ int acsm_search_dfa_full_all( { uint8_t* ps; uint8_t** NextState = (uint8_t**)acsm->acsmNextState; - AC_SEARCH_ALL; + AC_SEARCH_ALL } break; case 2: { uint16_t* ps; uint16_t** NextState = (uint16_t**)acsm->acsmNextState; - AC_SEARCH_ALL; + AC_SEARCH_ALL } break; default: { acstate_t* ps; acstate_t** NextState = acsm->acsmNextState; - AC_SEARCH_ALL; + AC_SEARCH_ALL } break; } diff --git a/src/service_inspectors/dce_rpc/dce_co.cc b/src/service_inspectors/dce_rpc/dce_co.cc index f1e6bdc9f..13cd6a23f 100644 --- a/src/service_inspectors/dce_rpc/dce_co.cc +++ b/src/service_inspectors/dce_rpc/dce_co.cc @@ -2044,7 +2044,7 @@ static void DCE2_CoSegDecode(DCE2_SsnData* sd, DCE2_CoTracker* cot, DCE2_CoSeg* uint16_t frag_len = 0; dce2CommonStats* dce_common_stats = dce_get_proto_stats_ptr(sd); int smb_hdr_len; - + if ( DetectionEngine::get_current_packet()->is_from_client() ) { smb_hdr_len = DCE2_MOCK_HDR_LEN__SMB_CLI; diff --git a/src/service_inspectors/dce_rpc/dce_common.cc b/src/service_inspectors/dce_rpc/dce_common.cc index f9c501cde..cca435826 100644 --- a/src/service_inspectors/dce_rpc/dce_common.cc +++ b/src/service_inspectors/dce_rpc/dce_common.cc @@ -233,7 +233,7 @@ bool DceEndianness::get_offset_endianness(int32_t offset, uint8_t& endian) } endian = (byte_order == DCERPC_BO_FLAG__BIG_ENDIAN) ? ENDIAN_BIG : ENDIAN_LITTLE; - + return true; } diff --git a/src/service_inspectors/dce_rpc/dce_context_data.cc b/src/service_inspectors/dce_rpc/dce_context_data.cc index 2bd93c676..fe4424a94 100644 --- a/src/service_inspectors/dce_rpc/dce_context_data.cc +++ b/src/service_inspectors/dce_rpc/dce_context_data.cc @@ -43,7 +43,7 @@ unsigned DceContextData::get_ips_id(DCE2_TransType trans) { switch(trans) { - case DCE2_TRANS_TYPE__SMB: + case DCE2_TRANS_TYPE__SMB: return DceContextData::smb_ips_id; case DCE2_TRANS_TYPE__TCP: return DceContextData::tcp_ips_id; @@ -59,7 +59,7 @@ void DceContextData::set_ips_id(DCE2_TransType trans, unsigned id) { switch(trans) { - case DCE2_TRANS_TYPE__SMB: + case DCE2_TRANS_TYPE__SMB: DceContextData::smb_ips_id = id; break; case DCE2_TRANS_TYPE__TCP: diff --git a/src/service_inspectors/dce_rpc/dce_list.cc b/src/service_inspectors/dce_rpc/dce_list.cc index 2580448a8..4cea50354 100644 --- a/src/service_inspectors/dce_rpc/dce_list.cc +++ b/src/service_inspectors/dce_rpc/dce_list.cc @@ -143,7 +143,7 @@ static void DCE2_ListInsertTail(DCE2_List* list, DCE2_ListNode* n) static void DCE2_ListInsertHead(DCE2_List* list, DCE2_ListNode* n) { if ((list == nullptr) || (n == nullptr)) - return; + return; if (list->head == nullptr) { diff --git a/src/service_inspectors/dce_rpc/dce_smb2.cc b/src/service_inspectors/dce_rpc/dce_smb2.cc index afdd977dd..dc48e29e5 100644 --- a/src/service_inspectors/dce_rpc/dce_smb2.cc +++ b/src/service_inspectors/dce_rpc/dce_smb2.cc @@ -724,7 +724,7 @@ void DCE2_Smb2Process(DCE2_SmbSsnData* ssd) uint32_t next_command_offset; /* SMB protocol allows multiple smb commands to be grouped in a single packet. So loop through to parse all the smb commands. - Reference: https://msdn.microsoft.com/en-us/library/cc246614.aspx + Reference: https://msdn.microsoft.com/en-us/library/cc246614.aspx "A nonzero value for the NextCommand field in the SMB2 header indicates a compound request. NextCommand in the SMB2 header of a request specifies an offset, in bytes, from the beginning of the SMB2 header under consideration to the start of the 8-byte diff --git a/src/service_inspectors/dce_rpc/dce_smb_paf.cc b/src/service_inspectors/dce_rpc/dce_smb_paf.cc index bf13b077a..f8c30ce31 100644 --- a/src/service_inspectors/dce_rpc/dce_smb_paf.cc +++ b/src/service_inspectors/dce_rpc/dce_smb_paf.cc @@ -27,6 +27,15 @@ #include "dce_smb.h" +namespace +{ +inline void DCE2_SMB_PAF_SHIFT(uint64_t& x64, const uint8_t& x8) +{ + x64 <<= 8; + x64 |= (uint64_t) x8; +} +} + using namespace snort; /********************************************************************* @@ -115,7 +124,7 @@ static StreamSplitter::Status dce2_smb_paf(DCE2_PafSmbData* ss, Flow* flow, cons ss->paf_state = DCE2_PAF_SMB_STATES__0; return StreamSplitter::FLUSH; } - + ss->paf_state = (DCE2_PafSmbStates)(((int)ss->paf_state) + 1); break; case DCE2_PAF_SMB_STATES__7: @@ -135,7 +144,7 @@ static StreamSplitter::Status dce2_smb_paf(DCE2_PafSmbData* ss, Flow* flow, cons nb_len = NbssLen((const NbssHdr*)&nb_hdr); *fp = (nb_len + sizeof(NbssHdr) + n) - ss->paf_state; ss->paf_state = DCE2_PAF_SMB_STATES__0; - + return StreamSplitter::FLUSH; default: DCE2_SMB_PAF_SHIFT(ss->nb_hdr, data[n]); diff --git a/src/service_inspectors/dce_rpc/dce_smb_paf.h b/src/service_inspectors/dce_rpc/dce_smb_paf.h index a1dc2c087..0e0ba5871 100644 --- a/src/service_inspectors/dce_rpc/dce_smb_paf.h +++ b/src/service_inspectors/dce_rpc/dce_smb_paf.h @@ -24,8 +24,6 @@ #include "stream/stream_splitter.h" -#define DCE2_SMB_PAF_SHIFT(x64, x8) { (x64) <<= 8; (x64) |= (uint64_t)(x8); } - // Enumerations for PAF states enum DCE2_PafSmbStates { diff --git a/src/service_inspectors/dce_rpc/dce_smb_transaction.cc b/src/service_inspectors/dce_rpc/dce_smb_transaction.cc index 7b1a1d4e9..e408a84d3 100644 --- a/src/service_inspectors/dce_rpc/dce_smb_transaction.cc +++ b/src/service_inspectors/dce_rpc/dce_smb_transaction.cc @@ -1546,7 +1546,7 @@ DCE2_Ret DCE2_SmbNtTransact(DCE2_SmbSsnData* ssd, const SmbNtHdr* smb_hdr, if (ftracker == nullptr) return DCE2_RET__ERROR; - DCE2_Update_Ftracker_from_ReqTracker(ftracker, ssd->cur_rtracker); + DCE2_Update_Ftracker_from_ReqTracker(ftracker, ssd->cur_rtracker); if (!ftracker->is_ipc) { @@ -1595,7 +1595,7 @@ DCE2_Ret DCE2_SmbTransactionSecondary(DCE2_SmbSsnData* ssd, const SmbNtHdr* smb_ Packet* rpkt = DCE2_SmbGetRpkt(ssd, &data_ptr, &data_len, DCE2_RPKT_TYPE__SMB_TRANS); if (rpkt == nullptr) - return DCE2_RET__ERROR; + return DCE2_RET__ERROR; status = DCE2_SmbTransactionReq(ssd, ttracker, data_ptr, data_len, DCE2_BufferData(ttracker->pbuf), DCE2_BufferLength(ttracker->pbuf)); diff --git a/src/service_inspectors/dce_rpc/dce_smb_utils.cc b/src/service_inspectors/dce_rpc/dce_smb_utils.cc index 80087c71e..0916dc7fb 100644 --- a/src/service_inspectors/dce_rpc/dce_smb_utils.cc +++ b/src/service_inspectors/dce_rpc/dce_smb_utils.cc @@ -1824,7 +1824,7 @@ void DCE2_SmbProcessFileData(DCE2_SmbSsnData* ssd, || ((file_data_depth != 0) && (ftracker->ff_bytes_processed >= (uint64_t)file_data_depth))) { - // Bytes processed is at or beyond file data depth - finished. + // Bytes processed is at or beyond file data depth - finished. DCE2_SmbRemoveFileTracker(ssd, ftracker); return; } diff --git a/src/service_inspectors/dce_rpc/dce_tcp_paf.cc b/src/service_inspectors/dce_rpc/dce_tcp_paf.cc index 876524c29..f4061e2e4 100644 --- a/src/service_inspectors/dce_rpc/dce_tcp_paf.cc +++ b/src/service_inspectors/dce_rpc/dce_tcp_paf.cc @@ -121,7 +121,7 @@ static StreamSplitter::Status dce2_tcp_paf(DCE2_PafTcpData* ds, Flow* flow, cons * flush just before it */ if ((num_requests == 1) || (n <= len)) tmp_fp += ds->frag_len; - + ds->paf_state = DCE2_PAF_TCP_STATES__0; continue; // we incremented n already default: diff --git a/src/service_inspectors/dns/dns.h b/src/service_inspectors/dns/dns.h index 884dde9f7..d49b8cef4 100644 --- a/src/service_inspectors/dns/dns.h +++ b/src/service_inspectors/dns/dns.h @@ -83,7 +83,7 @@ struct DNSNameState #define DNS_RR_TYPE_A 0x0001 #define DNS_RR_TYPE_NS 0x0002 #define DNS_RR_TYPE_MD 0x0003 // obsolete -#define DNS_RR_TYPE_MF 0x0004 // obsolete +#define DNS_RR_TYPE_MF 0x0004 // obsolete #define DNS_RR_TYPE_CNAME 0x0005 #define DNS_RR_TYPE_SOA 0x0006 #define DNS_RR_TYPE_MB 0x0007 // experimental diff --git a/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc b/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc index bb88737f0..108c76511 100644 --- a/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc +++ b/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc @@ -114,7 +114,7 @@ bool FtpDataSplitter::finish(Flow* flow) FileFlows* file_flows = FileFlows::get_file_flows(flow); if ( file_flows ) { - file_flows->file_process(DetectionEngine::get_current_packet(), + file_flows->file_process(DetectionEngine::get_current_packet(), nullptr, 0, SNORT_FILE_END, to_server(), fdfd->session.path_hash); } } diff --git a/src/service_inspectors/gtp/gtp_parser.cc b/src/service_inspectors/gtp/gtp_parser.cc index 50b491deb..3c7cef602 100644 --- a/src/service_inspectors/gtp/gtp_parser.cc +++ b/src/service_inspectors/gtp/gtp_parser.cc @@ -422,7 +422,7 @@ int gtp_parse(const GTPConfig& config, GTPMsg* msg, const uint8_t* buff, uint16_ if (msg->version > MAX_GTP_VERSION_CODE) return false; - + /*Check whether this is GTP or GTP', Exit if GTP'*/ if (!(hdr->flag & 0x10)) return false; diff --git a/src/service_inspectors/gtp/ips_gtp_info.cc b/src/service_inspectors/gtp/ips_gtp_info.cc index 60b6cae93..a88d55b09 100644 --- a/src/service_inspectors/gtp/ips_gtp_info.cc +++ b/src/service_inspectors/gtp/ips_gtp_info.cc @@ -58,7 +58,7 @@ public: EvalStatus eval(Cursor&, Packet*) override; public: - // byte n is for version n (named types can have + // byte n is for version n (named types can have // different codes in different versions) uint8_t types[MAX_GTP_VERSION_CODE + 1]; }; diff --git a/src/service_inspectors/gtp/ips_gtp_type.cc b/src/service_inspectors/gtp/ips_gtp_type.cc index efb1338bb..36445d4f4 100644 --- a/src/service_inspectors/gtp/ips_gtp_type.cc +++ b/src/service_inspectors/gtp/ips_gtp_type.cc @@ -57,7 +57,7 @@ public: EvalStatus eval(Cursor&, Packet*) override; public: - // set n is for version n (named types can have + // set n is for version n (named types can have // different codes in different versions) ByteBitSet types[MAX_GTP_VERSION_CODE + 1]; }; diff --git a/src/service_inspectors/http2_inspect/http2_enum.h b/src/service_inspectors/http2_inspect/http2_enum.h index c7e0166bd..37c822c7f 100644 --- a/src/service_inspectors/http2_inspect/http2_enum.h +++ b/src/service_inspectors/http2_inspect/http2_enum.h @@ -37,7 +37,7 @@ enum FrameType : uint8_t { FT_DATA=0, FT_HEADERS=1, FT_PRIORITY=2, FT_RST_STREAM // Message buffers available to clients // This enum must remain synchronized with Http2Api::classic_buffer_names[] -enum HTTP2_BUFFER { HTTP2_BUFFER_FRAME_HEADER = 1, HTTP2_BUFFER_FRAME_DATA, HTTP2_BUFFER_DECODED_HEADER, +enum HTTP2_BUFFER { HTTP2_BUFFER_FRAME_HEADER = 1, HTTP2_BUFFER_FRAME_DATA, HTTP2_BUFFER_DECODED_HEADER, HTTP2_BUFFER_MAX }; // Peg counts @@ -90,7 +90,7 @@ enum Infraction INF__MAX_VALUE }; -enum HeaderFrameFlags +enum HeaderFrameFlags { END_STREAM = 0x1, END_HEADERS = 0x4, @@ -113,7 +113,7 @@ enum PseudoHeaders enum SettingsFrameIds { HEADER_TABLE_SIZE = 1, - ENABLE_PUSH, + ENABLE_PUSH, MAX_CONCURRENT_STREAMS, INITIAL_WINDOW_SIZE, MAX_FRAME_SIZE, diff --git a/src/service_inspectors/http2_inspect/http2_flow_data.h b/src/service_inspectors/http2_inspect/http2_flow_data.h index ff488ecc5..669319249 100644 --- a/src/service_inspectors/http2_inspect/http2_flow_data.h +++ b/src/service_inspectors/http2_inspect/http2_flow_data.h @@ -98,7 +98,7 @@ protected: // Used by scan, reassemble and eval to communicate uint8_t frame_type[2] = { Http2Enums::FT__NONE, Http2Enums::FT__NONE }; - + // Internal to reassemble() uint32_t frame_header_offset[2] = { 0, 0 }; uint32_t frame_data_offset[2] = { 0, 0 }; diff --git a/src/service_inspectors/http2_inspect/http2_frame.cc b/src/service_inspectors/http2_inspect/http2_frame.cc index ee0ea9c69..bde7796fb 100644 --- a/src/service_inspectors/http2_inspect/http2_frame.cc +++ b/src/service_inspectors/http2_inspect/http2_frame.cc @@ -93,7 +93,7 @@ uint32_t Http2Frame::get_stream_id() const uint8_t* header_start = header.start(); return ((header_start[stream_id_index] & 0x7f) << 24) + - (header_start[stream_id_index + 1] << 16) + + (header_start[stream_id_index + 1] << 16) + (header_start[stream_id_index + 2] << 8) + header_start[stream_id_index + 3]; } diff --git a/src/service_inspectors/http2_inspect/http2_frame.h b/src/service_inspectors/http2_inspect/http2_frame.h index e0d3a565e..5fe1f5d4d 100644 --- a/src/service_inspectors/http2_inspect/http2_frame.h +++ b/src/service_inspectors/http2_inspect/http2_frame.h @@ -59,7 +59,7 @@ protected: HttpCommon::SourceId source_id; const static uint8_t flags_index = 4; - const static uint8_t stream_id_index = 5; + const static uint8_t stream_id_index = 5; const static uint32_t INVALID_STREAM_ID = 0xFFFFFFFF; }; #endif diff --git a/src/service_inspectors/http2_inspect/http2_headers_frame.cc b/src/service_inspectors/http2_inspect/http2_headers_frame.cc index be115eee6..4b8e23850 100644 --- a/src/service_inspectors/http2_inspect/http2_headers_frame.cc +++ b/src/service_inspectors/http2_inspect/http2_headers_frame.cc @@ -32,9 +32,9 @@ using namespace HttpCommon; using namespace Http2Enums; Http2HeadersFrame::Http2HeadersFrame(const uint8_t* header_buffer, const int32_t header_len, - const uint8_t* data_buffer, const int32_t data_len, Http2FlowData* session_data, - HttpCommon::SourceId source_id) : Http2Frame(header_buffer, header_len, data_buffer, data_len, - session_data, source_id) + const uint8_t* data_buffer, const int32_t data_len, Http2FlowData* ssn_data, + HttpCommon::SourceId src_id) : Http2Frame(header_buffer, header_len, data_buffer, data_len, + ssn_data, src_id) { uint8_t hpack_headers_offset = 0; @@ -48,7 +48,7 @@ Http2HeadersFrame::Http2HeadersFrame(const uint8_t* header_buffer, const int32_t // Allocate stuff decoded_headers = new uint8_t[MAX_OCTETS]; decoded_headers_size = 0; - + start_line_generator = Http2StartLine::new_start_line_generator(source_id, session_data->events[source_id], session_data->infractions[source_id]); diff --git a/src/service_inspectors/http2_inspect/http2_headers_frame.h b/src/service_inspectors/http2_inspect/http2_headers_frame.h index e9ca1110c..2c67822d2 100644 --- a/src/service_inspectors/http2_inspect/http2_headers_frame.h +++ b/src/service_inspectors/http2_inspect/http2_headers_frame.h @@ -31,7 +31,7 @@ class Http2HeadersFrame : public Http2Frame { public: ~Http2HeadersFrame() override; - + const Field& get_buf(unsigned id) override; friend Http2Frame* Http2Frame::new_frame(const uint8_t* header_buffer, const int32_t header_len, @@ -44,8 +44,8 @@ public: private: Http2HeadersFrame(const uint8_t* header_buffer, const int32_t header_len, - const uint8_t* data_buffer, const int32_t data_len, Http2FlowData* session_data, - HttpCommon::SourceId source_id); + const uint8_t* data_buffer, const int32_t data_len, Http2FlowData* ssn_data, + HttpCommon::SourceId src_id); Http2StartLine* start_line_generator = nullptr; uint8_t* decoded_headers = nullptr; // working buffer to store decoded headers diff --git a/src/service_inspectors/http2_inspect/http2_hpack_string_decode.cc b/src/service_inspectors/http2_inspect/http2_hpack_string_decode.cc index ffc431336..d77215447 100644 --- a/src/service_inspectors/http2_inspect/http2_hpack_string_decode.cc +++ b/src/service_inspectors/http2_inspect/http2_hpack_string_decode.cc @@ -68,7 +68,7 @@ bool Http2HpackStringDecode::translate(const uint8_t* in_buff, const uint32_t in return true; if (!isHuffman) - return get_string(in_buff, encoded_len, bytes_consumed, out_buff, out_len, bytes_written, + return get_string(in_buff, encoded_len, bytes_consumed, out_buff, out_len, bytes_written, events, infractions); return get_huffman_string(in_buff, encoded_len, bytes_consumed, out_buff, out_len, @@ -195,7 +195,7 @@ bool Http2HpackStringDecode::get_huffman_string(const uint8_t* in_buff, const ui break; default: - break; + break; } } diff --git a/src/service_inspectors/http2_inspect/http2_hpack_string_decode.h b/src/service_inspectors/http2_inspect/http2_hpack_string_decode.h index e45168a90..881931c49 100644 --- a/src/service_inspectors/http2_inspect/http2_hpack_string_decode.h +++ b/src/service_inspectors/http2_inspect/http2_hpack_string_decode.h @@ -40,12 +40,12 @@ private: uint8_t* out_buff, const uint32_t out_len, uint32_t& bytes_written, Http2EventGen* events, Http2Infractions* infractions) const; bool get_huffman_string(const uint8_t* in_buff, const uint32_t encoded_len, - uint32_t& bytes_consumed, uint8_t* out_buff, const uint32_t out_len, uint32_t& + uint32_t& bytes_consumed, uint8_t* out_buff, const uint32_t out_len, uint32_t& bytes_written, Http2EventGen* events, Http2Infractions* infractions) const; bool get_next_byte(const uint8_t* in_buff, const uint32_t last_byte, uint32_t& bytes_consumed, uint8_t& cur_bit, uint8_t match_len, uint8_t& byte, bool& another_search) const; - + const Http2HpackIntDecode decode7; }; diff --git a/src/service_inspectors/http2_inspect/http2_hpack_table.cc b/src/service_inspectors/http2_inspect/http2_hpack_table.cc index 253e2c397..7f9838889 100644 --- a/src/service_inspectors/http2_inspect/http2_hpack_table.cc +++ b/src/service_inspectors/http2_inspect/http2_hpack_table.cc @@ -102,7 +102,7 @@ const HpackTableEntry HpackIndexTable::static_table[STATIC_MAX_INDEX + 1] = }; const HpackTableEntry* HpackIndexTable::lookup(uint64_t index) const -{ +{ if (index <= STATIC_MAX_INDEX) return &static_table[index]; else diff --git a/src/service_inspectors/http2_inspect/http2_huffman_state_machine.cc b/src/service_inspectors/http2_inspect/http2_huffman_state_machine.cc index d4cd77383..35b030cfe 100644 --- a/src/service_inspectors/http2_inspect/http2_huffman_state_machine.cc +++ b/src/service_inspectors/http2_inspect/http2_huffman_state_machine.cc @@ -330,7 +330,7 @@ const HuffmanEntry huffman_decode[HUFFMAN_LOOKUP_MAX+1] [UINT8_MAX+1] = // 00000 {5, (char)176, HUFFMAN_MATCH}, {5, (char)176, HUFFMAN_MATCH}, {5, (char)176, HUFFMAN_MATCH}, {5, (char)176, HUFFMAN_MATCH}, {5, (char)176, HUFFMAN_MATCH}, {5, (char)176, HUFFMAN_MATCH}, {5, (char)176, HUFFMAN_MATCH}, {5, (char)176, HUFFMAN_MATCH}, - // 00001 + // 00001 {5, (char)177, HUFFMAN_MATCH}, {5, (char)177, HUFFMAN_MATCH}, {5, (char)177, HUFFMAN_MATCH}, {5, (char)177, HUFFMAN_MATCH}, {5, (char)177, HUFFMAN_MATCH}, {5, (char)177, HUFFMAN_MATCH}, {5, (char)177, HUFFMAN_MATCH}, {5, (char)177, HUFFMAN_MATCH}, // 00010 diff --git a/src/service_inspectors/http2_inspect/http2_request_line.h b/src/service_inspectors/http2_inspect/http2_request_line.h index 280b78afb..53cf99038 100644 --- a/src/service_inspectors/http2_inspect/http2_request_line.h +++ b/src/service_inspectors/http2_inspect/http2_request_line.h @@ -37,8 +37,7 @@ public: Http2EventGen* events, Http2Infractions* infractions); private: - Http2RequestLine(Http2EventGen* events, Http2Infractions* infractions) : Http2StartLine(events, - infractions) { } + Http2RequestLine(Http2EventGen* evs, Http2Infractions* infrs) : Http2StartLine(evs, infrs) { } Field method; Field path; diff --git a/src/service_inspectors/http2_inspect/http2_settings_frame.cc b/src/service_inspectors/http2_inspect/http2_settings_frame.cc index b7a9a1660..db2a7e9fd 100644 --- a/src/service_inspectors/http2_inspect/http2_settings_frame.cc +++ b/src/service_inspectors/http2_inspect/http2_settings_frame.cc @@ -38,7 +38,7 @@ static uint16_t get_parameter_id(const uint8_t* data_buffer) } static uint32_t get_parameter_value(const uint8_t* data_buffer) -{ +{ static const uint8_t frame_value_index = 2; return (data_buffer[frame_value_index] << 24) + (data_buffer[frame_value_index + 1] << 16) + @@ -47,9 +47,9 @@ static uint32_t get_parameter_value(const uint8_t* data_buffer) } Http2SettingsFrame::Http2SettingsFrame(const uint8_t* header_buffer, const int32_t header_len, - const uint8_t* data_buffer, const int32_t data_len, Http2FlowData* session_data, - HttpCommon::SourceId source_id) : Http2Frame(header_buffer, header_len, data_buffer, data_len, - session_data, source_id) + const uint8_t* data_buffer, const int32_t data_len, Http2FlowData* ssn_data, + HttpCommon::SourceId src_id) : Http2Frame(header_buffer, header_len, data_buffer, data_len, + ssn_data, src_id) { if (!sanity_check()) { @@ -60,13 +60,13 @@ Http2SettingsFrame::Http2SettingsFrame(const uint8_t* header_buffer, const int32 if (SfAck & get_flags()) return; - + parse_settings_frame(); } void Http2SettingsFrame::parse_settings_frame() { - int32_t data_pos = 0; + int32_t data_pos = 0; while (data_pos < data.length()) { @@ -82,7 +82,7 @@ void Http2SettingsFrame::parse_settings_frame() continue; } - session_data->connection_settings[source_id].set_param(parameter_id, parameter_value); + session_data->connection_settings[source_id].set_param(parameter_id, parameter_value); } } @@ -96,7 +96,7 @@ bool Http2SettingsFrame::sanity_check() bad_frame = true; else if (ack and data.length() > 0) bad_frame = true; - + return !(bad_frame); } @@ -118,18 +118,18 @@ void Http2SettingsFrame::print_frame(FILE* output) } #endif -uint32_t Http2ConnectionSettings::get_param(uint16_t id) -{ +uint32_t Http2ConnectionSettings::get_param(uint16_t id) +{ assert(id >= HEADER_TABLE_SIZE); assert(id <= MAX_HEADER_LIST_SIZE); - return parameters[id - 1]; + return parameters[id - 1]; } -void Http2ConnectionSettings::set_param(uint16_t id, uint32_t value) -{ +void Http2ConnectionSettings::set_param(uint16_t id, uint32_t value) +{ assert(id >= HEADER_TABLE_SIZE); assert(id <= MAX_HEADER_LIST_SIZE); - parameters[id - 1] = value; + parameters[id - 1] = value; } diff --git a/src/service_inspectors/http2_inspect/http2_settings_frame.h b/src/service_inspectors/http2_inspect/http2_settings_frame.h index a5d9e41bb..3fc285871 100644 --- a/src/service_inspectors/http2_inspect/http2_settings_frame.h +++ b/src/service_inspectors/http2_inspect/http2_settings_frame.h @@ -39,8 +39,8 @@ public: private: Http2SettingsFrame(const uint8_t* header_buffer, const int32_t header_len, - const uint8_t* data_buffer, const int32_t data_len, Http2FlowData* session_data, - HttpCommon::SourceId source_id); + const uint8_t* data_buffer, const int32_t data_len, Http2FlowData* ssn_data, + HttpCommon::SourceId src_id); void parse_settings_frame(); bool sanity_check(); @@ -52,13 +52,13 @@ private: class Http2ConnectionSettings { public: - uint32_t get_param(uint16_t id); - void set_param(uint16_t id, uint32_t value); + uint32_t get_param(uint16_t id); + void set_param(uint16_t id, uint32_t value); private: void validate_param_id(uint16_t id); - static const uint16_t PARAMETER_COUNT = 6; + static const uint16_t PARAMETER_COUNT = 6; uint32_t parameters[PARAMETER_COUNT] = { 4096, // Header table size 1, // Push promise diff --git a/src/service_inspectors/http2_inspect/http2_status_line.cc b/src/service_inspectors/http2_inspect/http2_status_line.cc index 28e4b8500..013e7da9e 100644 --- a/src/service_inspectors/http2_inspect/http2_status_line.cc +++ b/src/service_inspectors/http2_inspect/http2_status_line.cc @@ -64,7 +64,7 @@ void Http2StatusLine::process_pseudo_header_value(const uint8_t* const& value, c bool Http2StatusLine::generate_start_line() { uint32_t bytes_written = 0; - + // Account for one space and trailing crlf static const uint8_t NUM_RESPONSE_LINE_EXTRA_CHARS = 3; diff --git a/src/service_inspectors/http2_inspect/http2_status_line.h b/src/service_inspectors/http2_inspect/http2_status_line.h index 76e24e959..5543eb9c1 100644 --- a/src/service_inspectors/http2_inspect/http2_status_line.h +++ b/src/service_inspectors/http2_inspect/http2_status_line.h @@ -36,8 +36,7 @@ public: Http2EventGen* events, Http2Infractions* infractions); private: - Http2StatusLine(Http2EventGen* events, Http2Infractions* infractions) : Http2StartLine(events, - infractions) { } + Http2StatusLine(Http2EventGen* evs, Http2Infractions* infrs) : Http2StartLine(evs, infrs) { } Field status; diff --git a/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc b/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc index c84229519..ff210c5c1 100644 --- a/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc +++ b/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc @@ -89,7 +89,7 @@ StreamSplitter::Status implement_scan(Http2FlowData* session_data, const uint8_t { // Continuation of ongoing data frame session_data->num_frame_headers[source_id] = 0; - + // If this is a new frame section, update next frame section length if (session_data->scan_remaining_frame_octets[source_id] == 0) { @@ -107,7 +107,7 @@ StreamSplitter::Status implement_scan(Http2FlowData* session_data, const uint8_t session_data->scan_remaining_frame_octets[source_id] -= length; session_data->total_bytes_in_split[source_id] += length; return status = StreamSplitter::SEARCH; - } + } // Have full frame section, flush and update leftover session_data->total_bytes_in_split[source_id] += @@ -244,7 +244,7 @@ StreamSplitter::Status implement_scan(Http2FlowData* session_data, const uint8_t return status; } -// FIXIT-M If there are any errors in header decoding, this currently tells stream not to send +// FIXIT-M If there are any errors in header decoding, this currently tells stream not to send // headers to detection. This behavior may need to be changed. const StreamBuffer implement_reassemble(Http2FlowData* session_data, unsigned total, unsigned offset, const uint8_t* data, unsigned len, uint32_t flags, @@ -356,7 +356,7 @@ const StreamBuffer implement_reassemble(Http2FlowData* session_data, unsigned to session_data->num_frame_headers[source_id] = 0; session_data->scan_octets_seen[source_id] = 0; - // Return 0-length non-null buffer to stream which signals detection required, but don't + // Return 0-length non-null buffer to stream which signals detection required, but don't // create pkt_data buffer frame_buf.data = (const uint8_t*)""; } @@ -365,7 +365,7 @@ const StreamBuffer implement_reassemble(Http2FlowData* session_data, unsigned to return frame_buf; } -ValidationResult validate_preface(const uint8_t* data, const uint32_t length, +ValidationResult validate_preface(const uint8_t* data, const uint32_t length, const uint32_t octets_seen) { const uint32_t preface_length = 24; @@ -383,6 +383,6 @@ ValidationResult validate_preface(const uint8_t* data, const uint32_t length, if ((octets_seen + length) < preface_length) return V_TBD; - + return V_GOOD; } diff --git a/src/service_inspectors/http2_inspect/test/http2_hpack_string_decode_test.cc b/src/service_inspectors/http2_inspect/test/http2_hpack_string_decode_test.cc index a6b5867ca..083b15dd3 100644 --- a/src/service_inspectors/http2_inspect/test/http2_hpack_string_decode_test.cc +++ b/src/service_inspectors/http2_inspect/test/http2_hpack_string_decode_test.cc @@ -189,7 +189,7 @@ TEST(http2_hpack_string_decode_success, huffman_1_byte_star) TEST(http2_hpack_string_decode_success, huffman_2_bytes_aligned) { - // prepare buf to decode - Huffman "&&" + // prepare buf to decode - Huffman "&&" uint8_t buf[3] = {0x82, 0xf8, 0xf8}; // decode uint32_t bytes_processed = 0, bytes_written = 0; @@ -204,7 +204,7 @@ TEST(http2_hpack_string_decode_success, huffman_2_bytes_aligned) TEST(http2_hpack_string_decode_success, huffman_2_bytes_unaligned) { - // prepare buf to decode - Huffman "%%" + // prepare buf to decode - Huffman "%%" uint8_t buf[3] = {0x82, 0x55, 0x5f}; // decode uint32_t bytes_processed = 0, bytes_written = 0; @@ -219,7 +219,7 @@ TEST(http2_hpack_string_decode_success, huffman_2_bytes_unaligned) TEST(http2_hpack_string_decode_success, huffman_rfc_example1) { - // prepare buf to decode - Huffman "www.example.com" , RFC c.4.1 + // prepare buf to decode - Huffman "www.example.com" , RFC c.4.1 uint8_t buf[13] = {0x8c, 0xf1, 0xe3, 0xc2, 0xe5, 0xf2, 0x3a, 0x6b, 0xa0, 0xab, 0x90, 0xf4, 0xff}; // decode uint32_t bytes_processed = 0, bytes_written = 0; @@ -281,7 +281,7 @@ TEST(http2_hpack_string_decode_success, huffman_rfc_example5) { // prepare buf to decode - Huffman "Mon, 21 Oct 2013 20:13:21 GMT" , RFC c.6.1 uint8_t buf[23] = {0x96, 0xd0, 0x7a, 0xbe, 0x94, 0x10, 0x54, 0xd4, 0x44, 0xa8, 0x20, - 0x05, 0x95, 0x04, 0x0b, 0x81, 0x66, 0xe0, 0x82, 0xa6, 0x2d, 0x1b, 0xff}; + 0x05, 0x95, 0x04, 0x0b, 0x81, 0x66, 0xe0, 0x82, 0xa6, 0x2d, 0x1b, 0xff}; // decode uint32_t bytes_processed = 0, bytes_written = 0; uint8_t res[35]; @@ -297,9 +297,9 @@ TEST(http2_hpack_string_decode_success, huffman_rfc_example6) { // prepare buf to decode - Huffman "foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1" , RFC c.6.3 uint8_t buf[46] = {0xad, 0x94, 0xe7, 0x82, 0x1d, 0xd7, 0xf2, 0xe6, 0xc7, 0xb3, 0x35, 0xdf, - 0xdf, 0xcd, 0x5b, 0x39, 0x60, 0xd5, 0xaf, 0x27, 0x08, 0x7f, 0x36, 0x72, - 0xc1, 0xab, 0x27, 0x0f, 0xb5, 0x29, 0x1f, 0x95, 0x87, 0x31, 0x60, 0x65, - 0xc0, 0x03, 0xed, 0x4e, 0xe5, 0xb1, 0x06, 0x3d, 0x50, 0x07}; + 0xdf, 0xcd, 0x5b, 0x39, 0x60, 0xd5, 0xaf, 0x27, 0x08, 0x7f, 0x36, 0x72, + 0xc1, 0xab, 0x27, 0x0f, 0xb5, 0x29, 0x1f, 0x95, 0x87, 0x31, 0x60, 0x65, + 0xc0, 0x03, 0xed, 0x4e, 0xe5, 0xb1, 0x06, 0x3d, 0x50, 0x07}; // decode uint32_t bytes_processed = 0, bytes_written = 0; uint8_t res[73]; @@ -330,7 +330,7 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_1) { // prepare buf to decode - "abcdefghijklmnopqrstuvwxyz" uint8_t buf[21] = {0x94, 0x1c, 0x64, 0x90, 0xb2, 0xcd, 0x39, 0xba, 0x75, 0xa2, 0x9a, 0x8f, 0x5f, 0x6b, - 0x10, 0x9b, 0x7b, 0xf8, 0xf3, 0xeb, 0xdf}; + 0x10, 0x9b, 0x7b, 0xf8, 0xf3, 0xeb, 0xdf}; // decode uint32_t bytes_processed = 0, bytes_written = 0; uint8_t res[32]; @@ -346,7 +346,7 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_2) { // prepare buf to decode - "ABCDEFGHIJKLMNOPQRSTUVWXYZ" uint8_t buf[24] = {0x97, 0x86, 0xed, 0xeb, 0xf8, 0x30, 0xe2, 0xc7, 0x93, 0x2e, 0x6c, 0xfa, 0x34, 0xea, - 0xd7, 0xb3, 0x6e, 0xed, 0xfc, 0x38, 0xf2, 0xfc, 0xe7, 0xfb}; + 0xd7, 0xb3, 0x6e, 0xed, 0xfc, 0x38, 0xf2, 0xfc, 0xe7, 0xfb}; // decode uint32_t bytes_processed = 0, bytes_written = 0; uint8_t res[36]; @@ -376,7 +376,9 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_3) TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_4) { // prepare buf to decode - ' !"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~' - uint8_t buf[45] = {0xAC, 0x53, 0xF8, 0xFE, 0x7F, 0xEB, 0xFF, 0x2A, 0xFC, 0X7F, 0xAF, 0xEB, 0xFB, 0xF9, 0xFF, 0x7F, 0x4B, 0x2E, 0xC5, 0xCF, 0xBF, 0xFF, 0x90, 0x7F, 0xDF, 0xF9, 0xFF, 0xAF, 0xFD, 0xFF, 0xFF, 0x0F, 0xFE, 0x7F, 0xF9, 0x17, 0xFF, 0xDF, 0xFF, 0xDF, 0xF3, 0xFF, 0xDF, 0xFE, 0xFF}; + uint8_t buf[45] = {0xAC, 0x53, 0xF8, 0xFE, 0x7F, 0xEB, 0xFF, 0x2A, 0xFC, 0X7F, 0xAF, 0xEB, 0xFB, 0xF9, + 0xFF, 0x7F, 0x4B, 0x2E, 0xC5, 0xCF, 0xBF, 0xFF, 0x90, 0x7F, 0xDF, 0xF9, 0xFF, 0xAF, 0xFD, 0xFF, 0xFF, + 0x0F, 0xFE, 0x7F, 0xF9, 0x17, 0xFF, 0xDF, 0xFF, 0xDF, 0xF3, 0xFF, 0xDF, 0xFE, 0xFF}; // decode uint32_t bytes_processed = 0, bytes_written = 0; uint8_t res[70]; @@ -391,7 +393,10 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_4) TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_hex_00_0F) { // prepare buf to decode - encoded 0x00-0x0F - uint8_t buf[55] = {0xB6, 0xFF, 0xC7, 0xFF, 0xFD, 0x8F, 0xFF, 0xFF, 0xE2, 0xFF, 0xFF, 0xFE, 0x3F, 0xFF, 0xFF, 0xE4, 0xFF, 0xFF, 0xFE, 0x5F, 0xFF, 0xFF, 0xE6, 0xFF, 0xFF, 0xFE, 0x7F, 0xFF, 0xFF, 0xE8, 0xFF, 0xFF, 0xEA, 0xFF, 0xFF, 0xFF, 0xF3, 0xFF, 0xFF, 0xFA, 0x7F, 0xFF, 0xFF, 0xAB, 0xFF, 0xFF, 0xFF, 0xDF, 0xFF, 0xFF, 0xEB, 0xFF, 0xFF, 0xFE, 0xCF}; + uint8_t buf[55] = {0xB6, 0xFF, 0xC7, 0xFF, 0xFD, 0x8F, 0xFF, 0xFF, 0xE2, 0xFF, 0xFF, 0xFE, 0x3F, 0xFF, + 0xFF, 0xE4, 0xFF, 0xFF, 0xFE, 0x5F, 0xFF, 0xFF, 0xE6, 0xFF, 0xFF, 0xFE, 0x7F, 0xFF, 0xFF, 0xE8, 0xFF, + 0xFF, 0xEA, 0xFF, 0xFF, 0xFF, 0xF3, 0xFF, 0xFF, 0xFA, 0x7F, 0xFF, 0xFF, 0xAB, 0xFF, 0xFF, 0xFF, 0xDF, + 0xFF, 0xFF, 0xEB, 0xFF, 0xFF, 0xFE, 0xCF}; // decode uint32_t bytes_processed = 0, bytes_written = 0; uint8_t res[88]; @@ -407,7 +412,10 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_he TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_hex_10_1F) { // prepare buf to decode - encoded 0x10-0x1F - uint8_t buf[58] = {0xB9, 0xFF, 0xFF, 0xFE, 0xDF, 0xFF, 0xFF, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xF0, 0xFF, 0xFF, 0xFF, 0x1F, 0xFF, 0xFF, 0xF2, 0xFF, 0xFF, 0xFF, 0xFB, 0xFF, 0xFF, 0xFC, 0xFF, 0xFF, 0xFF, 0xD3, 0xFF, 0xFF, 0xFD, 0x7F, 0xFF, 0xFF, 0xDB, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xE3, 0xFF, 0xFF, 0xFE, 0x7F, 0xFF, 0xFF, 0xEB, 0xFF, 0xFF, 0xFE, 0xFF}; + uint8_t buf[58] = {0xB9, 0xFF, 0xFF, 0xFE, 0xDF, 0xFF, 0xFF, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, + 0xF0, 0xFF, 0xFF, 0xFF, 0x1F, 0xFF, 0xFF, 0xF2, 0xFF, 0xFF, 0xFF, 0xFB, 0xFF, 0xFF, 0xFC, 0xFF, 0xFF, + 0xFF, 0xD3, 0xFF, 0xFF, 0xFD, 0x7F, 0xFF, 0xFF, 0xDB, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xE3, 0xFF, + 0xFF, 0xFE, 0x7F, 0xFF, 0xFF, 0xEB, 0xFF, 0xFF, 0xFE, 0xFF}; // decode uint32_t bytes_processed = 0, bytes_written = 0; uint8_t res[93]; @@ -423,7 +431,10 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_he TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_hex_7F_8F) { // prepare buf to decode - encoded 0x7F-0x8F - uint8_t buf[49] = {0xB0, 0xFF, 0xFF, 0xFF, 0xCF, 0xFF, 0xE6, 0xFF, 0xFF, 0x4B, 0xFF, 0xF9, 0xFF, 0xFF, 0xA3, 0xFF, 0xFD, 0x3F, 0xFF, 0xF5, 0x3F, 0xFF, 0xD5, 0xFF, 0xFF, 0xB3, 0xFF, 0xFE, 0xB7, 0xFF, 0xFD, 0xAF, 0xFF, 0xFB, 0x7F, 0xFF, 0xF7, 0x3F, 0xFF, 0xEE, 0xFF, 0xFF, 0xDE, 0xFF, 0xFF, 0xEB, 0xFF, 0xFF, 0xBF}; + uint8_t buf[49] = {0xB0, 0xFF, 0xFF, 0xFF, 0xCF, 0xFF, 0xE6, 0xFF, 0xFF, 0x4B, 0xFF, 0xF9, 0xFF, 0xFF, + 0xA3, 0xFF, 0xFD, 0x3F, 0xFF, 0xF5, 0x3F, 0xFF, 0xD5, 0xFF, 0xFF, 0xB3, 0xFF, 0xFE, 0xB7, 0xFF, 0xFD, + 0xAF, 0xFF, 0xFB, 0x7F, 0xFF, 0xF7, 0x3F, 0xFF, 0xEE, 0xFF, 0xFF, 0xDE, 0xFF, 0xFF, 0xEB, 0xFF, 0xFF, + 0xBF}; // decode uint32_t bytes_processed = 0, bytes_written = 0; uint8_t res[79]; @@ -439,7 +450,9 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_he TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_hex_90_9F) { // prepare buf to decode - encoded 0x90-0x9F - uint8_t buf[47] = {0xAE, 0xFF, 0xFF, 0xEC, 0xFF, 0xFF, 0xED, 0xFF, 0xFF, 0x5F, 0xFF, 0xFF, 0x07, 0xFF, 0xFF, 0x77, 0xFF, 0xFE, 0x1F, 0xFF, 0xFC, 0x5F, 0xFF, 0xF8, 0xFF, 0xFF, 0xF2, 0x7F, 0xFF, 0x73, 0xFF, 0xFD, 0x8F, 0xFF, 0xFC, 0xBF, 0xFF, 0xEC, 0xFF, 0xFF, 0xE6, 0xFF, 0xFF, 0xCF, 0xFF, 0xFF, 0xDF}; + uint8_t buf[47] = {0xAE, 0xFF, 0xFF, 0xEC, 0xFF, 0xFF, 0xED, 0xFF, 0xFF, 0x5F, 0xFF, 0xFF, 0x07, 0xFF, + 0xFF, 0x77, 0xFF, 0xFE, 0x1F, 0xFF, 0xFC, 0x5F, 0xFF, 0xF8, 0xFF, 0xFF, 0xF2, 0x7F, 0xFF, 0x73, 0xFF, + 0xFD, 0x8F, 0xFF, 0xFC, 0xBF, 0xFF, 0xEC, 0xFF, 0xFF, 0xE6, 0xFF, 0xFF, 0xCF, 0xFF, 0xFF, 0xDF}; // decode uint32_t bytes_processed = 0, bytes_written = 0; @@ -455,7 +468,9 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_he TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_hex_A0_AF) { // prepare buf to decode - encoded 0xA0-0xAF - uint8_t buf[46] = {0xAD, 0xFF, 0xFF, 0x6B, 0xFF, 0xFB, 0xBF, 0xFF, 0xD3, 0xFF, 0xFE, 0xDF, 0xFF, 0xFB, 0x9F, 0xFF, 0xFA, 0x3F, 0xFF, 0xF4, 0xFF, 0xFF, 0x7B, 0xFF, 0xFF, 0x57, 0xFF, 0xFB, 0xBF, 0xFF, 0xEF, 0x7F, 0xFF, 0xF8, 0x7F, 0xFF, 0x7F, 0xFF, 0xFD, 0xFF, 0xFF, 0xFD, 0x7F, 0xFF, 0xFB, 0x3F}; + uint8_t buf[46] = {0xAD, 0xFF, 0xFF, 0x6B, 0xFF, 0xFB, 0xBF, 0xFF, 0xD3, 0xFF, 0xFE, 0xDF, 0xFF, 0xFB, + 0x9F, 0xFF, 0xFA, 0x3F, 0xFF, 0xF4, 0xFF, 0xFF, 0x7B, 0xFF, 0xFF, 0x57, 0xFF, 0xFB, 0xBF, 0xFF, 0xEF, + 0x7F, 0xFF, 0xF8, 0x7F, 0xFF, 0x7F, 0xFF, 0xFD, 0xFF, 0xFF, 0xFD, 0x7F, 0xFF, 0xFB, 0x3F}; // decode uint32_t bytes_processed = 0, bytes_written = 0; @@ -472,7 +487,9 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_he TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_hex_B0_BF) { // prepare buf to decode - encoded 0xB0-0xBF - uint8_t buf[45] = {0xAC, 0xFF, 0xFF, 0x07, 0xFF, 0xF8, 0x7F, 0xFF, 0xE0, 0xFF, 0xFF, 0x17, 0xFF, 0xFE, 0xDF, 0xFF, 0xF8, 0x7F, 0xFF, 0xF7, 0x7F, 0xFF, 0xEF, 0xFF, 0xFE, 0xAF, 0xFF, 0xF8, 0xBF, 0xFF, 0xE3, 0xFF, 0xFF, 0x93, 0xFF, 0xFF, 0x87, 0xFF, 0xFC, 0xBF, 0xFF, 0xF3, 0x7F, 0xFF, 0xF1}; + uint8_t buf[45] = {0xAC, 0xFF, 0xFF, 0x07, 0xFF, 0xF8, 0x7F, 0xFF, 0xE0, 0xFF, 0xFF, 0x17, 0xFF, 0xFE, + 0xDF, 0xFF, 0xF8, 0x7F, 0xFF, 0xF7, 0x7F, 0xFF, 0xEF, 0xFF, 0xFE, 0xAF, 0xFF, 0xF8, 0xBF, 0xFF, 0xE3, + 0xFF, 0xFF, 0x93, 0xFF, 0xFF, 0x87, 0xFF, 0xFC, 0xBF, 0xFF, 0xF3, 0x7F, 0xFF, 0xF1}; // decode uint32_t bytes_processed = 0, bytes_written = 0; @@ -489,7 +506,10 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_he TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_hex_C0_CF) { // prepare buf to decode - encoded 0xC0-0xCF - uint8_t buf[50] = {0xB1, 0xFF, 0xFF, 0xF8, 0x3F, 0xFF, 0xFE, 0x1F, 0xFF, 0xEB, 0xFF, 0xFE, 0x3F, 0xFF, 0xF3, 0xFF, 0xFF, 0xF2, 0xFF, 0xFF, 0xA3, 0xFF, 0xFF, 0xD9, 0xFF, 0xFF, 0xF1, 0x7F, 0xFF, 0xFC, 0x7F, 0xFF, 0xFF, 0x27, 0xFF, 0xFF, 0xDE, 0xFF, 0xFF, 0xFB, 0xFF, 0xFF, 0xFF, 0x2F, 0xFF, 0xFF, 0x8F, 0xFF, 0xFF, 0xB7}; + uint8_t buf[50] = {0xB1, 0xFF, 0xFF, 0xF8, 0x3F, 0xFF, 0xFE, 0x1F, 0xFF, 0xEB, 0xFF, 0xFE, 0x3F, 0xFF, + 0xF3, 0xFF, 0xFF, 0xF2, 0xFF, 0xFF, 0xA3, 0xFF, 0xFF, 0xD9, 0xFF, 0xFF, 0xF1, 0x7F, 0xFF, 0xFC, 0x7F, + 0xFF, 0xFF, 0x27, 0xFF, 0xFF, 0xDE, 0xFF, 0xFF, 0xFB, 0xFF, 0xFF, 0xFF, 0x2F, 0xFF, 0xFF, 0x8F, 0xFF, + 0xFF, 0xB7}; // decode uint32_t bytes_processed = 0, bytes_written = 0; @@ -506,7 +526,10 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_he TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_hex_D0_DF) { // prepare buf to decode - encoded 0xD0-0xDF - uint8_t buf[51] = {0xB2, 0xFF, 0xFE, 0x5F, 0xFF, 0xE3, 0xFF, 0xFF, 0xF9, 0xBF, 0xFF, 0xFF, 0x07, 0xFF, 0xFF, 0xE1, 0xFF, 0xFF, 0xF9, 0xFF, 0xFF, 0xFF, 0x17, 0xFF, 0xFF, 0x97, 0xFF, 0xF9, 0x3F, 0xFF, 0xCB, 0xFF, 0xFF, 0xF4, 0x7F, 0xFF, 0xFD, 0x3F, 0xFF, 0xFF, 0xFB, 0xFF, 0xFF, 0xF8, 0xFF, 0xFF, 0xFF, 0x27, 0xFF, 0xFF, 0xE5}; + uint8_t buf[51] = {0xB2, 0xFF, 0xFE, 0x5F, 0xFF, 0xE3, 0xFF, 0xFF, 0xF9, 0xBF, 0xFF, 0xFF, 0x07, 0xFF, + 0xFF, 0xE1, 0xFF, 0xFF, 0xF9, 0xFF, 0xFF, 0xFF, 0x17, 0xFF, 0xFF, 0x97, 0xFF, 0xF9, 0x3F, 0xFF, 0xCB, + 0xFF, 0xFF, 0xF4, 0x7F, 0xFF, 0xFD, 0x3F, 0xFF, 0xFF, 0xFB, 0xFF, 0xFF, 0xF8, 0xFF, 0xFF, 0xFF, 0x27, + 0xFF, 0xFF, 0xE5}; // decode uint32_t bytes_processed = 0, bytes_written = 0; @@ -523,7 +546,9 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_he TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_hex_E0_EF) { // prepare buf to decode - encoded 0xE0-0xEF - uint8_t buf[47] = {0xAE, 0xFF, 0xFE, 0xCF, 0xFF, 0xFF, 0x3F, 0xFF, 0xED, 0xFF, 0xFF, 0x37, 0xFF, 0xFD, 0x3F, 0xFF, 0xE7, 0xFF, 0xFF, 0x47, 0xFF, 0xFF, 0x3F, 0xFF, 0xFA, 0xBF, 0xFF, 0xEB, 0xFF, 0xFF, 0xF7, 0x7F, 0xFF, 0xFB, 0xFF, 0xFF, 0xFD, 0x3F, 0xFF, 0xFD, 0x7F, 0xFF, 0xFE, 0xAF, 0xFF, 0xFE, 0x9F}; + uint8_t buf[47] = {0xAE, 0xFF, 0xFE, 0xCF, 0xFF, 0xFF, 0x3F, 0xFF, 0xED, 0xFF, 0xFF, 0x37, 0xFF, 0xFD, + 0x3F, 0xFF, 0xE7, 0xFF, 0xFF, 0x47, 0xFF, 0xFF, 0x3F, 0xFF, 0xFA, 0xBF, 0xFF, 0xEB, 0xFF, 0xFF, 0xF7, + 0x7F, 0xFF, 0xFB, 0xFF, 0xFF, 0xFD, 0x3F, 0xFF, 0xFD, 0x7F, 0xFF, 0xFE, 0xAF, 0xFF, 0xFE, 0x9F}; // decode uint32_t bytes_processed = 0, bytes_written = 0; @@ -540,7 +565,10 @@ TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_he TEST(http2_hpack_string_decode_success, huffman_decoding_all_possible_symbols_hex_F0_FF) { // prepare buf to decode - encoded 0xF0-0xFF - uint8_t buf[55] = {0xB6, 0xFF, 0xFF, 0xFA, 0xFF, 0xFF, 0xFF, 0x37, 0xFF, 0xFF, 0xD9, 0xFF, 0xFF, 0xF6, 0xFF, 0xFF, 0xFE, 0x7F, 0xFF, 0xFF, 0xD1, 0xFF, 0xFF, 0xFA, 0x7F, 0xFF, 0xFF, 0x57, 0xFF, 0xFF, 0xEB, 0xFF, 0xFF, 0xFF, 0xEF, 0xFF, 0xFF, 0xD9, 0xFF, 0xFF, 0xFB, 0x7F, 0xFF, 0xFF, 0x77, 0xFF, 0xFF, 0xEF, 0xFF, 0xFF, 0xFE, 0x1F, 0xFF, 0xFF, 0x77}; + uint8_t buf[55] = {0xB6, 0xFF, 0xFF, 0xFA, 0xFF, 0xFF, 0xFF, 0x37, 0xFF, 0xFF, 0xD9, 0xFF, 0xFF, 0xF6, + 0xFF, 0xFF, 0xFE, 0x7F, 0xFF, 0xFF, 0xD1, 0xFF, 0xFF, 0xFA, 0x7F, 0xFF, 0xFF, 0x57, 0xFF, 0xFF, 0xEB, + 0xFF, 0xFF, 0xFF, 0xEF, 0xFF, 0xFF, 0xD9, 0xFF, 0xFF, 0xFB, 0x7F, 0xFF, 0xFF, 0x77, 0xFF, 0xFF, 0xEF, + 0xFF, 0xFF, 0xFE, 0x1F, 0xFF, 0xFF, 0x77}; // decode uint32_t bytes_processed = 0, bytes_written = 0; diff --git a/src/service_inspectors/http_inspect/http_inspect.cc b/src/service_inspectors/http_inspect/http_inspect.cc index ef1df958c..71d2946f9 100644 --- a/src/service_inspectors/http_inspect/http_inspect.cc +++ b/src/service_inspectors/http_inspect/http_inspect.cc @@ -471,7 +471,7 @@ void HttpInspect::clear(Packet* p) const SourceId source_id = current_section->get_source_id(); //FIXIT-M This check may not apply to the transaction attached to the packet - //in case of offload. + //in case of offload. if (session_data->detection_status[source_id] == DET_DEACTIVATING) { if (source_id == SRC_CLIENT) diff --git a/src/service_inspectors/http_inspect/http_msg_request.h b/src/service_inspectors/http_inspect/http_msg_request.h index 9f8a432b9..d5bdd1448 100644 --- a/src/service_inspectors/http_inspect/http_msg_request.h +++ b/src/service_inspectors/http_inspect/http_msg_request.h @@ -47,7 +47,7 @@ public: static bool is_webdav(HttpEnums::MethodId method) { - if(method > HttpEnums::MethodId::METH__WEBDAV_LOW and + if(method > HttpEnums::MethodId::METH__WEBDAV_LOW and method < HttpEnums::MethodId::METH__WEBDAV_HIGH) { return true; diff --git a/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc b/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc index 5cc775191..6b1880de8 100644 --- a/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc +++ b/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc @@ -311,10 +311,10 @@ const StreamBuffer HttpStreamSplitter::reassemble(Flow* flow, unsigned total, else { #ifdef REG_TEST - // FIXIT-M: known case: if session clears w/o a flush point, - // stream_tcp will flush to paf max which could be well below what - // has been scanned so far. since no flush point was specified, - // NHI should just deal with what it gets. + // FIXIT-M: known case: if session clears w/o a flush point, + // stream_tcp will flush to paf max which could be well below what + // has been scanned so far. since no flush point was specified, + // NHI should just deal with what it gets. //assert(false); #endif return http_buf; diff --git a/src/service_inspectors/pop/pop.h b/src/service_inspectors/pop/pop.h index d69655a26..1d92440d2 100644 --- a/src/service_inspectors/pop/pop.h +++ b/src/service_inspectors/pop/pop.h @@ -32,7 +32,7 @@ #define POP_PKT_FROM_CLIENT 1 #define POP_PKT_FROM_SERVER 2 -#define STATE_DATA 0 // Data state +#define STATE_DATA 0 // Data state #define STATE_TLS_CLIENT_PEND 1 // Got STARTTLS #define STATE_TLS_SERVER_PEND 2 // Got STARTTLS #define STATE_TLS_DATA 3 // Successful handshake, TLS encrypted data diff --git a/src/service_inspectors/sip/ips_sip_method.cc b/src/service_inspectors/sip/ips_sip_method.cc index f68a2bea1..ff50b3e41 100644 --- a/src/service_inspectors/sip/ips_sip_method.cc +++ b/src/service_inspectors/sip/ips_sip_method.cc @@ -127,7 +127,7 @@ IpsOption::EvalStatus SipMethodOption::eval(Cursor&, Packet* p) std::transform(method.begin(), method.end(), method.begin(), ::toupper); bool negated = methods.begin()->second; - bool match = methods.find(method) != methods.cend(); + bool match = methods.find(method) != methods.cend(); if ( negated ^ match ) return MATCH; diff --git a/src/service_inspectors/sip/sip_dialog.cc b/src/service_inspectors/sip/sip_dialog.cc index 25fb5180e..15aecb6b3 100644 --- a/src/service_inspectors/sip/sip_dialog.cc +++ b/src/service_inspectors/sip/sip_dialog.cc @@ -464,7 +464,7 @@ static void SIP_updateMedias(SIP_MediaSession* mSession, SIP_MediaList* dList) if (nullptr == mSession) return; - + mSession->savedFlag = SIP_SESSION_SAVED; // Find out the media session based on session id currSession = *dList; @@ -472,7 +472,7 @@ static void SIP_updateMedias(SIP_MediaSession* mSession, SIP_MediaList* dList) { if (currSession->sessionID == mSession->sessionID) break; - + preSession = currSession; currSession = currSession->nextS; } @@ -621,7 +621,7 @@ int SIP_updateDialog(SIPMsg* sipMsg, SIP_DialogList* dList, Packet* p, SIP_PROTO { if (sipMsg->dlgID.callIdHash == dialog->dlgID.callIdHash) break; - + oldDialog = dialog; dialog = dialog->nextD; } diff --git a/src/service_inspectors/sip/test/sip_splitter_scan_test.cc b/src/service_inspectors/sip/test/sip_splitter_scan_test.cc index 3fb0d127c..d6752f149 100644 --- a/src/service_inspectors/sip/test/sip_splitter_scan_test.cc +++ b/src/service_inspectors/sip/test/sip_splitter_scan_test.cc @@ -107,7 +107,7 @@ TEST(sip_splitter_scan_test, scan_search_body_test) CHECK_EQUAL(ret, StreamSplitter::SEARCH); CHECK_EQUAL(ssut.splitter_get_paf_state(), SIP_PAF_FLUSH_STATE); CHECK_EQUAL(fp, 0); - + ssut.splitter_reset_states(); ssut.splitter_set_paf_state(SIP_PAF_BODY_SEARCH); @@ -129,7 +129,7 @@ TEST(sip_splitter_scan_test, scan_flush_test) CHECK_EQUAL(ret, StreamSplitter::FLUSH); CHECK_TRUE(ssut.is_init()); CHECK_EQUAL(fp, 7); - + ssut.splitter_reset_states(); // Whole Sip body is not in one buffer fp = 0; diff --git a/src/service_inspectors/sip/test/sip_splitter_test.cc b/src/service_inspectors/sip/test/sip_splitter_test.cc index 592cc80c2..89d797462 100644 --- a/src/service_inspectors/sip/test/sip_splitter_test.cc +++ b/src/service_inspectors/sip/test/sip_splitter_test.cc @@ -108,7 +108,7 @@ TEST(sip_splitter_test, get_length_overflow_test) } TEST(sip_splitter_test, get_length_finish_test) -{ +{ for(auto ch : spaces) { ssut.splitter_set_content_length(201); @@ -123,7 +123,7 @@ TEST(sip_splitter_test, process_command_skip_leading_spaces_test) for(auto ch : spaces) { ssut.splitter_process_command(ch); - CHECK_TRUE(ssut.is_init()); + CHECK_TRUE(ssut.is_init()); } } @@ -137,7 +137,6 @@ TEST(sip_splitter_test, process_command_set_next_test) ssut.splitter_process_command('l'); CHECK_EQUAL(*ssut.splitter_get_next_letter(), '\0'); - ssut.splitter_reset_states(); for(int i = 0; content_len_key[i] != '\0'; i++) { ssut.splitter_process_command(content_len_key[i]); @@ -148,7 +147,7 @@ TEST(sip_splitter_test, process_command_set_next_test) TEST(sip_splitter_test, process_command_invalid_input_test) { ssut.splitter_process_command('O'); - CHECK_TRUE(ssut.is_init()); + CHECK_TRUE(ssut.is_init()); } TEST(sip_splitter_test, process_command_len_convert_test) @@ -164,7 +163,7 @@ TEST(sip_splitter_test, process_command_skip_blanks_len_convert_test) for(auto ch : blanks) { ssut.splitter_process_command(ch); - CHECK_FALSE(ssut.is_init()); + CHECK_FALSE(ssut.is_init()); } } @@ -172,7 +171,7 @@ TEST(sip_splitter_test, process_command_invalid_blanks_len_convert_test) { ssut.splitter_set_next_letter_last(); ssut.splitter_process_command('\r'); - CHECK_TRUE(ssut.is_init()); + CHECK_TRUE(ssut.is_init()); } int main(int argc, char** argv) diff --git a/src/service_inspectors/sip/test/sip_splitter_test.h b/src/service_inspectors/sip/test/sip_splitter_test.h index c94cf8d78..076b047e2 100644 --- a/src/service_inspectors/sip/test/sip_splitter_test.h +++ b/src/service_inspectors/sip/test/sip_splitter_test.h @@ -45,22 +45,22 @@ public: SipSplitterUT(const SipSplitter& ss) : ss(ss) { }; bool splitter_is_paf() - { + { return ss.is_paf(); } void splitter_reset_states() - { + { ss.reset_states(); } SipPafStates splitter_get_paf_state() - { - return ss.paf_state; + { + return ss.paf_state; } SipPafBodyStatus splitter_get_body_state() - { + { return ss.body_state; } diff --git a/src/service_inspectors/smtp/smtp.h b/src/service_inspectors/smtp/smtp.h index 6cb928993..39b29fc68 100644 --- a/src/service_inspectors/smtp/smtp.h +++ b/src/service_inspectors/smtp/smtp.h @@ -50,7 +50,7 @@ #define STATE_BDATA 3 // Binary data state #define STATE_TLS_CLIENT_PEND 4 // Got STARTTLS #define STATE_TLS_SERVER_PEND 5 // Got STARTTLS -#define STATE_TLS_DATA 6 // Successful handshake, TLS encrypted data +#define STATE_TLS_DATA 6 // Successful handshake, TLS encrypted data #define STATE_AUTH 7 #define STATE_XEXCH50 8 #define STATE_UNKNOWN 9 @@ -143,15 +143,15 @@ class SmtpMime : public snort::MimeSession public: using snort::MimeSession::MimeSession; SMTP_PROTO_CONF* config; -#ifndef UNIT_TEST +#ifndef UNIT_TEST private: -#endif +#endif int handle_header_line(const uint8_t* ptr, const uint8_t* eol, int max_header_len, snort::Packet* p) override; int normalize_data(const uint8_t* ptr, const uint8_t* data_end, snort::Packet* p) override; #ifdef UNIT_TEST private: -#endif +#endif void decode_alert() override; void decompress_alert() override; void reset_state(snort::Flow* ssn) override; diff --git a/src/service_inspectors/smtp/smtp_config.h b/src/service_inspectors/smtp/smtp_config.h index 3a0d16320..8c8c269e7 100644 --- a/src/service_inspectors/smtp/smtp_config.h +++ b/src/service_inspectors/smtp/smtp_config.h @@ -102,7 +102,7 @@ enum SMTPCmdTypeEnum struct SMTPCmdConfig { bool alert; - bool normalize; // 1 if we should normalize this command + bool normalize; // 1 if we should normalize this command int max_line_len; // Max length of this particular command }; diff --git a/src/service_inspectors/ssh/ssh.cc b/src/service_inspectors/ssh/ssh.cc index d6d0daa61..bd8907dcf 100644 --- a/src/service_inspectors/ssh/ssh.cc +++ b/src/service_inspectors/ssh/ssh.cc @@ -205,7 +205,7 @@ static void snort_ssh(SSH_PROTO_CONF* config, Packet* p) { offset = ProcessSSHProtocolVersionExchange(config, sessp, p, direction); if (!offset) - // Error processing protovers exchange msg + // Error processing protovers exchange msg return; // found protocol version. @@ -357,11 +357,11 @@ static unsigned int ProcessSSHProtocolVersionExchange(SSH_PROTO_CONF* config, SS } else { - /* unknown version */ + /* unknown version */ sessionp->version = SSH_VERSION_UNKNOWN; DetectionEngine::queue_event(GID_SSH, SSH_EVENT_VERSION); - + return 0; } diff --git a/src/service_inspectors/ssl/ssl_splitter.cc b/src/service_inspectors/ssl/ssl_splitter.cc index 340299956..c3aceb0e5 100644 --- a/src/service_inspectors/ssl/ssl_splitter.cc +++ b/src/service_inspectors/ssl/ssl_splitter.cc @@ -58,7 +58,7 @@ StreamSplitter::Status SslSplitter::scan( is_sslv2 = true; paf_state = SSL_PAF_STATES_LEN2_V2; } - else + else { // unknown if (last_fp > 0) diff --git a/src/service_inspectors/ssl/ssl_splitter.h b/src/service_inspectors/ssl/ssl_splitter.h index 5c8e09e5a..f0b1efc80 100644 --- a/src/service_inspectors/ssl/ssl_splitter.h +++ b/src/service_inspectors/ssl/ssl_splitter.h @@ -23,8 +23,8 @@ // Protocol aware flushing for SSL // TLSPlaintext records are flushed when end-of-record meets end-of segment -// The splitter supports both sslv2 and sslv3 record format, -// it starts by checking the first byte, if it is a valid sslv3 content type, +// The splitter supports both sslv2 and sslv3 record format, +// it starts by checking the first byte, if it is a valid sslv3 content type, // mark the session as sslv3; else if the MSB bit was set, marks it as sslv2, // if this bit is not set, yet the session was marked sslv2 from prior detection, // continue as sslv2 @@ -41,7 +41,7 @@ enum SslPafStates SSL_PAF_STATES_LEN2, // length byte-1 SSL_PAF_STATES_DATA, // fragment SSL_PAF_STATES_LEN2_V2, // sslv2, length byte-1 - SSL_PAF_STATES_PAD_V2, // sslv2, padding byte if needed + SSL_PAF_STATES_PAD_V2, // sslv2, padding byte if needed }; class SslSplitter : public snort::StreamSplitter diff --git a/src/sfip/sf_vartable.cc b/src/sfip/sf_vartable.cc index bac6498b0..9dfbfb246 100644 --- a/src/sfip/sf_vartable.cc +++ b/src/sfip/sf_vartable.cc @@ -293,7 +293,7 @@ SfIpRet sfvt_add_str(vartable_t* table, const char* str, sfip_var_t** ipret) /* Adds the variable described by "src" to the variable "dst", * using the vartable for looking variables used within "src". - * If vartable is null variables are not supported. + * If vartable is null variables are not supported. */ SfIpRet sfvt_add_to_var(vartable_t* table, sfip_var_t* dst, const char* src) { diff --git a/src/stream/base/stream_base.cc b/src/stream/base/stream_base.cc index 7bc89e193..eda0ef0f5 100644 --- a/src/stream/base/stream_base.cc +++ b/src/stream/base/stream_base.cc @@ -191,7 +191,7 @@ void StreamBase::tinit() if ( config.flow_cache_cfg.max_flows > 0 ) flow_con->init_exp(config.flow_cache_cfg.max_flows); - + FlushBucket::set(config.footprint); } @@ -270,7 +270,7 @@ void StreamBase::eval(Packet* p) case PktType::MAX: break; - }; + } } //------------------------------------------------------------------------- diff --git a/src/stream/base/stream_module.cc b/src/stream/base/stream_module.cc index fc0d0f7d5..5f7e48707 100644 --- a/src/stream/base/stream_module.cc +++ b/src/stream/base/stream_module.cc @@ -198,22 +198,22 @@ void StreamModule::reset_stats() // Stream handler to adjust allocated resources as needed on a config reload bool StreamReloadResourceManager::initialize(const StreamModuleConfig& config_) { - // FIXIT-L - saving config here to check footprint change is a bit of a hack, - if ( Snort::is_reloading() ) - { - if ( config.footprint != config_.footprint ) - { + // FIXIT-L - saving config here to check footprint change is a bit of a hack, + if ( Snort::is_reloading() ) + { + if ( config.footprint != config_.footprint ) + { // FIXIT-M - reinit FlushBucket... ReloadError("Changing of stream.footprint requires a restart\n"); return false; - } + } - config = config_; - return true; - } + config = config_; + return true; + } - config = config_; - return false; + config = config_; + return false; } bool StreamReloadResourceManager::tinit() @@ -250,17 +250,17 @@ bool StreamReloadResourceManager::tune_idle_context() bool StreamReloadResourceManager::tune_resources(unsigned work_limit) { - // we are done if new max is > currently allocated flow objects - if ( flow_con->get_flows_allocated() <= config.flow_cache_cfg.max_flows ) - return true; - - unsigned flows_to_delete = - flow_con->get_flows_allocated() - config.flow_cache_cfg.max_flows; - if ( flows_to_delete > work_limit ) - flows_to_delete -= flow_con->delete_flows(work_limit); - else - flows_to_delete -= flow_con->delete_flows(flows_to_delete); - - return ( flows_to_delete ) ? false : true; + // we are done if new max is > currently allocated flow objects + if ( flow_con->get_flows_allocated() <= config.flow_cache_cfg.max_flows ) + return true; + + unsigned flows_to_delete = + flow_con->get_flows_allocated() - config.flow_cache_cfg.max_flows; + if ( flows_to_delete > work_limit ) + flows_to_delete -= flow_con->delete_flows(work_limit); + else + flows_to_delete -= flow_con->delete_flows(flows_to_delete); + + return ( flows_to_delete ) ? false : true; } diff --git a/src/stream/base/stream_module.h b/src/stream/base/stream_module.h index ab8a366a7..2faf966e2 100644 --- a/src/stream/base/stream_module.h +++ b/src/stream/base/stream_module.h @@ -80,7 +80,7 @@ struct StreamModuleConfig class StreamReloadResourceManager : public snort::ReloadResourceTuner { public: - StreamReloadResourceManager() {} + StreamReloadResourceManager() {} bool tinit() override; bool tune_packet_context() override; diff --git a/src/stream/file/file_session.cc b/src/stream/file/file_session.cc index c096feb7c..35fd0cba3 100644 --- a/src/stream/file/file_session.cc +++ b/src/stream/file/file_session.cc @@ -43,7 +43,7 @@ static THREAD_LOCAL ProfileStats file_ssn_stats; // FileSession methods //------------------------------------------------------------------------- -FileSession::FileSession(Flow* flow) : Session(flow) +FileSession::FileSession(Flow* f) : Session(f) { memory::MemoryCap::update_allocations(sizeof(*this)); } FileSession::~FileSession() diff --git a/src/stream/icmp/icmp_session.cc b/src/stream/icmp/icmp_session.cc index 48d3d5a86..887f8e474 100644 --- a/src/stream/icmp/icmp_session.cc +++ b/src/stream/icmp/icmp_session.cc @@ -177,7 +177,7 @@ static int ProcessIcmpUnreach(Packet* p) // IcmpSession methods //------------------------------------------------------------------------- -IcmpSession::IcmpSession(Flow* flow) : Session(flow) +IcmpSession::IcmpSession(Flow* f) : Session(f) { memory::MemoryCap::update_allocations(sizeof(*this)); } IcmpSession::~IcmpSession() @@ -189,8 +189,8 @@ bool IcmpSession::setup(Packet*) ssn_time.tv_sec = 0; ssn_time.tv_usec = 0; flow->ssn_state.session_flags |= SSNFLAG_SEEN_SENDER; - SESSION_STATS_ADD(icmpStats); - + SESSION_STATS_ADD(icmpStats) + StreamIcmpConfig* pc = get_icmp_cfg(flow->ssn_server); flow->set_default_session_timeout(pc->session_timeout, false); @@ -206,7 +206,7 @@ void IcmpSession::clear() int IcmpSession::process(Packet* p) { int status; - + flow->set_expire(p, flow->default_session_timeout); if (!(flow->ssn_state.session_flags & SSNFLAG_ESTABLISHED) and !(p->is_from_client())) diff --git a/src/stream/ip/ip_session.cc b/src/stream/ip/ip_session.cc index abe35a574..9389a28c8 100644 --- a/src/stream/ip/ip_session.cc +++ b/src/stream/ip/ip_session.cc @@ -128,7 +128,7 @@ static inline void update_session(Packet* p, Flow* lws) // IpSession methods //------------------------------------------------------------------------- -IpSession::IpSession(Flow* flow) : Session(flow) +IpSession::IpSession(Flow* f) : Session(f) { memory::MemoryCap::update_allocations(sizeof(*this)); } IpSession::~IpSession() @@ -149,7 +149,7 @@ void IpSession::clear() bool IpSession::setup(Packet* p) { - SESSION_STATS_ADD(ip_stats); + SESSION_STATS_ADD(ip_stats) memset(&tracker, 0, sizeof(tracker)); StreamIpConfig* pc = get_ip_cfg(flow->ssn_server); diff --git a/src/stream/stream.cc b/src/stream/stream.cc index 9926ed7aa..e2ebc67e1 100644 --- a/src/stream/stream.cc +++ b/src/stream/stream.cc @@ -158,7 +158,7 @@ void Stream::check_flow_closed(Packet* p) if (flow->session_state & STREAM_STATE_CLOSED) { assert(flow_con); - + // this will get called on each onload // eventually all onloads will occur and delete will be called if ( not flow->is_suspended() ) @@ -214,8 +214,8 @@ void Stream::stop_inspection( assert(flow && flow->session); trace_logf(stream, "stop inspection on flow, dir %s \n", - dir == SSN_DIR_BOTH ? "BOTH": - ((dir == SSN_DIR_FROM_CLIENT) ? "FROM_CLIENT" : "FROM_SERVER")); + dir == SSN_DIR_BOTH ? "BOTH" : + ((dir == SSN_DIR_FROM_CLIENT) ? "FROM_CLIENT" : "FROM_SERVER")); switch (dir) { diff --git a/src/stream/tcp/ips_stream_size.cc b/src/stream/tcp/ips_stream_size.cc index c6d3ac65e..5ec433851 100644 --- a/src/stream/tcp/ips_stream_size.cc +++ b/src/stream/tcp/ips_stream_size.cc @@ -210,7 +210,7 @@ bool SizeModule::set(const char*, Value& v, SnortConfig*) else return false; - + return true; } diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc index 682a3937e..9fc12f666 100644 --- a/src/stream/tcp/tcp_session.cc +++ b/src/stream/tcp/tcp_session.cc @@ -72,8 +72,7 @@ void TcpSession::sinit() void TcpSession::sterm() { TcpSegmentNode::clear(); } -TcpSession::TcpSession(Flow* flow) - : TcpStreamSession(flow) +TcpSession::TcpSession(Flow* f) : TcpStreamSession(f) { tsm = TcpStateMachine::get_instance(); splitter_init = false; @@ -99,7 +98,7 @@ bool TcpSession::setup(Packet* p) const TcpStreamConfig* cfg = get_tcp_cfg(flow->ssn_server); flow->set_default_session_timeout(cfg->session_timeout, false); - SESSION_STATS_ADD(tcpStats); + SESSION_STATS_ADD(tcpStats) tcpStats.setups++; return true; } diff --git a/src/stream/tcp/tcp_stream_session.cc b/src/stream/tcp/tcp_stream_session.cc index 820dfb5a0..b8787f8a7 100644 --- a/src/stream/tcp/tcp_stream_session.cc +++ b/src/stream/tcp/tcp_stream_session.cc @@ -54,7 +54,7 @@ void TcpStreamSession::init_new_tcp_session(TcpSegmentDescriptor& tsd) /* New session, previous was marked as reset. Clear the reset flag. */ flow->clear_session_flags(SSNFLAG_RESET); - flow->set_expire(tsd.get_pkt(), flow->default_session_timeout); + flow->set_expire(tsd.get_pkt(), flow->default_session_timeout); update_perf_base_state(TcpStreamTracker::TCP_SYN_SENT); diff --git a/src/stream/udp/udp_session.cc b/src/stream/udp/udp_session.cc index cb81e4064..f071a46a3 100644 --- a/src/stream/udp/udp_session.cc +++ b/src/stream/udp/udp_session.cc @@ -103,7 +103,7 @@ static int ProcessUdp( // UdpSession methods //------------------------------------------------------------------------- -UdpSession::UdpSession(Flow* flow) : Session(flow) +UdpSession::UdpSession(Flow* f) : Session(f) { memory::MemoryCap::update_allocations(sizeof(*this)); } UdpSession::~UdpSession() @@ -122,7 +122,7 @@ bool UdpSession::setup(Packet* p) StreamUdpConfig* pc = get_udp_cfg(flow->ssn_server); flow->set_default_session_timeout(pc->session_timeout, false); - SESSION_STATS_ADD(udpStats); + SESSION_STATS_ADD(udpStats) DataBus::publish(FLOW_STATE_EVENT, p); @@ -193,7 +193,7 @@ int UdpSession::process(Packet* p) ProcessUdp(flow, p, pc, nullptr); flow->markup_packet_flags(p); - + flow->set_expire(p, flow->default_session_timeout); return 0; diff --git a/src/stream/user/user_session.cc b/src/stream/user/user_session.cc index 96e432a0a..852d961c6 100644 --- a/src/stream/user/user_session.cc +++ b/src/stream/user/user_session.cc @@ -305,12 +305,12 @@ void UserTracker::add_data(Packet* p) // may need additional refactoring //------------------------------------------------------------------------- -void UserSession::start(Packet* p, Flow* flow) +void UserSession::start(Packet* p, Flow* f) { - Inspector* ins = flow->gadget; + Inspector* ins = f->gadget; if ( !ins ) - ins = flow->clouseau; + ins = f->clouseau; if ( ins ) { @@ -324,46 +324,46 @@ void UserSession::start(Packet* p, Flow* flow) } { - flow->pkt_type = p->type(); - flow->ip_proto = (uint8_t)p->get_ip_proto_next(); + f->pkt_type = p->type(); + f->ip_proto = (uint8_t)p->get_ip_proto_next(); - if (flow->ssn_state.session_flags & SSNFLAG_RESET) - flow->ssn_state.session_flags &= ~SSNFLAG_RESET; + if (f->ssn_state.session_flags & SSNFLAG_RESET) + f->ssn_state.session_flags &= ~SSNFLAG_RESET; - if ( (flow->ssn_state.session_flags & SSNFLAG_CLIENT_SWAP) && - !(flow->ssn_state.session_flags & SSNFLAG_CLIENT_SWAPPED) ) + if ( (f->ssn_state.session_flags & SSNFLAG_CLIENT_SWAP) && + !(f->ssn_state.session_flags & SSNFLAG_CLIENT_SWAPPED) ) { - SfIp ip = flow->client_ip; - uint16_t port = flow->client_port; + SfIp ip = f->client_ip; + uint16_t port = f->client_port; - flow->client_ip = flow->server_ip; - flow->server_ip = ip; + f->client_ip = f->server_ip; + f->server_ip = ip; - flow->client_port = flow->server_port; - flow->server_port = port; + f->client_port = f->server_port; + f->server_port = port; - if ( !flow->two_way_traffic() ) + if ( !f->two_way_traffic() ) { - if ( flow->ssn_state.session_flags & SSNFLAG_SEEN_CLIENT ) + if ( f->ssn_state.session_flags & SSNFLAG_SEEN_CLIENT ) { - flow->ssn_state.session_flags ^= SSNFLAG_SEEN_CLIENT; - flow->ssn_state.session_flags |= SSNFLAG_SEEN_SERVER; + f->ssn_state.session_flags ^= SSNFLAG_SEEN_CLIENT; + f->ssn_state.session_flags |= SSNFLAG_SEEN_SERVER; } - else if ( flow->ssn_state.session_flags & SSNFLAG_SEEN_SERVER ) + else if ( f->ssn_state.session_flags & SSNFLAG_SEEN_SERVER ) { - flow->ssn_state.session_flags ^= SSNFLAG_SEEN_SERVER; - flow->ssn_state.session_flags |= SSNFLAG_SEEN_CLIENT; + f->ssn_state.session_flags ^= SSNFLAG_SEEN_SERVER; + f->ssn_state.session_flags |= SSNFLAG_SEEN_CLIENT; } } - flow->ssn_state.session_flags |= SSNFLAG_CLIENT_SWAPPED; + f->ssn_state.session_flags |= SSNFLAG_CLIENT_SWAPPED; } #if 0 // FIXIT-M implement stream_user perf stats - //flow->set_expire(p, dstPolicy->session_timeout); + //f->set_expire(p, dstPolicy->session_timeout); // add user flavor to perf stats? AddStreamSession( - &sfBase, flow->session_state & STREAM_STATE_MIDSTREAM ? SSNFLAG_MIDSTREAM : 0); + &sfBase, f->session_state & STREAM_STATE_MIDSTREAM ? SSNFLAG_MIDSTREAM : 0); StreamUpdatePerfBaseState(&sfBase, tmp->flow, TCP_STATE_SYN_SENT); @@ -381,30 +381,30 @@ void UserSession::end(Packet*, Flow*) server.splitter = nullptr; } -void UserSession::update(Packet* p, Flow* flow) +void UserSession::update(Packet* p, Flow* f) { if ( p->ptrs.sp and p->ptrs.dp ) p->packet_flags |= PKT_STREAM_EST; else p->packet_flags |= PKT_STREAM_UNEST_UNI; - if ( !(flow->ssn_state.session_flags & SSNFLAG_ESTABLISHED) ) + if ( !(f->ssn_state.session_flags & SSNFLAG_ESTABLISHED) ) { if ( p->is_from_client() ) - flow->ssn_state.session_flags |= SSNFLAG_SEEN_CLIENT; + f->ssn_state.session_flags |= SSNFLAG_SEEN_CLIENT; else - flow->ssn_state.session_flags |= SSNFLAG_SEEN_SERVER; + f->ssn_state.session_flags |= SSNFLAG_SEEN_SERVER; - if ( (flow->ssn_state.session_flags & SSNFLAG_SEEN_CLIENT) && - (flow->ssn_state.session_flags & SSNFLAG_SEEN_SERVER) ) + if ( (f->ssn_state.session_flags & SSNFLAG_SEEN_CLIENT) && + (f->ssn_state.session_flags & SSNFLAG_SEEN_SERVER) ) { - flow->ssn_state.session_flags |= SSNFLAG_ESTABLISHED; + f->ssn_state.session_flags |= SSNFLAG_ESTABLISHED; - flow->set_ttl(p, false); + f->set_ttl(p, false); } } - flow->set_expire(p, flow->default_session_timeout); + f->set_expire(p, f->default_session_timeout); } void UserSession::restart(Packet* p) @@ -428,7 +428,7 @@ void UserSession::restart(Packet* p) // UserSession methods //------------------------------------------------------------------------- -UserSession::UserSession(Flow* flow) : Session(flow) +UserSession::UserSession(Flow* f) : Session(f) { memory::MemoryCap::update_allocations(sizeof(*this)); } UserSession::~UserSession() diff --git a/src/target_based/test/proto_ref_test.cc b/src/target_based/test/proto_ref_test.cc index 7e9a3e46c..ebf4ee2f9 100644 --- a/src/target_based/test/proto_ref_test.cc +++ b/src/target_based/test/proto_ref_test.cc @@ -86,7 +86,7 @@ TEST(protocol_reference, service_protocols) // * is_network_protocol() // * is_builtin_protocol() // * is_service_protocol() -TEST(protocol_reference, builtin_protocols) +TEST(protocol_reference, builtin_protocols) { ProtocolReference refs; diff --git a/src/utils/primed_allocator.h b/src/utils/primed_allocator.h index 4a0306aa5..67b8ef921 100644 --- a/src/utils/primed_allocator.h +++ b/src/utils/primed_allocator.h @@ -33,7 +33,7 @@ namespace snort template class PrimedAllocator { -public: +public: struct Node { Node* next; @@ -85,7 +85,7 @@ public: if ( !this->state->ref_count ) delete state; - + this->state = state; state->ref_count++; } @@ -103,7 +103,7 @@ public: } return reinterpret_cast(operator new(sizeof(T))); } - + void deallocate(pointer p, size_type) noexcept { Node* node = reinterpret_cast(p); diff --git a/src/utils/util.cc b/src/utils/util.cc index 1dd8c4792..8b6077d3e 100644 --- a/src/utils/util.cc +++ b/src/utils/util.cc @@ -485,7 +485,7 @@ std::string read_infile(const char* key, const char* fname) { ParseError("can't open file %s = %s: %s", key, fname, get_error(errno)); close(fd); - return ""; + return ""; } close(fd); return line; diff --git a/src/utils/util.h b/src/utils/util.h index abf302b6e..7d327c2e6 100644 --- a/src/utils/util.h +++ b/src/utils/util.h @@ -42,15 +42,6 @@ #define SECONDS_PER_HOUR 3600 /* number of seconds in a hour */ #define SECONDS_PER_MIN 60 /* number of seconds in a minute */ -#define COPY4(x, y) \ - x[0] = (y)[0]; (x)[1] = (y)[1]; (x)[2] = (y)[2]; (x)[3] = (y)[3]; - -#define COPY16(x,y) \ - x[0] = (y)[0]; (x)[1] = (y)[1]; (x)[2] = (y)[2]; (x)[3] = (y)[3]; \ - (x)[4] = (y)[4]; (x)[5] = (y)[5]; (x)[6] = (y)[6]; (x)[7] = (y)[7]; \ - (x)[8] = (y)[8]; (x)[9] = (y)[9]; (x)[10] = (y)[10]; (x)[11] = (y)[11]; \ - (x)[12] = (y)[12]; (x)[13] = (y)[13]; (x)[14] = (y)[14]; (x)[15] = (y)[15]; - void StoreSnortInfoStrings(); int DisplayBanner(); int gmt2local(time_t); @@ -68,6 +59,17 @@ void InitProtoNames(); void SetNoCores(); #endif +namespace +{ +inline void COPY4(uint32_t* dst, const uint32_t* src) +{ + dst[0] = src[0]; + dst[1] = src[1]; + dst[2] = src[2]; + dst[3] = src[3]; +} +} + inline void* snort_alloc(size_t sz) { return new uint8_t[sz]; } diff --git a/tools/snort2lua/data/data_types/dt_table.cc b/tools/snort2lua/data/data_types/dt_table.cc index 327cc87a0..98dcc40fa 100644 --- a/tools/snort2lua/data/data_types/dt_table.cc +++ b/tools/snort2lua/data/data_types/dt_table.cc @@ -264,7 +264,7 @@ std::ostream& operator<<(std::ostream& out, const Table& t) if ( !t.key.empty() ) out << "[\"" << t.key << "\"]"; - + out << (t.one_line ? " = " : " =\n"); } diff --git a/tools/snort2lua/data/data_types/dt_var.h b/tools/snort2lua/data/data_types/dt_var.h index e68888c3f..a26a265b4 100644 --- a/tools/snort2lua/data/data_types/dt_var.h +++ b/tools/snort2lua/data/data_types/dt_var.h @@ -36,7 +36,7 @@ public: std::string get_value(DataApi*); bool add_value(std::string); void set_value(const std::string&, bool quoted); - + void set_print_whitespace(bool w) { print_whitespace = w; } diff --git a/tools/snort2lua/data/dt_table_api.h b/tools/snort2lua/data/dt_table_api.h index 23c0ecae0..b717e9abc 100644 --- a/tools/snort2lua/data/dt_table_api.h +++ b/tools/snort2lua/data/dt_table_api.h @@ -150,7 +150,7 @@ private: template bool do_add_option(const std::string& opt_name, const T val, const std::string& s_val); - template + template void do_append_option(const std::string& opt_name, const T val, const std::string& s_val); void create_append_data(std::string& fqn, Table*& t); diff --git a/tools/snort2lua/helpers/parse_cmd_line.cc b/tools/snort2lua/helpers/parse_cmd_line.cc index 1d3e3ae60..d6d3250f0 100644 --- a/tools/snort2lua/helpers/parse_cmd_line.cc +++ b/tools/snort2lua/helpers/parse_cmd_line.cc @@ -255,7 +255,7 @@ static void bind_wizard(const char* /*key*/, const char* /*val*/) { Converter::set_bind_wizard(true); } static void bind_port(const char* /*key*/, const char* /*val*/) -{ +{ Converter::set_bind_port(true); Converter::set_bind_wizard(false); } diff --git a/tools/snort2lua/helpers/util_binder.cc b/tools/snort2lua/helpers/util_binder.cc index fa6806bed..b7f78695d 100644 --- a/tools/snort2lua/helpers/util_binder.cc +++ b/tools/snort2lua/helpers/util_binder.cc @@ -121,7 +121,7 @@ void Binder::add_to_configuration() case IT_NETWORK: opt_name = "network_policy"; break; - + default: // This should always be set explicitly if a file name exists. assert(false); @@ -250,27 +250,27 @@ bool operator<(const shared_ptr& left, const shared_ptr& right) } // By predetermined order - FIRST_IF_LT(left->get_priority(), right->get_priority()); + FIRST_IF_LT(left->get_priority(), right->get_priority()) // By priorities of options FIRST_IF_GT(left->has_ips_policy_id(), right->has_ips_policy_id()) - + auto left_zone_specs = left->has_src_zone() + left->has_dst_zone(); auto right_zone_specs = right->has_src_zone() + right->has_dst_zone(); - FIRST_IF_GT(left_zone_specs, right_zone_specs); + FIRST_IF_GT(left_zone_specs, right_zone_specs) FIRST_IF_GT(left->has_vlans(), right->has_vlans()) FIRST_IF_GT(left->has_service(), right->has_service()) auto left_net_specs = left->has_src_nets() + left->has_dst_nets(); auto right_net_specs = right->has_src_nets() + right->has_dst_nets(); - FIRST_IF_GT(left_net_specs, right_net_specs); + FIRST_IF_GT(left_net_specs, right_net_specs) FIRST_IF_GT(left->has_nets(), right->has_nets()) auto left_port_specs = left->has_src_ports() + left->has_dst_ports(); auto right_port_specs = right->has_src_ports() + right->has_dst_ports(); - FIRST_IF_GT(left_port_specs, right_port_specs); + FIRST_IF_GT(left_port_specs, right_port_specs) FIRST_IF_GT(left->has_ports(), right->has_ports()) FIRST_IF_GT(left->has_proto(), right->has_proto()) @@ -310,7 +310,7 @@ bool operator<(const shared_ptr& left, const shared_ptr& right) void print_binder_priorities() { - static unsigned const num_combos = 2 << 12; + static unsigned const num_combos = 2 << 12; vector> binders; TableApi t; diff --git a/tools/snort2lua/helpers/util_binder.h b/tools/snort2lua/helpers/util_binder.h index 73263eb8b..5778bd311 100644 --- a/tools/snort2lua/helpers/util_binder.h +++ b/tools/snort2lua/helpers/util_binder.h @@ -141,7 +141,7 @@ private: // by either the destructor or user unsigned priority = PRIORITY_LAST; - + int when_ips_policy_id = -1; std::string when_service; std::string when_role; @@ -155,7 +155,7 @@ private: std::vector dst_ports; std::vector when_src_zone; std::vector when_dst_zone; - std::vector zones; + std::vector zones; std::string use_type; std::string use_name; diff --git a/tools/snort2lua/keyword_states/kws_file.cc b/tools/snort2lua/keyword_states/kws_file.cc index 542f3af13..621085208 100644 --- a/tools/snort2lua/keyword_states/kws_file.cc +++ b/tools/snort2lua/keyword_states/kws_file.cc @@ -41,21 +41,21 @@ private: } // namespace static std::unordered_set string_keys = { - "category", - "msg", - "type", - "ver", - "group", + "category", + "msg", + "type", + "ver", + "group", }; static std::unordered_set int_keys = { - "id", - "rev", + "id", + "rev", }; static std::unordered_set content_keys = { - "content", - "offset", + "content", + "offset", }; bool File::convert(std::istringstream& data_stream) diff --git a/tools/snort2lua/preprocessor_states/pps_dns.cc b/tools/snort2lua/preprocessor_states/pps_dns.cc index 0a4f7ead3..5ec7532b8 100644 --- a/tools/snort2lua/preprocessor_states/pps_dns.cc +++ b/tools/snort2lua/preprocessor_states/pps_dns.cc @@ -102,7 +102,7 @@ bool Dns::convert(std::istringstream& data_stream) } } - if (!ports_set) + if (!ports_set) { tcp_bind.set_when_role("server"); tcp_bind.add_when_port("53"); diff --git a/tools/snort2lua/preprocessor_states/pps_imap.cc b/tools/snort2lua/preprocessor_states/pps_imap.cc index df48e1243..59ee864d2 100644 --- a/tools/snort2lua/preprocessor_states/pps_imap.cc +++ b/tools/snort2lua/preprocessor_states/pps_imap.cc @@ -104,7 +104,7 @@ bool Imap::convert(std::istringstream& data_stream) bind.set_when_proto("tcp"); while (data_stream >> keyword && keyword != "}") { - default_binding = false;; + default_binding = false; bind.add_when_port(keyword); } } diff --git a/tools/snort2lua/preprocessor_states/pps_nap_selector.cc b/tools/snort2lua/preprocessor_states/pps_nap_selector.cc index 138fbaa2f..95f5ddd49 100644 --- a/tools/snort2lua/preprocessor_states/pps_nap_selector.cc +++ b/tools/snort2lua/preprocessor_states/pps_nap_selector.cc @@ -58,21 +58,21 @@ public: std::string protocol; std::string ips_policy; - TRY_FIELD(action); // ignore since nap rules don't drop - TRY_FIELD(src_zone); - TRY_FIELD(src_net); + TRY_FIELD(action) // ignore since nap rules don't drop + TRY_FIELD(src_zone) + TRY_FIELD(src_net) if ( src_net != "any" ) - TRY_FIELD(src_netmask); + TRY_FIELD(src_netmask) - TRY_FIELD(src_port); - TRY_FIELD(dst_zone); - TRY_FIELD(dst_net); + TRY_FIELD(src_port) + TRY_FIELD(dst_zone) + TRY_FIELD(dst_net) if ( dst_net != "any" ) - TRY_FIELD(dst_netmask); + TRY_FIELD(dst_netmask) - TRY_FIELD(dst_port); - TRY_FIELD(vlan); - TRY_FIELD(protocol); + TRY_FIELD(dst_port) + TRY_FIELD(vlan) + TRY_FIELD(protocol) for ( std::string s; data_stream >> s; ips_policy += " " + s ); diff --git a/tools/snort2lua/preprocessor_states/pps_smtp.cc b/tools/snort2lua/preprocessor_states/pps_smtp.cc index 42d4ecf62..b6fd3abc5 100644 --- a/tools/snort2lua/preprocessor_states/pps_smtp.cc +++ b/tools/snort2lua/preprocessor_states/pps_smtp.cc @@ -312,7 +312,7 @@ bool Smtp::convert(std::istringstream& data_stream) bind.set_when_proto("tcp"); while (data_stream >> keyword && keyword != "}") { - default_binding = false; + default_binding = false; bind.add_when_port(keyword); } } diff --git a/tools/snort2lua/preprocessor_states/pps_stream5_global.cc b/tools/snort2lua/preprocessor_states/pps_stream5_global.cc index 276ea075e..fbe587cba 100644 --- a/tools/snort2lua/preprocessor_states/pps_stream5_global.cc +++ b/tools/snort2lua/preprocessor_states/pps_stream5_global.cc @@ -199,10 +199,10 @@ bool StreamGlobal::convert(std::istringstream& data_stream) } } if ( emit_max_flows ) - table_api.add_option("max_flows", tcp_max + udp_max + icmp_max + ip_max); + table_api.add_option("max_flows", tcp_max + udp_max + icmp_max + ip_max); if ( emit_pruning_timeout ) - table_api.add_option("pruning_timeout", INT_MAX == pruning_timeout ? 30 : pruning_timeout); + table_api.add_option("pruning_timeout", INT_MAX == pruning_timeout ? 30 : pruning_timeout); return retval; } diff --git a/tools/snort2lua/preprocessor_states/pps_stream5_ha.cc b/tools/snort2lua/preprocessor_states/pps_stream5_ha.cc index 4082296b9..5c77fc5a4 100644 --- a/tools/snort2lua/preprocessor_states/pps_stream5_ha.cc +++ b/tools/snort2lua/preprocessor_states/pps_stream5_ha.cc @@ -82,7 +82,7 @@ bool StreamHa::convert(std::istringstream& data_stream) if (!tmpval) { data_api.failed_conversion(data_stream, arg_stream.str()); - retval = false;; + retval = false; } } table_api.close_table(); // ha stream diff --git a/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc b/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc index 4e534107f..bc421366b 100644 --- a/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc +++ b/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc @@ -508,8 +508,8 @@ bool StreamTcp::convert(std::istringstream& data_stream) bind_default->print_binding(false); } - // Add the port bindings separately from the protocol bindings since - // in 2.9.x they are OR'd not AND'd. Clear the ports so they're not + // Add the port bindings separately from the protocol bindings since + // in 2.9.x they are OR'd not AND'd. Clear the ports so they're not // included with the protocol bindings. cv.make_binder(client); client.clear_ports(); diff --git a/tools/snort2lua/rule_states/rule_gid_sid.cc b/tools/snort2lua/rule_states/rule_gid_sid.cc index 951f5cbe1..6d1e9d1b5 100644 --- a/tools/snort2lua/rule_states/rule_gid_sid.cc +++ b/tools/snort2lua/rule_states/rule_gid_sid.cc @@ -107,7 +107,7 @@ bool Gid::convert(std::istringstream& data_stream) // Sid // -void Sid::convert_sid(std::string& sid, std::istringstream& data_stream, RuleApi& rule_api) +void Sid::convert_sid(std::string& sid, std::istringstream& data_stream, RuleApi& r_api) { int sid_num; try @@ -116,7 +116,7 @@ void Sid::convert_sid(std::string& sid, std::istringstream& data_stream, RuleApi } catch (...) { - rule_api.bad_rule(data_stream, "sid - invalid input, expecting int type"); + r_api.bad_rule(data_stream, "sid - invalid input, expecting int type"); return; } const int sid_offset = 100;