From: Kumar swamy Nagabhushana (kumhn) <kumhn@cisco.com>
Date: Wed, 27 Mar 2024 07:03:55 +0000 (+0000)
Subject: Pull request #4256: dce_smb: Fixing an ASAN memory corruption issue
X-Git-Tag: 3.1.84.0~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3554dadff1d8820d743e8bd49e6458688aeac048;p=thirdparty%2Fsnort3.git

Pull request #4256: dce_smb: Fixing an ASAN memory corruption issue

Merge in SNORT/snort3 from ~KUMHN/snort3:smb_asan_crash to master

Squashed commit of the following:

commit 3663fe8d9a6ca005062e195b2c5c3b25d10adbc6
Author: kumhn <kumhn@cisco.com>
Date:   Fri Mar 22 17:39:58 2024 +0530

    dce_smb: Fixing an ASAN memory corruption issue
---

diff --git a/src/service_inspectors/dce_rpc/dce_smb2.cc b/src/service_inspectors/dce_rpc/dce_smb2.cc
index 1b7f2ca33..b5981c504 100644
--- a/src/service_inspectors/dce_rpc/dce_smb2.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb2.cc
@@ -263,7 +263,15 @@ static inline bool DCE2_Smb2FindSidTid(DCE2_Smb2SsnData* ssd, const uint64_t sid
     const uint32_t tid, const uint32_t mid, DCE2_Smb2SessionTracker** str, DCE2_Smb2TreeTracker** ttr, bool
     lookup_cache = false)
 {
-    *str = DCE2_Smb2FindSidInSsd(ssd, sid).get();
+    if(lookup_cache)
+    {
+        auto key = get_key(sid);
+        *str = smb2_session_cache->find(key).get();
+    }
+    else
+    {
+        *str = DCE2_Smb2FindSidInSsd(ssd, sid).get();
+    }
     if (!*str)
     {
         if (lookup_cache)
@@ -403,7 +411,7 @@ static void DCE2_Smb2Inspect(DCE2_Smb2SsnData* ssd, const Smb2Hdr* smb_hdr,
     case SMB2_COM_TREE_CONNECT:
         dce2_smb_stats.v2_tree_cnct++;
         // This will always return session tracker
-        str = DCE2_Smb2FindElseCreateSid(ssd, sid);
+        str = DCE2_Smb2FindElseCreateSid(ssd, sid, true);
         if (str)
         {
             DCE2_Smb2TreeConnect(ssd, smb_hdr, smb_data, end, str, tid);