From: Russ Combs (rucombs) Date: Fri, 11 Sep 2020 11:34:30 +0000 (+0000) Subject: Merge pull request #2460 in SNORT/snort3 from ~RUCOMBS/snort3:b4rc to master X-Git-Tag: 3.0.2-6~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=391d92f426b303b088e5ac60d97306a52c684a9c;p=thirdparty%2Fsnort3.git Merge pull request #2460 in SNORT/snort3 from ~RUCOMBS/snort3:b4rc to master Squashed commit of the following: commit 178c3e27da00bd22f43c0b8938a66e87420accca Author: russ Date: Sat Sep 5 10:20:03 2020 -0400 build: fix minor cppcheck warnings commit 6fb3475f2cba53e0bb7c5da61f1116f0e2f58be9 Author: russ Date: Fri Sep 4 19:48:09 2020 -0400 byte_jump: fix jump relative to extracted length w/o relative offset Thanks to James Manger for reporting the problem. commit f201d1535a7cd71a574db9674bf8557a6cbeaacd Author: russ Date: Fri Sep 4 19:21:03 2020 -0400 IPS options: ensure all options use base class hash and compare methods commit fe5c4284fd53c4d257e0f19631cb3bbddd44ed89 Author: russ Date: Fri Sep 4 16:15:21 2020 -0400 snort: address fatal shutdown stability issues First: upon a fatal error, don't attempt to exit from other than the main thread to avoid hanging waiting on other threads. Second: don't attempt general clean up except for REG_TEST builds. This is attempted only to avoid voluminous leak sanitizer dumps. Clean exit if fraught with peril upon fatal and should not crash production builds. Third: explicilty stop file service in case the capture thread is running to avoid hanging on shutdown. TBD: eliminate unnecessary fatal conditions which should only exist from the main thread and only at startup. Runtime fatals must all be converted to graceful shutdowns to avoid leaking external resources. Also need a more general scheme for managing aux threads. commit 476a0e5d9b3b201de309a305855525b530137f36 Author: russ Date: Fri Sep 4 13:43:40 2020 -0400 http_method: make available for fast pattern with first body section commit 5a3fa3408b764b116839abe93c80ba3420977e9b Author: russ Date: Tue Sep 1 15:51:54 2020 -0400 mime: minor code cleanup commit 1a2cb474d3fedadbe35604f85d24ac890d5bb75a Author: russ Date: Tue Sep 1 15:36:25 2020 -0400 mime: fix off-by-1 error with filename and email id capture Thanks to Y M for reporting the issue. --- diff --git a/src/ips_options/ips_ack.cc b/src/ips_options/ips_ack.cc index 14e382481..fe2e950a1 100644 --- a/src/ips_options/ips_ack.cc +++ b/src/ips_options/ips_ack.cc @@ -60,21 +60,20 @@ private: uint32_t TcpAckOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; - a = config.op; - b = config.min; - c = config.max; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool TcpAckOption::operator==(const IpsOption& ips) const { - if ( strcmp(s_name, ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const TcpAckOption& rhs = (const TcpAckOption&)ips; diff --git a/src/ips_options/ips_asn1.cc b/src/ips_options/ips_asn1.cc index 02632fa81..e0c04c8e9 100644 --- a/src/ips_options/ips_asn1.cc +++ b/src/ips_options/ips_asn1.cc @@ -107,26 +107,22 @@ private: uint32_t Asn1Option::hash() const { - uint32_t a,b,c; - const ASN1_CTXT* data = &config; - - a = data->bs_overflow; - b = data->double_overflow; - c = data->print; + uint32_t a = config.bs_overflow; + uint32_t b = config.double_overflow; + uint32_t c = config.print; mix(a,b,c); - a += data->length; - b += data->max_length; - c += data->offset; + a += config.length; + b += config.max_length; + c += config.offset; mix(a,b,c); - mix_str(a,b,c,get_name()); - a += data->offset_type; + a += config.offset_type; + b += IpsOption::hash(); finalize(a,b,c); - return c; } diff --git a/src/ips_options/ips_base64.cc b/src/ips_options/ips_base64.cc index b2f5014c9..a42e82d0e 100644 --- a/src/ips_options/ips_base64.cc +++ b/src/ips_options/ips_base64.cc @@ -78,15 +78,14 @@ private: uint32_t Base64DecodeOption::hash() const { - uint32_t a,b,c; - - a = config.bytes_to_decode; - b = config.offset; - c = config.flags; + uint32_t a = config.bytes_to_decode; + uint32_t b = config.offset; + uint32_t c = config.flags; mix(a,b,c); - mix_str(a,b,c,get_name()); + a += IpsOption::hash(); + mix(a,b,c); finalize(a,b,c); return c; diff --git a/src/ips_options/ips_ber_data.cc b/src/ips_options/ips_ber_data.cc index fe08a1981..f1815ee34 100644 --- a/src/ips_options/ips_ber_data.cc +++ b/src/ips_options/ips_ber_data.cc @@ -58,9 +58,9 @@ private: uint32_t BerDataOption::hash() const { - uint32_t a = type, b = 0, c = 0; + uint32_t a = type, b = IpsOption::hash(), c = 0; - mix_str(a,b,c,s_name); + mix(a,b,c); finalize(a,b,c); return c; @@ -68,6 +68,9 @@ uint32_t BerDataOption::hash() const bool BerDataOption::operator==(const IpsOption& ips) const { + if ( !IpsOption::operator==(ips) ) + return false; + const BerDataOption& rhs = (const BerDataOption&)ips; if ( type != rhs.type ) diff --git a/src/ips_options/ips_ber_skip.cc b/src/ips_options/ips_ber_skip.cc index 9ecf370c5..bb1c99e94 100644 --- a/src/ips_options/ips_ber_skip.cc +++ b/src/ips_options/ips_ber_skip.cc @@ -59,9 +59,9 @@ private: uint32_t BerSkipOption::hash() const { - uint32_t a = type, b = optional, c = 0; + uint32_t a = type, b = optional, c = IpsOption::hash(); - mix_str(a,b,c,s_name); + mix(a,b,c); finalize(a,b,c); return c; @@ -69,6 +69,9 @@ uint32_t BerSkipOption::hash() const bool BerSkipOption::operator==(const IpsOption& ips) const { + if ( !IpsOption::operator==(ips) ) + return false; + const BerSkipOption& rhs = (const BerSkipOption&)ips; if ( type != rhs.type ) diff --git a/src/ips_options/ips_bufferlen.cc b/src/ips_options/ips_bufferlen.cc index 0aa305372..0fcf040df 100644 --- a/src/ips_options/ips_bufferlen.cc +++ b/src/ips_options/ips_bufferlen.cc @@ -60,15 +60,14 @@ private: uint32_t LenOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; - a = config.op; - b = config.min; - c = config.max; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } diff --git a/src/ips_options/ips_byte_extract.cc b/src/ips_options/ips_byte_extract.cc index 2c68e2c51..e0f76cef2 100644 --- a/src/ips_options/ips_byte_extract.cc +++ b/src/ips_options/ips_byte_extract.cc @@ -89,27 +89,25 @@ private: uint32_t ByteExtractOption::hash() const { - uint32_t a,b,c; - const ByteExtractData* data = &config; - - a = data->bytes_to_grab; - b = data->offset; - c = data->base; + uint32_t a = config.bytes_to_grab; + uint32_t b = config.offset; + uint32_t c = config.base; mix(a,b,c); - a += (data->relative_flag << 24 | - data->data_string_convert_flag << 16 | - data->align << 8 | - data->endianness); - b += data->multiplier; - c += data->var_number; + a += (config.relative_flag << 24 | + config.data_string_convert_flag << 16 | + config.align << 8 | + config.endianness); + b += config.multiplier; + c += config.var_number; mix(a,b,c); - a += data->bitmask_val; - mix_str(a,b,c,get_name()); + a += config.bitmask_val; + b += IpsOption::hash(); + mix(a,b,c); finalize(a,b,c); return c; diff --git a/src/ips_options/ips_byte_jump.cc b/src/ips_options/ips_byte_jump.cc index 8cb9e87c2..2d28b4187 100644 --- a/src/ips_options/ips_byte_jump.cc +++ b/src/ips_options/ips_byte_jump.cc @@ -141,33 +141,29 @@ private: uint32_t ByteJumpOption::hash() const { - uint32_t a,b,c; - const ByteJumpData* data = &config; - - a = data->bytes_to_grab; - b = data->offset; - c = data->base; + uint32_t a = config.bytes_to_grab; + uint32_t b = config.offset; + uint32_t c = config.base; mix(a,b,c); - a += (data->relative_flag << 24 | - data->data_string_convert_flag << 16 | - data->from_beginning_flag << 8 | - data->align_flag); - b += data->endianness; - c += data->multiplier; + a += (config.relative_flag << 24 | + config.data_string_convert_flag << 16 | + config.from_beginning_flag << 8 | + config.align_flag); + b += config.endianness; + c += config.multiplier; mix(a,b,c); - a += data->post_offset; - b += data->from_end_flag << 16 | (uint32_t) data->offset_var << 8 | data->post_offset_var; - c += data->bitmask_val; + a += config.post_offset; + b += config.from_end_flag << 16 | (uint32_t) config.offset_var << 8 | config.post_offset_var; + c += config.bitmask_val; mix(a,b,c); - mix_str(a,b,c,get_name()); + a += IpsOption::hash(); finalize(a,b,c); - return c; } @@ -303,15 +299,15 @@ IpsOption::EvalStatus ByteJumpOption::eval(Cursor& c, Packet* p) uint32_t pos; if ( bjd->from_beginning_flag ) - pos = jump; + pos = 0; else if ( bjd->from_end_flag ) - pos = c.size() + jump; + pos = c.size(); else - pos = c.get_pos() + offset + payload_bytes_grabbed + jump; + pos = (base_ptr - start_ptr) + payload_bytes_grabbed; - pos += post_offset; + pos += jump + post_offset; if ( !c.set_pos(pos) ) return NO_MATCH; diff --git a/src/ips_options/ips_byte_math.cc b/src/ips_options/ips_byte_math.cc index d7137ef25..9b5405339 100644 --- a/src/ips_options/ips_byte_math.cc +++ b/src/ips_options/ips_byte_math.cc @@ -100,30 +100,30 @@ private: uint32_t ByteMathOption::hash() const { - uint32_t a,b,c; - const ByteMathData* data = &config; + uint32_t a = config.bytes_to_extract; + uint32_t b = config.rvalue; + uint32_t c = config.oper; - a = data->bytes_to_extract; - b = data->rvalue; - c = data->oper; + mix(a,b,c); + + a += config.offset; + b += ((uint32_t) config.rvalue_var << 24 | + (uint32_t) config.offset_var << 16 | + (uint32_t) config.result_var << 8 | + config.endianess); + c += config.base; mix(a,b,c); - a += data->offset; - b += ((uint32_t) data->rvalue_var << 24 | - (uint32_t) data->offset_var << 16 | - (uint32_t) data->result_var << 8 | - data->endianess); - c += data->base; + a += config.bitmask_val; + b += config.relative_flag; + c += config.string_convert_flag; mix(a,b,c); - a += data->bitmask_val; - b += data->relative_flag; - c += data->string_convert_flag; - mix_str(a,b,c,get_name()); - finalize(a,b,c); + a += IpsOption::hash(); + finalize(a,b,c); return c; } diff --git a/src/ips_options/ips_byte_test.cc b/src/ips_options/ips_byte_test.cc index a4be24e80..78a3f26dc 100644 --- a/src/ips_options/ips_byte_test.cc +++ b/src/ips_options/ips_byte_test.cc @@ -210,30 +210,29 @@ private: uint32_t ByteTestOption::hash() const { - uint32_t a,b,c; - const ByteTestData* data = &config; - - a = data->bytes_to_compare; - b = data->cmp_value; - c = data->opcode; + uint32_t a = config.bytes_to_compare; + uint32_t b = config.cmp_value; + uint32_t c = config.opcode; mix(a,b,c); - a += data->offset; - b += data->not_flag ? (1 << 24) : 0; - b += data->relative_flag ? (1 << 16) : 0; - b += data->data_string_convert_flag ? (1 << 8) : 0; - b += data->endianness; - c += data->base; + a += config.offset; + b += config.not_flag ? (1 << 24) : 0; + b += config.relative_flag ? (1 << 16) : 0; + b += config.data_string_convert_flag ? (1 << 8) : 0; + b += config.endianness; + c += config.base; mix(a,b,c); - a += data->cmp_value_var; - b += data->offset_var; - c += data->bitmask_val; + a += config.cmp_value_var; + b += config.offset_var; + c += config.bitmask_val; + + mix(a,b,c); + a += IpsOption::hash(); mix(a,b,c); - mix_str(a,b,c,get_name()); finalize(a,b,c); return c; diff --git a/src/ips_options/ips_content.cc b/src/ips_options/ips_content.cc index 378e60b18..62e6a1884 100644 --- a/src/ips_options/ips_content.cc +++ b/src/ips_options/ips_content.cc @@ -181,33 +181,31 @@ bool ContentOption::retry(Cursor& c) uint32_t ContentOption::hash() const { - const ContentData* cd = config; - - uint32_t a = cd->pmd.flags; - uint32_t b = cd->pmd.offset; - uint32_t c = cd->pmd.depth; + uint32_t a = config->pmd.flags; + uint32_t b = config->pmd.offset; + uint32_t c = config->pmd.depth; mix(a,b,c); - a += cd->pmd.pattern_size; - b += cd->pmd.fp_offset; - c += cd->pmd.fp_length; + a += config->pmd.pattern_size; + b += config->pmd.fp_offset; + c += config->pmd.fp_length; mix(a,b,c); - a += cd->pmd.pm_type; + a += config->pmd.pm_type; + b += IpsOption::hash(); - if ( cd->pmd.pattern_size ) - mix_str(a, b, c, cd->pmd.pattern_buf, cd->pmd.pattern_size); + mix(a, b, c); - mix_str(a, b, c, get_name()); + if ( config->pmd.pattern_size ) + mix_str(a, b, c, config->pmd.pattern_buf, config->pmd.pattern_size); - a += cd->depth_var; - b += cd->offset_var; - c += cd->match_delta; + a += config->depth_var; + b += config->offset_var; + c += config->match_delta; mix(a, b, c); - finalize(a, b, c); return c; diff --git a/src/ips_options/ips_cvs.cc b/src/ips_options/ips_cvs.cc index 58af1300b..41f7009de 100644 --- a/src/ips_options/ips_cvs.cc +++ b/src/ips_options/ips_cvs.cc @@ -115,14 +115,11 @@ private: uint32_t CvsOption::hash() const { - uint32_t a,b,c; - const CvsRuleOption* data = &config; + uint32_t a = config.type; + uint32_t b = IpsOption::hash(); + uint32_t c = 0; - a = data->type; - b = 0; - c = 0; - - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -130,7 +127,7 @@ uint32_t CvsOption::hash() const bool CvsOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const CvsOption& rhs = (const CvsOption&)ips; diff --git a/src/ips_options/ips_dsize.cc b/src/ips_options/ips_dsize.cc index 14621adf8..5acc684c4 100644 --- a/src/ips_options/ips_dsize.cc +++ b/src/ips_options/ips_dsize.cc @@ -57,22 +57,20 @@ private: uint32_t DsizeOption::hash() const { - uint32_t a,b,c; - - a = config.min; - b = config.max; - c = config.op; + uint32_t a = config.min; + uint32_t b = config.max; + uint32_t c = config.op; mix(a,b,c); - mix_str(a,b,c,get_name()); - finalize(a,b,c); + a += IpsOption::hash(); + finalize(a,b,c); return c; } bool DsizeOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const DsizeOption& rhs = (const DsizeOption&)ips; diff --git a/src/ips_options/ips_file_type.cc b/src/ips_options/ips_file_type.cc index 7797fcd5f..ee4fd8a4c 100644 --- a/src/ips_options/ips_file_type.cc +++ b/src/ips_options/ips_file_type.cc @@ -64,8 +64,7 @@ FileTypeOption::FileTypeOption(const FileTypeBitSet& t) : IpsOption(s_name) uint32_t FileTypeOption::hash() const { - uint32_t a = 0, b = 0, c = 0; - mix_str(a, b, c, get_name()); + uint32_t a = IpsOption::hash(), b = 0, c = 0; mix_str(a, b, c, types.to_string().c_str()); finalize(a, b, c); return c; @@ -73,7 +72,7 @@ uint32_t FileTypeOption::hash() const bool FileTypeOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; return types == ((const FileTypeOption&) ips).types; diff --git a/src/ips_options/ips_flags.cc b/src/ips_options/ips_flags.cc index b505d2177..e45b57418 100644 --- a/src/ips_options/ips_flags.cc +++ b/src/ips_options/ips_flags.cc @@ -81,14 +81,11 @@ private: uint32_t TcpFlagOption::hash() const { - uint32_t a,b,c; - const TcpFlagCheckData* data = &config; + uint32_t a = config.mode; + uint32_t b = config.tcp_flags | (config.tcp_mask << 8); + uint32_t c = IpsOption::hash(); - a = data->mode; - b = data->tcp_flags | (data->tcp_mask << 8); - c = 0; - - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -96,7 +93,7 @@ uint32_t TcpFlagOption::hash() const bool TcpFlagOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const TcpFlagOption& rhs = (const TcpFlagOption&)ips; diff --git a/src/ips_options/ips_flow.cc b/src/ips_options/ips_flow.cc index 326834241..e31fbca69 100644 --- a/src/ips_options/ips_flow.cc +++ b/src/ips_options/ips_flow.cc @@ -74,17 +74,16 @@ public: uint32_t FlowCheckOption::hash() const { - uint32_t a,b,c; - const FlowCheckData* data = &config; - - a = data->from_server | (data->from_client << 16); - b = data->ignore_reassembled | (data->only_reassembled << 16); - c = data->stateless | (data->established << 16); + uint32_t a = config.from_server | (config.from_client << 16); + uint32_t b = config.ignore_reassembled | (config.only_reassembled << 16); + uint32_t c = config.stateless | (config.established << 16); mix(a,b,c); - mix_str(a,b,c,get_name()); - a += data->unestablished; + a += config.unestablished; + b += IpsOption::hash(); + + mix(a,b,c); finalize(a,b,c); return c; @@ -92,7 +91,7 @@ uint32_t FlowCheckOption::hash() const bool FlowCheckOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const FlowCheckOption& rhs = (const FlowCheckOption&)ips; diff --git a/src/ips_options/ips_flowbits.cc b/src/ips_options/ips_flowbits.cc index 4f5e2264c..0092dae1d 100644 --- a/src/ips_options/ips_flowbits.cc +++ b/src/ips_options/ips_flowbits.cc @@ -172,48 +172,44 @@ FlowBitsOption::~FlowBitsOption() uint32_t FlowBitsOption::hash() const { - uint32_t a,b,c; - const FlowBitCheck* data = config; - unsigned i; - unsigned j = 0; - - a = data->or_bits ? 1 : 0; - b = data->type; - c = 0; + uint32_t a = config->or_bits ? 1 : 0; + uint32_t b = config->type; + uint32_t c = IpsOption::hash(); mix(a,b,c); - mix_str(a,b,c,get_name()); - for (i = 0, j = 0; i < data->ids.size(); i++, j++) + unsigned i; + unsigned j = 0; + + for (i = 0, j = 0; i < config->ids.size(); i++, j++) { if (j >= 3) { - a += data->ids[i - 2]; - b += data->ids[i - 1]; - c += data->ids[i]; + a += config->ids[i - 2]; + b += config->ids[i - 1]; + c += config->ids[i]; mix(a,b,c); j -= 3; } } if (1 == j) { - a += data->ids[data->ids.size() - 1]; - b += data->ids.size(); + a += config->ids[config->ids.size() - 1]; + b += config->ids.size(); } else if (2 == j) { - a += data->ids[data->ids.size() - 2]; - b += data->ids[data->ids.size() - 1]|data->ids.size() << 16; + a += config->ids[config->ids.size() - 2]; + b += config->ids[config->ids.size() - 1]|config->ids.size() << 16; } finalize(a,b,c); - return c; } bool FlowBitsOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const FlowBitsOption& rhs = (const FlowBitsOption&)ips; diff --git a/src/ips_options/ips_fragbits.cc b/src/ips_options/ips_fragbits.cc index 48a147d66..aeda73279 100644 --- a/src/ips_options/ips_fragbits.cc +++ b/src/ips_options/ips_fragbits.cc @@ -285,14 +285,11 @@ private: uint32_t FragBitsOption::hash() const { - uint32_t a,b,c; - const FragBitsData* data = &fragBitsData; + uint32_t a = fragBitsData.get_mode(); + uint32_t b = fragBitsData.get_frag_bits(); + uint32_t c = IpsOption::hash(); - a = data->get_mode(); - b = data->get_frag_bits(); - c = 0; - - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -300,7 +297,7 @@ uint32_t FragBitsOption::hash() const bool FragBitsOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const FragBitsOption& rhs = (const FragBitsOption&)ips; diff --git a/src/ips_options/ips_fragoffset.cc b/src/ips_options/ips_fragoffset.cc index e9b6f3e76..403f05dca 100644 --- a/src/ips_options/ips_fragoffset.cc +++ b/src/ips_options/ips_fragoffset.cc @@ -56,21 +56,20 @@ private: uint32_t FragOffsetOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = (uint32_t)config.min; + uint32_t c = (uint32_t)config.max; - a = config.op; - b = (uint32_t)config.min; - c = (uint32_t)config.max; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool FragOffsetOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const FragOffsetOption& rhs = (const FragOffsetOption&)ips; diff --git a/src/ips_options/ips_hash.cc b/src/ips_options/ips_hash.cc index f367ba418..6cf83d369 100644 --- a/src/ips_options/ips_hash.cc +++ b/src/ips_options/ips_hash.cc @@ -98,20 +98,20 @@ private: uint32_t HashOption::hash() const { - uint32_t a,b,c; - const HashMatchData* hmd = config; + uint32_t a = config->negated; + uint32_t b = config->relative; + uint32_t c = size; - a = hmd->negated; - b = hmd->relative; - c = size; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,hmd->hash.c_str()); + mix_str(a,b,c,config->hash.c_str()); - a += hmd->length; - b += hmd->offset; - c += hmd->offset_var; + a += config->length; + b += config->offset; + c += config->offset_var; - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; diff --git a/src/ips_options/ips_icmp_id.cc b/src/ips_options/ips_icmp_id.cc index a17ad7246..fd0412f36 100644 --- a/src/ips_options/ips_icmp_id.cc +++ b/src/ips_options/ips_icmp_id.cc @@ -80,21 +80,20 @@ private: uint32_t IcmpIdOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; - a = config.op; - b = config.min; - c = config.max; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool IcmpIdOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const IcmpIdOption& rhs = (const IcmpIdOption&)ips; diff --git a/src/ips_options/ips_icmp_seq.cc b/src/ips_options/ips_icmp_seq.cc index d16d372f8..9546f622b 100644 --- a/src/ips_options/ips_icmp_seq.cc +++ b/src/ips_options/ips_icmp_seq.cc @@ -80,21 +80,20 @@ private: uint32_t IcmpSeqOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; - a = config.op; - b = config.min; - c = config.max; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool IcmpSeqOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const IcmpSeqOption& rhs = (const IcmpSeqOption&)ips; diff --git a/src/ips_options/ips_icode.cc b/src/ips_options/ips_icode.cc index ac2f3b471..176373f8d 100644 --- a/src/ips_options/ips_icode.cc +++ b/src/ips_options/ips_icode.cc @@ -57,21 +57,20 @@ private: uint32_t IcodeOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; - a = config.op; - b = config.min; - c = config.max; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool IcodeOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const IcodeOption& rhs = (const IcodeOption&)ips; diff --git a/src/ips_options/ips_id.cc b/src/ips_options/ips_id.cc index 09fcb78e5..0857718de 100644 --- a/src/ips_options/ips_id.cc +++ b/src/ips_options/ips_id.cc @@ -56,21 +56,20 @@ private: uint32_t IpIdOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; - a = config.op; - b = config.min; - c = config.max; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool IpIdOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const IpIdOption& rhs = (const IpIdOption&)ips; diff --git a/src/ips_options/ips_ip_proto.cc b/src/ips_options/ips_ip_proto.cc index ce9cbf953..51f916328 100644 --- a/src/ips_options/ips_ip_proto.cc +++ b/src/ips_options/ips_ip_proto.cc @@ -73,14 +73,11 @@ private: uint32_t IpProtoOption::hash() const { - uint32_t a,b,c; - const IpProtoData* data = &config; + uint32_t a = to_utype(config.protocol); + uint32_t b = config.comparison_flag; + uint32_t c = IpsOption::hash(); - a = to_utype(data->protocol); - b = data->comparison_flag; - c = 0; - - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -88,7 +85,7 @@ uint32_t IpProtoOption::hash() const bool IpProtoOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const IpProtoOption& rhs = (const IpProtoOption&)ips; diff --git a/src/ips_options/ips_ipopts.cc b/src/ips_options/ips_ipopts.cc index c3fcd271b..92c686607 100644 --- a/src/ips_options/ips_ipopts.cc +++ b/src/ips_options/ips_ipopts.cc @@ -66,14 +66,11 @@ private: uint32_t IpOptOption::hash() const { - uint32_t a,b,c; - const IpOptionData* data = &config; + uint32_t a = (uint32_t)config.ip_option; + uint32_t b = config.any_flag; + uint32_t c = IpsOption::hash(); - a = (uint32_t)data->ip_option; - b = data->any_flag; - c = 0; - - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -81,7 +78,7 @@ uint32_t IpOptOption::hash() const bool IpOptOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const IpOptOption& rhs = (const IpOptOption&)ips; diff --git a/src/ips_options/ips_isdataat.cc b/src/ips_options/ips_isdataat.cc index 15b9a7553..5a478a525 100644 --- a/src/ips_options/ips_isdataat.cc +++ b/src/ips_options/ips_isdataat.cc @@ -93,23 +93,20 @@ private: uint32_t IsDataAtOption::hash() const { - uint32_t a,b,c; - const IsDataAtData* data = &config; - - a = data->offset; - b = data->flags; - c = data->offset_var; + uint32_t a = config.offset; + uint32_t b = config.flags; + uint32_t c = config.offset_var; mix(a,b,c); - mix_str(a,b,c,get_name()); - finalize(a,b,c); + a += IpsOption::hash(); + finalize(a,b,c); return c; } bool IsDataAtOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const IsDataAtOption& rhs = (const IsDataAtOption&)ips; diff --git a/src/ips_options/ips_itype.cc b/src/ips_options/ips_itype.cc index eb65fa551..4b7cf00fd 100644 --- a/src/ips_options/ips_itype.cc +++ b/src/ips_options/ips_itype.cc @@ -57,22 +57,20 @@ private: uint32_t IcmpTypeOption::hash() const { - uint32_t a,b,c; - - a = config.op; - b = config.min; - c = config.max; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; mix(a,b,c); - mix_str(a,b,c,get_name()); - finalize(a,b,c); + a += IpsOption::hash(); + finalize(a,b,c); return c; } bool IcmpTypeOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const IcmpTypeOption& rhs = (const IcmpTypeOption&)ips; diff --git a/src/ips_options/ips_luajit.cc b/src/ips_options/ips_luajit.cc index 07f66e870..dbc19e6ef 100644 --- a/src/ips_options/ips_luajit.cc +++ b/src/ips_options/ips_luajit.cc @@ -158,8 +158,7 @@ LuaJitOption::~LuaJitOption() uint32_t LuaJitOption::hash() const { - uint32_t a = 0, b = 0, c = 0; - mix_str(a,b,c,get_name()); + uint32_t a = IpsOption::hash(), b = 0, c = 0; mix_str(a,b,c,config.c_str()); finalize(a,b,c); return c; diff --git a/src/ips_options/ips_pcre.cc b/src/ips_options/ips_pcre.cc index 441bf7b2f..ddced6284 100644 --- a/src/ips_options/ips_pcre.cc +++ b/src/ips_options/ips_pcre.cc @@ -524,8 +524,9 @@ uint32_t PcreOption::hash() const } a += config->options; + b += IpsOption::hash(); - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; diff --git a/src/ips_options/ips_regex.cc b/src/ips_options/ips_regex.cc index d4b7dbd41..4daae4710 100644 --- a/src/ips_options/ips_regex.cc +++ b/src/ips_options/ips_regex.cc @@ -125,8 +125,10 @@ uint32_t RegexOption::hash() const uint32_t b = config.pmd.mpse_flags; uint32_t c = config.pmd.pm_type; + mix(a, b, c); + a += IpsOption::hash(); + mix_str(a, b, c, config.re.c_str()); - mix_str(a, b, c, get_name()); finalize(a, b, c); return c; diff --git a/src/ips_options/ips_replace.cc b/src/ips_options/ips_replace.cc index 46111f6ed..9bc6b6812 100644 --- a/src/ips_options/ips_replace.cc +++ b/src/ips_options/ips_replace.cc @@ -124,18 +124,12 @@ ReplaceOption::~ReplaceOption() uint32_t ReplaceOption::hash() const { - uint32_t a,b,c; - - const char* s = repl.c_str(); - unsigned n = repl.size(); - - a = 0; - b = n; - c = 0; + uint32_t a = IpsOption::hash(); + uint32_t b = repl.size(); + uint32_t c = 0; mix(a,b,c); - mix_str(a,b,c,s,n); - mix_str(a,b,c,get_name()); + mix_str(a,b,c,repl.c_str()); finalize(a,b,c); return c; @@ -143,7 +137,7 @@ uint32_t ReplaceOption::hash() const bool ReplaceOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const ReplaceOption& rhs = (const ReplaceOption&)ips; diff --git a/src/ips_options/ips_rpc.cc b/src/ips_options/ips_rpc.cc index 89b8b2985..fb4bd4e9c 100644 --- a/src/ips_options/ips_rpc.cc +++ b/src/ips_options/ips_rpc.cc @@ -79,18 +79,16 @@ private: uint32_t RpcOption::hash() const { - uint32_t a,b,c; - const RpcCheckData* data = &config; - - a = data->program; - b = data->version; - c = data->procedure; + uint32_t a = config.program; + uint32_t b = config.version; + uint32_t c = config.procedure; mix(a,b,c); - a += data->flags; + a += config.flags; + b += IpsOption::hash(); - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -98,7 +96,7 @@ uint32_t RpcOption::hash() const bool RpcOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const RpcOption& rhs = (const RpcOption&)ips; diff --git a/src/ips_options/ips_sd_pattern.cc b/src/ips_options/ips_sd_pattern.cc index 38e7a7f1a..6b26ea894 100644 --- a/src/ips_options/ips_sd_pattern.cc +++ b/src/ips_options/ips_sd_pattern.cc @@ -151,8 +151,10 @@ uint32_t SdPatternOption::hash() const uint32_t b = config.pmd.pm_type; uint32_t c = config.threshold; + mix(a, b, c); + a += IpsOption::hash(); + mix_str(a, b, c, config.pii.c_str()); - mix_str(a, b, c, get_name()); finalize(a, b, c); return c; diff --git a/src/ips_options/ips_seq.cc b/src/ips_options/ips_seq.cc index c70e8dbfa..2a43865d8 100644 --- a/src/ips_options/ips_seq.cc +++ b/src/ips_options/ips_seq.cc @@ -57,21 +57,20 @@ private: uint32_t TcpSeqOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; - a = config.op; - b = config.min; - c = config.max; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool TcpSeqOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const TcpSeqOption& rhs = (const TcpSeqOption&)ips; diff --git a/src/ips_options/ips_so.cc b/src/ips_options/ips_so.cc index 3467ecb85..433d695a5 100644 --- a/src/ips_options/ips_so.cc +++ b/src/ips_options/ips_so.cc @@ -80,7 +80,7 @@ SoOption::~SoOption() uint32_t SoOption::hash() const { - uint32_t a = relative_flag, b = 0, c = 0; + uint32_t a = relative_flag, b = IpsOption::hash(), c = 0; mix_str(a,b,c,soid); mix_str(a,b,c,so); finalize(a,b,c); @@ -89,6 +89,9 @@ uint32_t SoOption::hash() const bool SoOption::operator==(const IpsOption& ips) const { + if ( !IpsOption::operator==(ips) ) + return false; + const SoOption& rhs = (const SoOption&)ips; if ( strcmp(soid, rhs.soid) ) diff --git a/src/ips_options/ips_tos.cc b/src/ips_options/ips_tos.cc index 075eaa813..d646690ae 100644 --- a/src/ips_options/ips_tos.cc +++ b/src/ips_options/ips_tos.cc @@ -56,21 +56,20 @@ public: uint32_t IpTosOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; - a = config.op; - b = config.min; - c = config.max; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool IpTosOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const IpTosOption& rhs = (const IpTosOption&)ips; diff --git a/src/ips_options/ips_ttl.cc b/src/ips_options/ips_ttl.cc index c190aaa6e..782430262 100644 --- a/src/ips_options/ips_ttl.cc +++ b/src/ips_options/ips_ttl.cc @@ -56,14 +56,14 @@ private: uint32_t TtlOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; - a = config.op; - b = config.min; - c = config.max; + mix(a,b,c); + a += IpsOption::hash(); mix(a,b,c); - mix_str(a,b,c,get_name()); finalize(a,b,c); return c; @@ -71,7 +71,7 @@ uint32_t TtlOption::hash() const bool TtlOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const TtlOption& rhs = (const TtlOption&)ips; diff --git a/src/ips_options/ips_window.cc b/src/ips_options/ips_window.cc index 8b1711377..de7b9ce7a 100644 --- a/src/ips_options/ips_window.cc +++ b/src/ips_options/ips_window.cc @@ -57,21 +57,20 @@ private: uint32_t TcpWinOption::hash() const { - uint32_t a,b,c; + uint32_t a = config.op; + uint32_t b = config.min; + uint32_t c = config.max; - a = config.op; - b = config.min; - c = config.max; + mix(a,b,c); + a += IpsOption::hash(); - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool TcpWinOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const TcpWinOption& rhs = (const TcpWinOption&)ips; diff --git a/src/ips_options/test/ips_regex_test.cc b/src/ips_options/test/ips_regex_test.cc index 13a82e20b..a35a1b4f3 100644 --- a/src/ips_options/test/ips_regex_test.cc +++ b/src/ips_options/test/ips_regex_test.cc @@ -145,6 +145,7 @@ static IpsOption* get_option(Module* mod, const char* pat) const IpsApi* api = (const IpsApi*) ips_regex; IpsOption* opt = api->ctor(mod, &otn); + IpsOption::set_buffer("pkt_data"); return opt; } diff --git a/src/log/messages.cc b/src/log/messages.cc index e805d987f..18f7d94c2 100644 --- a/src/log/messages.cc +++ b/src/log/messages.cc @@ -336,6 +336,10 @@ void ErrorMessage(const char* format,...) fprintf(stderr,"Fatal Error, Quitting..\n"); } + // guard against FatalError calls from non-main thread (which should not happen!) + if ( !in_main_thread() ) + abort(); + SnortConfig::cleanup_fatal_error(); #if 0 diff --git a/src/main/snort_config.cc b/src/main/snort_config.cc index beac61b02..1cf328ac1 100644 --- a/src/main/snort_config.cc +++ b/src/main/snort_config.cc @@ -33,6 +33,7 @@ #include "detection/fp_create.h" #include "dump_config/json_config_output.h" #include "dump_config/text_config_output.h" +#include "file_api/file_service.h" #include "filters/detection_filter.h" #include "filters/rate_filter.h" #include "filters/sfrf.h" @@ -1010,11 +1011,11 @@ void SnortConfig::set_conf(const SnortConfig* sc) void SnortConfig::cleanup_fatal_error() { - // guard against FatalError calls from packet threads (which should not happen!) - // FIXIT-L should also guard against non-main non-packet threads calling FatalError - if ( is_packet_thread() ) - return; + // FIXIT-L need a generic way to manage type other threads + // and preferably not start them too soon + FileService::close(); +#ifdef REG_TEST const SnortConfig* sc = SnortConfig::get_conf(); if ( sc && !sc->dirty_pig ) { @@ -1023,5 +1024,6 @@ void SnortConfig::cleanup_fatal_error() IpsManager::release_plugins(); InspectorManager::release_plugins(); } +#endif } diff --git a/src/main/thread.h b/src/main/thread.h index 4705ea878..304626af3 100644 --- a/src/main/thread.h +++ b/src/main/thread.h @@ -54,10 +54,12 @@ namespace snort { SO_PUBLIC unsigned get_instance_id(); SO_PUBLIC SThreadType get_thread_type(); + +SO_PUBLIC inline bool in_main_thread() +{ return get_thread_type() == STHREAD_TYPE_MAIN; } + SO_PUBLIC inline bool is_packet_thread() -{ - return get_thread_type() == STHREAD_TYPE_PACKET; -} +{ return get_thread_type() == STHREAD_TYPE_PACKET; } // all modules that use packet thread files should call this function to // get a packet thread specific path. name should be the module name or diff --git a/src/mime/file_mime_log.cc b/src/mime/file_mime_log.cc index fd4df4041..9515fb0df 100644 --- a/src/mime/file_mime_log.cc +++ b/src/mime/file_mime_log.cc @@ -44,43 +44,33 @@ using namespace snort; /* accumulate MIME attachment filenames. The filenames are appended by commas */ int MailLogState::log_file_name(const uint8_t* start, int length) { - uint8_t* alt_buf; - int alt_size; - uint16_t* alt_len; - - int log_avail = 0; - if (!start || (length <= 0)) - { return -1; - } - alt_buf = filenames; - alt_size = MAX_FILE; - alt_len = &(file_logged); - log_avail = alt_size - *alt_len; + uint8_t* alt_buf = filenames; + int alt_size = MAX_FILE; + uint16_t* alt_len = &(file_logged); + + int sep = (*alt_len > 0) ? 1 : 0; + int log_avail = alt_size - *alt_len - sep; if (!alt_buf || (log_avail <= 0)) return -1; - if (*alt_len > 0 && ((*alt_len + 1) < alt_size)) - { - alt_buf[*alt_len] = ','; - *alt_len = *alt_len + 1; - } - - if (length > log_avail) - { - if (*alt_len != 0) - *alt_len = *alt_len - 1; - return -1; - } + else if (log_avail < length ) + length = log_avail; if (length > 0) + { + if (sep) + { + alt_buf[*alt_len] = ','; + *alt_len = *alt_len + 1; + } memcpy_s(alt_buf + *alt_len, log_avail, start, length); - - file_current = *alt_len; - *alt_len += length; + file_current = *alt_len; + *alt_len += length; + } log_flags |= MIME_FLAG_FILENAME_PRESENT; @@ -90,14 +80,11 @@ int MailLogState::log_file_name(const uint8_t* start, int length) /* Accumulate EOL separated headers, one or more at a time */ int MailLogState::log_email_hdrs(const uint8_t* start, int length) { - int log_avail = 0; - uint8_t* log_buf; - if (length <= 0) return -1; - log_avail = log_depth - hdrs_logged; - log_buf = (uint8_t*)emailHdrs; + int log_avail = log_depth - hdrs_logged; + uint8_t* log_buf = (uint8_t*)emailHdrs; if (log_avail <= 0) return 0; @@ -124,17 +111,12 @@ int MailLogState::log_email_hdrs(const uint8_t* start, int length) by comma */ int MailLogState::log_email_id(const uint8_t* start, int length, EmailUserType type) { - uint8_t* alt_buf; - int alt_size; - uint16_t* alt_len; - int log_avail=0; - const uint8_t* tmp_eol; - if (length <= 0) return -1; - tmp_eol = (const uint8_t*)memchr(start, ':', length); - if (tmp_eol == nullptr) + const uint8_t* tmp_eol = (const uint8_t*)memchr(start, ':', length); + + if ( !tmp_eol ) return -1; if ((tmp_eol + 1) < (start + length)) @@ -145,6 +127,10 @@ int MailLogState::log_email_id(const uint8_t* start, int length, EmailUserType t else return -1; + uint8_t* alt_buf; + int alt_size; + uint16_t* alt_len; + switch (type) { case EMAIL_SENDER: @@ -163,35 +149,31 @@ int MailLogState::log_email_id(const uint8_t* start, int length, EmailUserType t return -1; } - log_avail = alt_size - *alt_len; + int sep = (*alt_len > 0) ? 1 : 0; + int log_avail = alt_size - *alt_len - sep; if (log_avail <= 0 || !alt_buf) return -1; - else if (log_avail < length) - length = log_avail; - if (*alt_len > 0 && ((*alt_len + 1) < alt_size)) - { - alt_buf[*alt_len] = ','; - *alt_len = *alt_len + 1; - } - - if (length > log_avail) - { - if (*alt_len != 0) - *alt_len = *alt_len - 1; - return -1; - } + else if (log_avail < length ) + length = log_avail; if (length > 0) + { + if (sep) + { + alt_buf[*alt_len] = ','; + *alt_len = *alt_len + 1; + } memcpy_s(alt_buf + *alt_len, log_avail, start, length); - - *alt_len += length; + *alt_len += length; + } if (type == EMAIL_SENDER) log_flags |= MIME_FLAG_MAIL_FROM_PRESENT; else log_flags |= MIME_FLAG_RCPT_TO_PRESENT; + return 0; } diff --git a/src/network_inspectors/appid/ips_appid_option.cc b/src/network_inspectors/appid/ips_appid_option.cc index 803eaf4e1..381c00f51 100644 --- a/src/network_inspectors/appid/ips_appid_option.cc +++ b/src/network_inspectors/appid/ips_appid_option.cc @@ -68,21 +68,17 @@ private: uint32_t AppIdIpsOption::hash() const { - uint32_t abc[3]; + uint32_t a = appid_table.size(); + uint32_t b = IpsOption::hash(); + uint32_t c = 0; - abc[0] = appid_table.size(); - abc[1] = 0; - abc[2] = 0; - - mix(abc[0], abc[1], abc[2]); + mix(a, b, c); for ( auto& appid_name : appid_table ) - mix_str(abc[0], abc[1], abc[2], - appid_name.c_str(), appid_name.length()); - - finalize(abc[0], abc[1], abc[2]); + mix_str(a, b, c, appid_name.c_str(), appid_name.length()); - return abc[2]; + finalize(a, b, c); + return c; } bool AppIdIpsOption::operator==(const IpsOption& ips) const diff --git a/src/service_inspectors/cip/ips_cip_attribute.cc b/src/service_inspectors/cip/ips_cip_attribute.cc index c9ff7af14..80aaf4265 100644 --- a/src/service_inspectors/cip/ips_cip_attribute.cc +++ b/src/service_inspectors/cip/ips_cip_attribute.cc @@ -62,21 +62,20 @@ private: uint32_t CipAttributeOption::hash() const { - uint32_t a, b, c; + uint32_t a = cip_attr.op; + uint32_t b = cip_attr.min; + uint32_t c = cip_attr.max; - a = cip_attr.op; - b = cip_attr.min; - c = cip_attr.max; + mix(a, b, c); + a += IpsOption::hash(); - mix_str(a, b, c, get_name()); finalize(a,b,c); - return c; } bool CipAttributeOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const CipAttributeOption& rhs = static_cast(ips); diff --git a/src/service_inspectors/cip/ips_cip_class.cc b/src/service_inspectors/cip/ips_cip_class.cc index c5a1d1f16..db2dd2f38 100644 --- a/src/service_inspectors/cip/ips_cip_class.cc +++ b/src/service_inspectors/cip/ips_cip_class.cc @@ -63,21 +63,20 @@ private: uint32_t CipClassOption::hash() const { - uint32_t a,b,c; + uint32_t a = cip_class.op; + uint32_t b = cip_class.min; + uint32_t c = cip_class.max; - a = cip_class.op; - b = cip_class.min; - c = cip_class.max; + mix(a, b, c); + a += IpsOption::hash(); - mix_str(a, b, c, get_name()); finalize(a,b,c); - return c; } bool CipClassOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const CipClassOption& rhs = static_cast(ips); diff --git a/src/service_inspectors/cip/ips_cip_connpathclass.cc b/src/service_inspectors/cip/ips_cip_connpathclass.cc index 8f93c5159..e5aa80515 100644 --- a/src/service_inspectors/cip/ips_cip_connpathclass.cc +++ b/src/service_inspectors/cip/ips_cip_connpathclass.cc @@ -62,21 +62,20 @@ private: uint32_t CipConnpathclassOption::hash() const { - uint32_t a,b,c; + uint32_t a = cip_cpc.op; + uint32_t b = cip_cpc.min; + uint32_t c = cip_cpc.max; - a = cip_cpc.op; - b = cip_cpc.min; - c = cip_cpc.max; + mix(a, b, c); + a += IpsOption::hash(); - mix_str(a, b, c, get_name()); finalize(a,b,c); - return c; } bool CipConnpathclassOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const CipConnpathclassOption& rhs = static_cast(ips); diff --git a/src/service_inspectors/cip/ips_cip_enipcommand.cc b/src/service_inspectors/cip/ips_cip_enipcommand.cc index 5dd433a73..221c3793c 100644 --- a/src/service_inspectors/cip/ips_cip_enipcommand.cc +++ b/src/service_inspectors/cip/ips_cip_enipcommand.cc @@ -62,21 +62,20 @@ private: uint32_t CipEnipCommandOption::hash() const { - uint32_t a,b,c; + uint32_t a = cip_enip_cmd.op; + uint32_t b = cip_enip_cmd.min; + uint32_t c = cip_enip_cmd.max; - a = cip_enip_cmd.op; - b = cip_enip_cmd.min; - c = cip_enip_cmd.max; + mix(a, b, c); + a += IpsOption::hash(); - mix_str(a, b, c, get_name()); finalize(a,b,c); - return c; } bool CipEnipCommandOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const CipEnipCommandOption& rhs = static_cast(ips); diff --git a/src/service_inspectors/cip/ips_cip_enipreq.cc b/src/service_inspectors/cip/ips_cip_enipreq.cc index f6dc0913b..b444a7687 100644 --- a/src/service_inspectors/cip/ips_cip_enipreq.cc +++ b/src/service_inspectors/cip/ips_cip_enipreq.cc @@ -58,9 +58,9 @@ public: uint32_t CipEnipreqOption::hash() const { - uint32_t a = 0, b = 0, c = 0; + uint32_t a = IpsOption::hash(), b = 0, c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -68,7 +68,7 @@ uint32_t CipEnipreqOption::hash() const bool CipEnipreqOption::operator==(const IpsOption& ips) const { - return !strcmp(get_name(), ips.get_name()); + return IpsOption::operator==(ips); } IpsOption::EvalStatus CipEnipreqOption::eval(Cursor&, Packet* p) diff --git a/src/service_inspectors/cip/ips_cip_eniprsp.cc b/src/service_inspectors/cip/ips_cip_eniprsp.cc index d4659b0f3..811b5e1c8 100644 --- a/src/service_inspectors/cip/ips_cip_eniprsp.cc +++ b/src/service_inspectors/cip/ips_cip_eniprsp.cc @@ -58,9 +58,9 @@ public: uint32_t CipEnipRspOption::hash() const { - uint32_t a = 0, b = 0, c = 0; + uint32_t a = IpsOption::hash(), b = 0, c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -68,7 +68,7 @@ uint32_t CipEnipRspOption::hash() const bool CipEnipRspOption::operator==(const IpsOption& ips) const { - return !strcmp(get_name(), ips.get_name()); + return IpsOption::operator==(ips); } IpsOption::EvalStatus CipEnipRspOption::eval(Cursor&, Packet* p) diff --git a/src/service_inspectors/cip/ips_cip_instance.cc b/src/service_inspectors/cip/ips_cip_instance.cc index 36dc97fe1..df09d4bf1 100644 --- a/src/service_inspectors/cip/ips_cip_instance.cc +++ b/src/service_inspectors/cip/ips_cip_instance.cc @@ -62,21 +62,20 @@ private: uint32_t CipInstanceOption::hash() const { - uint32_t a, b, c; + uint32_t a = cip_inst.op; + uint32_t b = cip_inst.min; + uint32_t c = cip_inst.max; - a = cip_inst.op; - b = cip_inst.min; - c = cip_inst.max; + mix(a, b, c); + a += IpsOption::hash(); - mix_str(a, b, c, get_name()); finalize(a,b,c); - return c; } bool CipInstanceOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const CipInstanceOption& rhs = static_cast(ips); diff --git a/src/service_inspectors/cip/ips_cip_req.cc b/src/service_inspectors/cip/ips_cip_req.cc index 7fbea0cd3..1435be71c 100644 --- a/src/service_inspectors/cip/ips_cip_req.cc +++ b/src/service_inspectors/cip/ips_cip_req.cc @@ -58,9 +58,9 @@ public: uint32_t CipReqOption::hash() const { - uint32_t a = 0, b = 0, c = 0; + uint32_t a = IpsOption::hash(), b = 0, c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -68,7 +68,7 @@ uint32_t CipReqOption::hash() const bool CipReqOption::operator==(const IpsOption& ips) const { - return !strcmp(get_name(), ips.get_name()); + return IpsOption::operator==(ips); } IpsOption::EvalStatus CipReqOption::eval(Cursor&, Packet* p) diff --git a/src/service_inspectors/cip/ips_cip_rsp.cc b/src/service_inspectors/cip/ips_cip_rsp.cc index a2c24b00e..f3aec625c 100644 --- a/src/service_inspectors/cip/ips_cip_rsp.cc +++ b/src/service_inspectors/cip/ips_cip_rsp.cc @@ -58,9 +58,9 @@ public: uint32_t CipRspOption::hash() const { - uint32_t a = 0, b = 0, c = 0; + uint32_t a = IpsOption::hash(), b = 0, c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -68,7 +68,7 @@ uint32_t CipRspOption::hash() const bool CipRspOption::operator==(const IpsOption& ips) const { - return !strcmp(get_name(), ips.get_name()); + return IpsOption::operator==(ips); } IpsOption::EvalStatus CipRspOption::eval(Cursor&, Packet* p) diff --git a/src/service_inspectors/cip/ips_cip_service.cc b/src/service_inspectors/cip/ips_cip_service.cc index 55c7c17b7..0571329ba 100644 --- a/src/service_inspectors/cip/ips_cip_service.cc +++ b/src/service_inspectors/cip/ips_cip_service.cc @@ -62,21 +62,20 @@ private: uint32_t CipServiceOption::hash() const { - uint32_t a, b, c; + uint32_t a = cip_serv.op; + uint32_t b = cip_serv.min; + uint32_t c = cip_serv.max; - a = cip_serv.op; - b = cip_serv.min; - c = cip_serv.max; + mix(a, b, c); + a += IpsOption::hash(); - mix_str(a, b, c, get_name()); finalize(a,b,c); - return c; } bool CipServiceOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const CipServiceOption& rhs = static_cast(ips); diff --git a/src/service_inspectors/cip/ips_cip_status.cc b/src/service_inspectors/cip/ips_cip_status.cc index 78517c215..d4ed1e9ac 100644 --- a/src/service_inspectors/cip/ips_cip_status.cc +++ b/src/service_inspectors/cip/ips_cip_status.cc @@ -62,21 +62,20 @@ private: uint32_t CipStatusOption::hash() const { - uint32_t a, b, c; + uint32_t a = cip_status.op; + uint32_t b = cip_status.min; + uint32_t c = cip_status.max; - a = cip_status.op; - b = cip_status.min; - c = cip_status.max; + mix(a, b, c); + a += IpsOption::hash(); - mix_str(a, b, c, get_name()); finalize(a,b,c); - return c; } bool CipStatusOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const CipStatusOption& rhs = static_cast(ips); diff --git a/src/service_inspectors/dce_rpc/ips_dce_iface.cc b/src/service_inspectors/dce_rpc/ips_dce_iface.cc index 553fe4212..3e5adf5c2 100644 --- a/src/service_inspectors/dce_rpc/ips_dce_iface.cc +++ b/src/service_inspectors/dce_rpc/ips_dce_iface.cc @@ -336,7 +336,7 @@ uint32_t Dce2IfaceOption::hash() const (uuid.node[0] << 8) | (uuid.node[1]); - mix_str(a, b, c, get_name()); + mix(a, b, c); a += (uuid.node[2] << 24) | (uuid.node[3] << 16) | @@ -349,6 +349,7 @@ uint32_t Dce2IfaceOption::hash() const a += version.op; b += any_frag; + c += IpsOption::hash(); finalize(a, b, c); diff --git a/src/service_inspectors/dce_rpc/ips_dce_opnum.cc b/src/service_inspectors/dce_rpc/ips_dce_opnum.cc index 8e74d1d19..7fb9941e1 100644 --- a/src/service_inspectors/dce_rpc/ips_dce_opnum.cc +++ b/src/service_inspectors/dce_rpc/ips_dce_opnum.cc @@ -357,7 +357,7 @@ uint32_t Dce2OpnumOption::hash() const { uint32_t a = opnum.opnum_lo, b = opnum.opnum_hi, c = opnum.mask_size; - mix_str(a,b,c,get_name()); + mix(a,b,c); if (opnum.mask_size != 0) { @@ -368,6 +368,7 @@ uint32_t Dce2OpnumOption::hash() const mix(a,b,c); } + a += IpsOption::hash(); finalize(a, b, c); @@ -376,7 +377,7 @@ uint32_t Dce2OpnumOption::hash() const bool Dce2OpnumOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const Dce2OpnumOption& rhs = (const Dce2OpnumOption&)ips; diff --git a/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc b/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc index 522b98ccc..15603a570 100644 --- a/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc +++ b/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc @@ -56,9 +56,10 @@ public: uint32_t Dce2StubDataOption::hash() const { - uint32_t a = 0, b = 0, c = 0; + uint32_t a = IpsOption::hash(); + uint32_t b = 0, c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -66,7 +67,7 @@ uint32_t Dce2StubDataOption::hash() const bool Dce2StubDataOption::operator==(const IpsOption& ips) const { - return !strcmp(get_name(), ips.get_name()); + return IpsOption::operator==(ips); } IpsOption::EvalStatus Dce2StubDataOption::eval(Cursor& c, Packet* p) diff --git a/src/service_inspectors/dnp3/ips_dnp3_data.cc b/src/service_inspectors/dnp3/ips_dnp3_data.cc index 7d3316782..419e1bd4e 100644 --- a/src/service_inspectors/dnp3/ips_dnp3_data.cc +++ b/src/service_inspectors/dnp3/ips_dnp3_data.cc @@ -57,9 +57,9 @@ public: uint32_t Dnp3DataOption::hash() const { - uint32_t a = 0, b = 0, c = 0; + uint32_t a = IpsOption::hash(), b = 0, c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -67,7 +67,7 @@ uint32_t Dnp3DataOption::hash() const bool Dnp3DataOption::operator==(const IpsOption& ips) const { - return !strcmp(get_name(), ips.get_name()); + return IpsOption::operator==(ips); } IpsOption::EvalStatus Dnp3DataOption::eval(Cursor& c, Packet* p) diff --git a/src/service_inspectors/dnp3/ips_dnp3_func.cc b/src/service_inspectors/dnp3/ips_dnp3_func.cc index 63a368308..50f80c336 100644 --- a/src/service_inspectors/dnp3/ips_dnp3_func.cc +++ b/src/service_inspectors/dnp3/ips_dnp3_func.cc @@ -60,9 +60,9 @@ private: uint32_t Dnp3FuncOption::hash() const { - uint32_t a = func, b = 0, c = 0; + uint32_t a = func, b = IpsOption::hash(), c = 0; - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -70,7 +70,7 @@ uint32_t Dnp3FuncOption::hash() const bool Dnp3FuncOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const Dnp3FuncOption& rhs = (const Dnp3FuncOption&)ips; diff --git a/src/service_inspectors/dnp3/ips_dnp3_ind.cc b/src/service_inspectors/dnp3/ips_dnp3_ind.cc index 1549eefe9..9e048491c 100644 --- a/src/service_inspectors/dnp3/ips_dnp3_ind.cc +++ b/src/service_inspectors/dnp3/ips_dnp3_ind.cc @@ -60,9 +60,9 @@ private: uint32_t Dnp3IndOption::hash() const { - uint32_t a = flags, b = 0, c = 0; + uint32_t a = flags, b = IpsOption::hash(), c = 0; - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -70,7 +70,7 @@ uint32_t Dnp3IndOption::hash() const bool Dnp3IndOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const Dnp3IndOption& rhs = (const Dnp3IndOption&)ips; diff --git a/src/service_inspectors/dnp3/ips_dnp3_obj.cc b/src/service_inspectors/dnp3/ips_dnp3_obj.cc index eee61eaf2..e1816531e 100644 --- a/src/service_inspectors/dnp3/ips_dnp3_obj.cc +++ b/src/service_inspectors/dnp3/ips_dnp3_obj.cc @@ -86,9 +86,9 @@ private: uint32_t Dnp3ObjOption::hash() const { - uint32_t a = group, b = var, c = 0; + uint32_t a = group, b = var, c = IpsOption::hash(); - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -96,7 +96,7 @@ uint32_t Dnp3ObjOption::hash() const bool Dnp3ObjOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const Dnp3ObjOption& rhs = (const Dnp3ObjOption&)ips; diff --git a/src/service_inspectors/gtp/ips_gtp_info.cc b/src/service_inspectors/gtp/ips_gtp_info.cc index 6ba0373aa..cf011e7b2 100644 --- a/src/service_inspectors/gtp/ips_gtp_info.cc +++ b/src/service_inspectors/gtp/ips_gtp_info.cc @@ -77,15 +77,16 @@ uint32_t GtpInfoOption::hash() const uint32_t b = types[1]; uint32_t c = types[2]; - mix_str(a, b, c, get_name()); - finalize(a,b,c); + mix(a, b, c); + a += IpsOption::hash(); + finalize(a,b,c); return c; } bool GtpInfoOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const GtpInfoOption& rhs = (const GtpInfoOption&)ips; diff --git a/src/service_inspectors/gtp/ips_gtp_type.cc b/src/service_inspectors/gtp/ips_gtp_type.cc index 2c2dd6864..98fb47fd8 100644 --- a/src/service_inspectors/gtp/ips_gtp_type.cc +++ b/src/service_inspectors/gtp/ips_gtp_type.cc @@ -76,15 +76,16 @@ uint32_t GtpTypeOption::hash() const uint32_t b = types[1].count(); uint32_t c = types[2].count(); - mix_str(a, b, c, get_name()); - finalize(a,b,c); + mix(a, b, c); + a += IpsOption::hash(); + finalize(a,b,c); return c; } bool GtpTypeOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const GtpTypeOption& rhs = (const GtpTypeOption&)ips; diff --git a/src/service_inspectors/gtp/ips_gtp_version.cc b/src/service_inspectors/gtp/ips_gtp_version.cc index eca531c30..5f20e4dee 100644 --- a/src/service_inspectors/gtp/ips_gtp_version.cc +++ b/src/service_inspectors/gtp/ips_gtp_version.cc @@ -59,9 +59,9 @@ public: uint32_t GtpVersionOption::hash() const { - uint32_t a = version, b = 0, c = 0; + uint32_t a = version, b = IpsOption::hash(), c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -69,7 +69,7 @@ uint32_t GtpVersionOption::hash() const bool GtpVersionOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const GtpVersionOption& rhs = (const GtpVersionOption&)ips; diff --git a/src/service_inspectors/http2_inspect/http2_hpack.cc b/src/service_inspectors/http2_inspect/http2_hpack.cc index 93e82b3f9..a9698fc24 100644 --- a/src/service_inspectors/http2_inspect/http2_hpack.cc +++ b/src/service_inspectors/http2_inspect/http2_hpack.cc @@ -217,7 +217,7 @@ bool Http2HpackDecoder::decode_indexed_header(const uint8_t* encoded_header_buff return true; } -bool Http2HpackDecoder::write_header_part(Field& header, const uint8_t* suffix, +bool Http2HpackDecoder::write_header_part(const Field& header, const uint8_t* suffix, uint32_t suffix_length, uint8_t* decoded_header_buffer, const uint32_t decoded_header_length, uint32_t& bytes_written) { diff --git a/src/service_inspectors/http2_inspect/http2_hpack.h b/src/service_inspectors/http2_inspect/http2_hpack.h index 09b188d34..6f3badb8d 100644 --- a/src/service_inspectors/http2_inspect/http2_hpack.h +++ b/src/service_inspectors/http2_inspect/http2_hpack.h @@ -51,7 +51,7 @@ public: const HpackTableEntry* get_hpack_table_entry(const uint8_t* encoded_header_buffer, const uint32_t encoded_header_length, const Http2HpackIntDecode& decode_int, uint32_t& bytes_consumed); - bool write_header_part(Field& header, const uint8_t* suffix, uint32_t suffix_length, + bool write_header_part(const Field& header, const uint8_t* suffix, uint32_t suffix_length, uint8_t* decoded_header_buffer, const uint32_t decoded_header_length, uint32_t& bytes_written); bool decode_indexed_name(const uint8_t* encoded_header_buffer, diff --git a/src/service_inspectors/http_inspect/http_inspect.cc b/src/service_inspectors/http_inspect/http_inspect.cc index cc466afc6..1967e336b 100644 --- a/src/service_inspectors/http_inspect/http_inspect.cc +++ b/src/service_inspectors/http_inspect/http_inspect.cc @@ -270,7 +270,7 @@ bool HttpInspect::get_fp_buf(InspectionBuffer::Type ibt, Packet* p, InspectionBu return false; break; case InspectionBuffer::IBT_METHOD: - if ((get_latest_src(p) != SRC_CLIENT) || (get_latest_is(p) != IS_HEADER)) + if ((get_latest_src(p) != SRC_CLIENT) || (get_latest_is(p) == IS_BODY)) return false; break; case InspectionBuffer::IBT_STAT_CODE: diff --git a/src/service_inspectors/modbus/ips_modbus_data.cc b/src/service_inspectors/modbus/ips_modbus_data.cc index 2cf071522..a621ab3a5 100644 --- a/src/service_inspectors/modbus/ips_modbus_data.cc +++ b/src/service_inspectors/modbus/ips_modbus_data.cc @@ -55,9 +55,9 @@ public: uint32_t ModbusDataOption::hash() const { - uint32_t a = 0, b = 0, c = 0; + uint32_t a = IpsOption::hash(), b = 0, c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -65,7 +65,7 @@ uint32_t ModbusDataOption::hash() const bool ModbusDataOption::operator==(const IpsOption& ips) const { - return !strcmp(get_name(), ips.get_name()); + return IpsOption::operator==(ips); } IpsOption::EvalStatus ModbusDataOption::eval(Cursor& c, Packet* p) diff --git a/src/service_inspectors/modbus/ips_modbus_func.cc b/src/service_inspectors/modbus/ips_modbus_func.cc index e564c99a8..9d442af0f 100644 --- a/src/service_inspectors/modbus/ips_modbus_func.cc +++ b/src/service_inspectors/modbus/ips_modbus_func.cc @@ -106,9 +106,9 @@ public: uint32_t ModbusFuncOption::hash() const { - uint32_t a = func, b = 0, c = 0; + uint32_t a = func, b = IpsOption::hash(), c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -116,7 +116,7 @@ uint32_t ModbusFuncOption::hash() const bool ModbusFuncOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const ModbusFuncOption& rhs = (const ModbusFuncOption&)ips; diff --git a/src/service_inspectors/modbus/ips_modbus_unit.cc b/src/service_inspectors/modbus/ips_modbus_unit.cc index 076637083..162ecb89d 100644 --- a/src/service_inspectors/modbus/ips_modbus_unit.cc +++ b/src/service_inspectors/modbus/ips_modbus_unit.cc @@ -58,9 +58,9 @@ public: uint32_t ModbusUnitOption::hash() const { - uint32_t a = unit, b = 0, c = 0; + uint32_t a = unit, b = IpsOption::hash(), c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -68,7 +68,7 @@ uint32_t ModbusUnitOption::hash() const bool ModbusUnitOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const ModbusUnitOption& rhs = (const ModbusUnitOption&)ips; diff --git a/src/service_inspectors/s7commplus/ips_s7comm_content.cc b/src/service_inspectors/s7commplus/ips_s7comm_content.cc index c17b7c54d..8c334b7fc 100644 --- a/src/service_inspectors/s7commplus/ips_s7comm_content.cc +++ b/src/service_inspectors/s7commplus/ips_s7comm_content.cc @@ -55,9 +55,9 @@ public: uint32_t S7commplusContentOption::hash() const { - uint32_t a = 0, b = 0, c = 0; + uint32_t a = IpsOption::hash(), b = 0, c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -65,7 +65,7 @@ uint32_t S7commplusContentOption::hash() const bool S7commplusContentOption::operator==(const IpsOption& ips) const { - return !strcmp(get_name(), ips.get_name()); + return IpsOption::operator==(ips); } IpsOption::EvalStatus S7commplusContentOption::eval(Cursor& c, Packet* p) diff --git a/src/service_inspectors/s7commplus/ips_s7comm_func.cc b/src/service_inspectors/s7commplus/ips_s7comm_func.cc index aaba91329..e46bdcb04 100644 --- a/src/service_inspectors/s7commplus/ips_s7comm_func.cc +++ b/src/service_inspectors/s7commplus/ips_s7comm_func.cc @@ -99,9 +99,9 @@ public: uint32_t S7commplusFuncOption::hash() const { - uint32_t a = func, b = 0, c = 0; + uint32_t a = func, b = IpsOption::hash(), c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -109,7 +109,7 @@ uint32_t S7commplusFuncOption::hash() const bool S7commplusFuncOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const S7commplusFuncOption& rhs = (const S7commplusFuncOption&)ips; diff --git a/src/service_inspectors/s7commplus/ips_s7comm_opcode.cc b/src/service_inspectors/s7commplus/ips_s7comm_opcode.cc index 48478d549..6cf523f09 100644 --- a/src/service_inspectors/s7commplus/ips_s7comm_opcode.cc +++ b/src/service_inspectors/s7commplus/ips_s7comm_opcode.cc @@ -92,9 +92,9 @@ public: uint32_t S7commplusOpcodeOption::hash() const { - uint32_t a = opcode, b = 0, c = 0; + uint32_t a = opcode, b = IpsOption::hash(), c = 0; - mix_str(a, b, c, get_name()); + mix(a, b, c); finalize(a,b,c); return c; @@ -102,7 +102,7 @@ uint32_t S7commplusOpcodeOption::hash() const bool S7commplusOpcodeOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const S7commplusOpcodeOption& rhs = (const S7commplusOpcodeOption&)ips; diff --git a/src/service_inspectors/sip/ips_sip_method.cc b/src/service_inspectors/sip/ips_sip_method.cc index f7bad4e01..dbd227355 100644 --- a/src/service_inspectors/sip/ips_sip_method.cc +++ b/src/service_inspectors/sip/ips_sip_method.cc @@ -75,25 +75,22 @@ private: uint32_t SipMethodOption::hash() const { - uint32_t a,b,c; + uint32_t a = methods.size(); + uint32_t b = a ? methods.begin()->second : 0; + uint32_t c = IpsOption::hash(); - a = methods.size(); - b = a ? methods.begin()->second : 0; - c = 0; - - mix_str(a, b, c, get_name()); + mix(a, b, c); for ( auto& m : methods ) mix_str(a, b, c, m.first.c_str(), m.first.size()); finalize(a, b, c); - return c; } bool SipMethodOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const SipMethodOption& rhs = (const SipMethodOption&)ips; diff --git a/src/service_inspectors/sip/ips_sip_stat_code.cc b/src/service_inspectors/sip/ips_sip_stat_code.cc index 45ae386b9..4035bab31 100644 --- a/src/service_inspectors/sip/ips_sip_stat_code.cc +++ b/src/service_inspectors/sip/ips_sip_stat_code.cc @@ -64,20 +64,20 @@ private: uint32_t SipStatCodeOption::hash() const { - uint32_t a = 0, b = 0, c = 0; + uint32_t a = IpsOption::hash(), b = 0, c = 0; unsigned n = 0; while ( n < SIP_NUM_STAT_CODE_MAX and ssod.stat_codes[n] ) ++n; mix_str(a, b, c, (const char*)ssod.stat_codes, n*sizeof(ssod.stat_codes[0])); - mix_str(a, b, c, get_name()); + finalize(a, b, c); return c; } bool SipStatCodeOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const SipStatCodeOption& rhs = (const SipStatCodeOption&)ips; diff --git a/src/service_inspectors/ssl/ips_ssl_state.cc b/src/service_inspectors/ssl/ips_ssl_state.cc index 00b9c5374..2b17fa155 100644 --- a/src/service_inspectors/ssl/ips_ssl_state.cc +++ b/src/service_inspectors/ssl/ips_ssl_state.cc @@ -70,21 +70,17 @@ private: uint32_t SslStateOption::hash() const { - uint32_t a,b,c; + uint32_t a = ssod.flags; + uint32_t b = ssod.mask; + uint32_t c = IpsOption::hash(); - a = ssod.flags; - b = ssod.mask; - c = 0; - - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool SslStateOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const SslStateOption& rhs = (const SslStateOption&)ips; diff --git a/src/service_inspectors/ssl/ips_ssl_version.cc b/src/service_inspectors/ssl/ips_ssl_version.cc index 5b1026e0a..71abd16e5 100644 --- a/src/service_inspectors/ssl/ips_ssl_version.cc +++ b/src/service_inspectors/ssl/ips_ssl_version.cc @@ -70,21 +70,17 @@ private: uint32_t SslVersionOption::hash() const { - uint32_t a,b,c; + uint32_t a = svod.flags; + uint32_t b = svod.mask; + uint32_t c = IpsOption::hash(); - a = svod.flags; - b = svod.mask; - c = 0; - - mix_str(a,b,c,get_name()); finalize(a,b,c); - return c; } bool SslVersionOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const SslVersionOption& rhs = (const SslVersionOption&)ips; diff --git a/src/stream/ip/ip_defrag.cc b/src/stream/ip/ip_defrag.cc index dd4dbe1cc..8f508bd2f 100644 --- a/src/stream/ip/ip_defrag.cc +++ b/src/stream/ip/ip_defrag.cc @@ -1655,8 +1655,7 @@ left_overlap_last: * further. */ trunc = 0; - if (right) - continue; + continue; } if (curr_end < frag_end) diff --git a/src/stream/tcp/ips_stream_reassemble.cc b/src/stream/tcp/ips_stream_reassemble.cc index fdb3e5262..64d9c4ecb 100644 --- a/src/stream/tcp/ips_stream_reassemble.cc +++ b/src/stream/tcp/ips_stream_reassemble.cc @@ -72,17 +72,16 @@ private: uint32_t ReassembleOption::hash() const { - uint32_t a,b,c; - - a = srod.enable; - b = srod.direction; - c = srod.alert; + uint32_t a = srod.enable; + uint32_t b = srod.direction; + uint32_t c = srod.alert; mix(a,b,c); a = srod.fastpath; + b += IpsOption::hash(); - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -90,7 +89,7 @@ uint32_t ReassembleOption::hash() const bool ReassembleOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const ReassembleOption& rhs = (const ReassembleOption&)ips; diff --git a/src/stream/tcp/ips_stream_size.cc b/src/stream/tcp/ips_stream_size.cc index 58584a773..8000ea475 100644 --- a/src/stream/tcp/ips_stream_size.cc +++ b/src/stream/tcp/ips_stream_size.cc @@ -64,17 +64,16 @@ private: uint32_t SizeOption::hash() const { - uint32_t a,b,c; - - a = ssod.op; - b = ssod.min; - c = ssod.max; + uint32_t a = ssod.op; + uint32_t b = ssod.min; + uint32_t c = ssod.max; mix(a,b,c); a = direction; + b += IpsOption::hash(); - mix_str(a,b,c,get_name()); + mix(a,b,c); finalize(a,b,c); return c; @@ -82,7 +81,7 @@ uint32_t SizeOption::hash() const bool SizeOption::operator==(const IpsOption& ips) const { - if ( strcmp(get_name(), ips.get_name()) ) + if ( !IpsOption::operator==(ips) ) return false; const SizeOption& rhs = (const SizeOption&)ips;