From: Tom Peters (thopeter) Date: Fri, 18 Mar 2022 20:54:21 +0000 (+0000) Subject: Pull request #3309: stream: reusable stream splitter X-Git-Tag: 3.1.26.0~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=39208eab424b27c96f3c63057083834d0d762b7e;p=thirdparty%2Fsnort3.git Pull request #3309: stream: reusable stream splitter Merge in SNORT/snort3 from ~THOPETER/snort3:reusable_splitter to master Squashed commit of the following: commit f46c56042a28b94d8a3c48ac88eaa0cbb2f72ed9 Author: Tom Peters Date: Tue Mar 15 15:53:46 2022 -0400 stream: reusable stream splitter --- diff --git a/src/service_inspectors/http2_inspect/http2_flow_data.cc b/src/service_inspectors/http2_inspect/http2_flow_data.cc index 5cac7196d..c34e5e72a 100644 --- a/src/service_inspectors/http2_inspect/http2_flow_data.cc +++ b/src/service_inspectors/http2_inspect/http2_flow_data.cc @@ -91,7 +91,7 @@ Http2FlowData::~Http2FlowData() { delete infractions[k]; delete events[k]; - delete hi_ss[k]; + hi_ss[k]->go_away(); delete[] frame_data[k]; } diff --git a/src/service_inspectors/http2_inspect/http2_inspect.h b/src/service_inspectors/http2_inspect/http2_inspect.h index 4fe12f5d1..d803c982d 100644 --- a/src/service_inspectors/http2_inspect/http2_inspect.h +++ b/src/service_inspectors/http2_inspect/http2_inspect.h @@ -50,7 +50,7 @@ public: void clear(snort::Packet* p) override; Http2StreamSplitter* get_splitter(bool is_client_to_server) override - { return new Http2StreamSplitter(is_client_to_server); } + { return &splitter[is_client_to_server ? HttpCommon::SRC_CLIENT : HttpCommon::SRC_SERVER]; } bool can_carve_files() const override { return true; } @@ -58,6 +58,8 @@ public: private: friend Http2Api; + Http2StreamSplitter splitter[2] = { true, false }; + const Http2ParaList* const params; }; diff --git a/src/service_inspectors/http2_inspect/http2_stream_splitter.h b/src/service_inspectors/http2_inspect/http2_stream_splitter.h index dc6a7848c..1b9b37e15 100644 --- a/src/service_inspectors/http2_inspect/http2_stream_splitter.h +++ b/src/service_inspectors/http2_inspect/http2_stream_splitter.h @@ -44,6 +44,7 @@ public: // FIXIT-M should return actual packet buffer size unsigned max(snort::Flow*) override { return Http2Enums::MAX_OCTETS; } + void go_away() override {} private: const HttpCommon::SourceId source_id; diff --git a/src/service_inspectors/http_inspect/http_inspect.h b/src/service_inspectors/http_inspect/http_inspect.h index 44021533a..436a522a1 100644 --- a/src/service_inspectors/http_inspect/http_inspect.h +++ b/src/service_inspectors/http_inspect/http_inspect.h @@ -62,7 +62,7 @@ public: void clear(snort::Packet* p) override; HttpStreamSplitter* get_splitter(bool is_client_to_server) override - { return new HttpStreamSplitter(is_client_to_server, this); } + { return &splitter[is_client_to_server ? HttpCommon::SRC_CLIENT : HttpCommon::SRC_SERVER]; } bool can_carve_files() const override { return true; } @@ -84,6 +84,8 @@ private: friend HttpApi; friend HttpStreamSplitter; + HttpStreamSplitter splitter[2] = { { true, this }, { false, this } }; + bool process(const uint8_t* data, const uint16_t dsize, snort::Flow* const flow, HttpCommon::SourceId source_id_, bool buf_owner) const; static HttpFlowData* http_get_flow_data(const snort::Flow* flow); diff --git a/src/service_inspectors/http_inspect/http_stream_splitter.h b/src/service_inspectors/http_inspect/http_stream_splitter.h index 0f6781a8e..b9ea3ad7d 100644 --- a/src/service_inspectors/http_inspect/http_stream_splitter.h +++ b/src/service_inspectors/http_inspect/http_stream_splitter.h @@ -49,6 +49,7 @@ public: // FIXIT-M should return actual packet buffer size unsigned max(snort::Flow*) override { return HttpEnums::MAX_OCTETS; } + void go_away() override {} private: void prepare_flush(HttpFlowData* session_data, uint32_t* flush_offset, HttpEnums::SectionType diff --git a/src/stream/stream_splitter.h b/src/stream/stream_splitter.h index 4d109758c..387cb252b 100644 --- a/src/stream/stream_splitter.h +++ b/src/stream/stream_splitter.h @@ -82,6 +82,7 @@ public: virtual bool is_paf() { return false; } virtual unsigned max(Flow* = nullptr); + virtual void go_away() { delete this; } bool to_server() { return c2s; } bool to_client() { return !c2s; } diff --git a/src/stream/tcp/tcp_stream_tracker.cc b/src/stream/tcp/tcp_stream_tracker.cc index 2188082f6..5428393a4 100644 --- a/src/stream/tcp/tcp_stream_tracker.cc +++ b/src/stream/tcp/tcp_stream_tracker.cc @@ -71,7 +71,7 @@ TcpStreamTracker::TcpStreamTracker(bool client) : { } TcpStreamTracker::~TcpStreamTracker() -{ delete splitter; } +{ if (splitter != nullptr) splitter->go_away(); } TcpStreamTracker::TcpEvent TcpStreamTracker::set_tcp_event(const TcpSegmentDescriptor& tsd) { @@ -255,7 +255,7 @@ void TcpStreamTracker::init_flush_policy() void TcpStreamTracker::set_splitter(StreamSplitter* ss) { if ( splitter ) - delete splitter; + splitter->go_away(); splitter = ss; diff --git a/src/stream/user/user_session.cc b/src/stream/user/user_session.cc index 33fa05563..b08f0697a 100644 --- a/src/stream/user/user_session.cc +++ b/src/stream/user/user_session.cc @@ -138,7 +138,7 @@ void UserTracker::term() { if ( splitter ) { - delete splitter; + splitter->go_away(); splitter = nullptr; } @@ -367,8 +367,10 @@ void UserSession::start(Packet* p, Flow* f) void UserSession::end(Packet*, Flow*) { - delete client.splitter; - delete server.splitter; + if (client.splitter != nullptr) + client.splitter->go_away(); + if (server.splitter != nullptr) + server.splitter->go_away(); client.splitter = nullptr; server.splitter = nullptr; @@ -451,7 +453,7 @@ void UserSession::set_splitter(bool c2s, StreamSplitter* ss) UserTracker& ut = c2s ? server : client; if ( ut.splitter ) - delete ut.splitter; + ut.splitter->go_away(); ut.splitter = ss;