From: Victor Julien Date: Fri, 6 Mar 2020 21:03:20 +0000 (+0100) Subject: app-layer: change return codes X-Git-Tag: suricata-6.0.0-beta1~646 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3bcf948a75054280d3a74992833e0d9c5e5cb77e;p=thirdparty%2Fsuricata.git app-layer: change return codes This patch simplifies the return codes app-layer parsers use, in preparation of a patch set for overhauling the return type. Introduce two macros: APP_LAYER_OK (value 0) APP_LAYER_ERROR (value -1) Update all parsers to use this. --- diff --git a/rust/src/dhcp/dhcp.rs b/rust/src/dhcp/dhcp.rs index a819b1bfaf..107d1f37b0 100644 --- a/rust/src/dhcp/dhcp.rs +++ b/rust/src/dhcp/dhcp.rs @@ -293,7 +293,7 @@ pub extern "C" fn rs_dhcp_parse(_flow: *const core::Flow, let state = cast_pointer!(state, DHCPState); let buf = build_slice!(input, input_len as usize); if state.parse(buf) { - return 1; + return 0; } return -1; } diff --git a/rust/src/dns/dns.rs b/rust/src/dns/dns.rs index 5632269cc3..69f1fd6304 100644 --- a/rust/src/dns/dns.rs +++ b/rust/src/dns/dns.rs @@ -668,7 +668,7 @@ pub extern "C" fn rs_dns_parse_request(_flow: *const core::Flow, let state = cast_pointer!(state, DNSState); let buf = unsafe{std::slice::from_raw_parts(input, input_len as usize)}; if state.parse_request(buf) { - 1 + 0 } else { -1 } @@ -686,7 +686,7 @@ pub extern "C" fn rs_dns_parse_response(_flow: *const core::Flow, let state = cast_pointer!(state, DNSState); let buf = unsafe{std::slice::from_raw_parts(input, input_len as usize)}; if state.parse_response(buf) { - 1 + 0 } else { -1 } diff --git a/rust/src/ikev2/ikev2.rs b/rust/src/ikev2/ikev2.rs index 0a659d7e98..a0f78a39e8 100644 --- a/rust/src/ikev2/ikev2.rs +++ b/rust/src/ikev2/ikev2.rs @@ -473,7 +473,11 @@ pub extern "C" fn rs_ikev2_parse_request(_flow: *const core::Flow, _flags: u8) -> i32 { let buf = build_slice!(input,input_len as usize); let state = cast_pointer!(state,IKEV2State); - state.parse(buf, STREAM_TOSERVER) + let res = state.parse(buf, STREAM_TOSERVER); + if res < 0 { + return res; + } + 0 } #[no_mangle] @@ -494,7 +498,10 @@ pub extern "C" fn rs_ikev2_parse_response(_flow: *const core::Flow, APP_LAYER_PARSER_BYPASS_READY) }; } - res + if res < 0 { + return res; + } + 0 } #[no_mangle] diff --git a/rust/src/nfs/nfs.rs b/rust/src/nfs/nfs.rs index 0832d70f0a..3aba46f700 100644 --- a/rust/src/nfs/nfs.rs +++ b/rust/src/nfs/nfs.rs @@ -603,7 +603,7 @@ impl NFSState { 2 => { self.process_request_record_v2(r) }, - _ => { 1 }, + _ => { 0 }, } } @@ -1015,7 +1015,7 @@ impl NFSState { let consumed = self.filetracker_update(STREAM_TOSERVER, &gap, gap_size); if consumed > gap_size { SCLogDebug!("consumed more than GAP size: {} > {}", consumed, gap_size); - return 1; + return 0; } self.ts_ssn_gap = true; self.ts_gap = true; @@ -1032,7 +1032,7 @@ impl NFSState { let consumed = self.filetracker_update(STREAM_TOCLIENT, &gap, gap_size); if consumed > gap_size { SCLogDebug!("consumed more than GAP size: {} > {}", consumed, gap_size); - return 1; + return 0; } self.tc_ssn_gap = true; self.tc_gap = true; @@ -1169,7 +1169,7 @@ impl NFSState { // bad. self.set_event(NFSEvent::MalformedData); - status = 1; + status = 0; }, Err(nom::Err::Error(_e)) | Err(nom::Err::Failure(_e)) => { @@ -1333,7 +1333,7 @@ impl NFSState { // bad. self.set_event(NFSEvent::MalformedData); - status = 1; + status = 0; }, Err(nom::Err::Error(_e)) | Err(nom::Err::Failure(_e)) => { @@ -1377,7 +1377,7 @@ impl NFSState { 2 => { status |= self.process_request_record_v2(rpc_record); }, - _ => { status = 1; }, + _ => { status = 0; }, } }, Err(nom::Err::Incomplete(_)) => { @@ -1386,6 +1386,7 @@ impl NFSState { Err(nom::Err::Failure(_e)) => { SCLogDebug!("Parsing failed: {:?}", _e); } } } + SCLogDebug!("status {}", status); status } @@ -1459,7 +1460,7 @@ pub extern "C" fn rs_nfs_parse_request(flow: &mut Flow, state.ts = flow.get_last_time().as_secs(); if state.parse_tcp_data_ts(buf) == 0 { - 1 + 0 } else { -1 } @@ -1472,7 +1473,7 @@ pub extern "C" fn rs_nfs_parse_request_tcp_gap( -> i8 { if state.parse_tcp_data_ts_gap(input_len as u32) == 0 { - return 1; + return 0; } return -1; } @@ -1491,7 +1492,7 @@ pub extern "C" fn rs_nfs_parse_response(flow: &mut Flow, state.ts = flow.get_last_time().as_secs(); if state.parse_tcp_data_tc(buf) == 0 { - 1 + 0 } else { -1 } @@ -1504,7 +1505,7 @@ pub extern "C" fn rs_nfs_parse_response_tcp_gap( -> i8 { if state.parse_tcp_data_tc_gap(input_len as u32) == 0 { - return 1; + return 0; } return -1; } @@ -1523,7 +1524,7 @@ pub extern "C" fn rs_nfs_parse_request_udp(_flow: *mut Flow, SCLogDebug!("parsing {} bytes of request data", input_len); if state.parse_udp_ts(buf) == 0 { - 1 + 0 } else { -1 } @@ -1542,7 +1543,7 @@ pub extern "C" fn rs_nfs_parse_response_udp(_flow: *mut Flow, let buf = unsafe{std::slice::from_raw_parts(input, input_len as usize)}; if state.parse_udp_tc(buf) == 0 { - 1 + 0 } else { -1 } diff --git a/rust/src/ntp/ntp.rs b/rust/src/ntp/ntp.rs index 4b53853208..24f3dfe493 100644 --- a/rust/src/ntp/ntp.rs +++ b/rust/src/ntp/ntp.rs @@ -104,7 +104,7 @@ impl NTPState { tx.xid = msg.ref_id; self.transactions.push(tx); } - 1 + 0 }, Err(nom::Err::Incomplete(_)) => { SCLogDebug!("Insufficient data while parsing NTP data"); @@ -464,6 +464,6 @@ mod tests { ]; let mut state = NTPState::new(); - assert_eq!(1, state.parse(REQ, 0)); + assert_eq!(0, state.parse(REQ, 0)); } } diff --git a/rust/src/rdp/rdp.rs b/rust/src/rdp/rdp.rs index 223e78b48c..7f8dd81049 100644 --- a/rust/src/rdp/rdp.rs +++ b/rust/src/rdp/rdp.rs @@ -466,7 +466,7 @@ pub extern "C" fn rs_rdp_parse_ts( let buf = build_slice!(input, input_len as usize); // attempt to parse bytes as `rdp` protocol if state.parse_ts(buf) { - return 1; + return 0; } // no need for further parsing return -1; @@ -486,7 +486,7 @@ pub extern "C" fn rs_rdp_parse_tc( let buf = build_slice!(input, input_len as usize); // attempt to parse bytes as `rdp` protocol if state.parse_tc(buf) { - return 1; + return 0; } // no need for further parsing return -1; diff --git a/rust/src/sip/sip.rs b/rust/src/sip/sip.rs index f50b159267..855bed23ac 100755 --- a/rust/src/sip/sip.rs +++ b/rust/src/sip/sip.rs @@ -362,7 +362,7 @@ pub extern "C" fn rs_sip_parse_request( let buf = build_slice!(input, input_len as usize); let state = cast_pointer!(state, SIPState); if state.parse_request(buf) { - 1 + 0 } else { -1 } @@ -381,7 +381,7 @@ pub extern "C" fn rs_sip_parse_response( let buf = build_slice!(input, input_len as usize); let state = cast_pointer!(state, SIPState); if state.parse_response(buf) { - 1 + 0 } else { -1 } diff --git a/rust/src/smb/smb.rs b/rust/src/smb/smb.rs index 0200bf0105..565c800fa5 100644 --- a/rust/src/smb/smb.rs +++ b/rust/src/smb/smb.rs @@ -1848,7 +1848,7 @@ pub extern "C" fn rs_smb_parse_request_tcp(flow: &mut Flow, state.ts = flow.get_last_time().as_secs(); if state.parse_tcp_data_ts(buf) == 0 { - return 1; + return 0; } else { return -1; } @@ -1861,7 +1861,7 @@ pub extern "C" fn rs_smb_parse_request_tcp_gap( -> i8 { if state.parse_tcp_data_ts_gap(input_len as u32) == 0 { - return 1; + return 0; } return -1; } @@ -1887,7 +1887,7 @@ pub extern "C" fn rs_smb_parse_response_tcp(flow: &mut Flow, state.ts = flow.get_last_time().as_secs(); if state.parse_tcp_data_tc(buf) == 0 { - return 1; + return 0; } else { return -1; } @@ -1900,7 +1900,7 @@ pub extern "C" fn rs_smb_parse_response_tcp_gap( -> i8 { if state.parse_tcp_data_tc_gap(input_len as u32) == 0 { - return 1; + return 0; } return -1; } diff --git a/rust/src/tftp/tftp.rs b/rust/src/tftp/tftp.rs index 59e22d10cb..ecc5f7adb6 100644 --- a/rust/src/tftp/tftp.rs +++ b/rust/src/tftp/tftp.rs @@ -148,7 +148,7 @@ pub extern "C" fn rs_tftp_request(state: &mut TFTPState, state.tx_id += 1; rqst.id = state.tx_id; state.transactions.push(rqst); - 1 + 0 }, _ => 0 } diff --git a/src/app-layer-dcerpc-udp.c b/src/app-layer-dcerpc-udp.c index ae33e80406..27f7d242ba 100644 --- a/src/app-layer-dcerpc-udp.c +++ b/src/app-layer-dcerpc-udp.c @@ -725,9 +725,9 @@ static int DCERPCUDPParse(Flow *f, void *dcerpc_state, SCEnter(); if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) { - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } DCERPCUDPState *sstate = (DCERPCUDPState *) dcerpc_state; @@ -779,9 +779,9 @@ static int DCERPCUDPParse(Flow *f, void *dcerpc_state, sstate->bytesprocessed = 0; } if (pstate == NULL) - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } static void *DCERPCUDPStateAlloc(void) diff --git a/src/app-layer-dcerpc.c b/src/app-layer-dcerpc.c index c78ad6c05e..23bf3ff412 100644 --- a/src/app-layer-dcerpc.c +++ b/src/app-layer-dcerpc.c @@ -1897,26 +1897,26 @@ static int DCERPCParse(Flow *f, void *dcerpc_state, DCERPCState *sstate = (DCERPCState *) dcerpc_state; if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) { - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } if (sstate->dcerpc.bytesprocessed != 0 && sstate->data_needed_for_dir != dir) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } retval = DCERPCParser(&sstate->dcerpc, input, input_len); if (retval == -1) { - SCReturnInt(0); + SCReturnInt(APP_LAYER_OK); } sstate->data_needed_for_dir = dir; if (pstate == NULL) - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } static int DCERPCParseRequest(Flow *f, void *dcerpc_state, diff --git a/src/app-layer-dnp3.c b/src/app-layer-dnp3.c index cd50972fec..3b7c97c2ca 100644 --- a/src/app-layer-dnp3.c +++ b/src/app-layer-dnp3.c @@ -1121,7 +1121,7 @@ static int DNP3ParseRequest(Flow *f, void *state, AppLayerParserState *pstate, int processed = 0; if (input_len == 0) { - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } if (buffer->len) { @@ -1159,12 +1159,12 @@ static int DNP3ParseRequest(Flow *f, void *state, AppLayerParserState *pstate, } } - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); error: /* Reset the buffer. */ DNP3BufferReset(buffer); - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } /** @@ -1300,13 +1300,13 @@ static int DNP3ParseResponse(Flow *f, void *state, AppLayerParserState *pstate, } done: - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); error: /* An error occurred while processing DNP3 frames. Dump the * buffer as we can't be assured that they are valid anymore. */ DNP3BufferReset(buffer); - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } static AppLayerDecoderEvents *DNP3GetEvents(void *tx) diff --git a/src/app-layer-enip.c b/src/app-layer-enip.c index 22cac4e44d..f7fcc18904 100644 --- a/src/app-layer-enip.c +++ b/src/app-layer-enip.c @@ -343,20 +343,20 @@ static int ENIPParse(Flow *f, void *state, AppLayerParserState *pstate, if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) { - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL && input_len != 0) { // GAP - SCReturnInt(0); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } while (input_len > 0) { tx = ENIPTransactionAlloc(enip); if (tx == NULL) - SCReturnInt(0); + SCReturnInt(APP_LAYER_OK); SCLogDebug("ENIPParse input len %d", input_len); DecodeENIPPDU(input, input_len, tx); @@ -379,7 +379,7 @@ static int ENIPParse(Flow *f, void *state, AppLayerParserState *pstate, } } - return 1; + SCReturnInt(APP_LAYER_OK); } diff --git a/src/app-layer-ftp.c b/src/app-layer-ftp.c index 5f0623b2f0..9fbcc10ab6 100644 --- a/src/app-layer-ftp.c +++ b/src/app-layer-ftp.c @@ -547,7 +547,8 @@ static uint32_t CopyCommandLine(uint8_t **dest, const uint8_t *src, uint32_t len * \param input_len length of the request * \param output the resulting output * - * \retval 1 when the command is parsed, 0 otherwise + * \retval APP_LAYER_OK when input was process successfully + * \retval APP_LAYER_ERROR when a unrecoverable error was encountered */ static int FTPParseRequest(Flow *f, void *ftp_state, AppLayerParserState *pstate, @@ -563,9 +564,9 @@ static int FTPParseRequest(Flow *f, void *ftp_state, void *ptmp; if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) { - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } state->input = input; @@ -588,7 +589,7 @@ static int FTPParseRequest(Flow *f, void *ftp_state, FTPTransaction *tx = FTPTransactionCreate(state); if (unlikely(tx == NULL)) - return -1; + SCReturnInt(APP_LAYER_ERROR); state->curr_tx = tx; tx->command_descriptor = cmd_descriptor; @@ -609,7 +610,7 @@ static int FTPParseRequest(Flow *f, void *ftp_state, state->port_line = NULL; state->port_line_size = 0; } - return 0; + SCReturnInt(APP_LAYER_OK); } state->port_line = ptmp; state->port_line_size = state->current_line_len; @@ -624,23 +625,22 @@ static int FTPParseRequest(Flow *f, void *ftp_state, */ direction = STREAM_TOCLIENT; // fallthrough - case FTP_COMMAND_STOR: - { + case FTP_COMMAND_STOR: { /* Ensure that there is a negotiated dyn port and a file * name -- need more than 5 chars: cmd [4], space, */ if (state->dyn_port == 0 || state->current_line_len < 6) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } struct FtpTransferCmd *data = FTPCalloc(1, sizeof(struct FtpTransferCmd)); if (data == NULL) - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); data->DFree = FtpTransferCmdFree; /* Min size has been checked in FTPParseRequestCommand */ data->file_name = FTPCalloc(state->current_line_len - 4, sizeof(char)); if (data->file_name == NULL) { FtpTransferCmdFree(data); - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } data->file_name[state->current_line_len - 5] = 0; data->file_len = state->current_line_len - 5; @@ -653,7 +653,7 @@ static int FTPParseRequest(Flow *f, void *ftp_state, if (ret == -1) { FtpTransferCmdFree(data); SCLogDebug("No expectation created."); - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } else { SCLogDebug("Expectation created [direction: %s, dynamic port %"PRIu16"].", state->active ? "to server" : "to client", @@ -671,7 +671,7 @@ static int FTPParseRequest(Flow *f, void *ftp_state, } } - return 1; + SCReturnInt(APP_LAYER_OK); } static int FTPParsePassiveResponse(Flow *f, FtpState *state, const uint8_t *input, uint32_t input_len) @@ -705,7 +705,7 @@ static int FTPParsePassiveResponseV6(Flow *f, FtpState *state, const uint8_t *in /** * \brief Handle preliminary replies -- keep tx open - * \retval: True for a positive preliminary reply; false otherwise + * \retval bool True for a positive preliminary reply; false otherwise * * 1yz Positive Preliminary reply * @@ -732,10 +732,9 @@ static int FTPParseResponse(Flow *f, void *ftp_state, AppLayerParserState *pstat void *local_data, const uint8_t flags) { FtpState *state = (FtpState *)ftp_state; - int retcode = 1; if (unlikely(input_len == 0)) { - return 1; + SCReturnInt(APP_LAYER_OK); } FTPTransaction *tx = FTPGetOldestTx(state); @@ -743,7 +742,7 @@ static int FTPParseResponse(Flow *f, void *ftp_state, AppLayerParserState *pstat tx = FTPTransactionCreate(state); } if (unlikely(tx == NULL)) { - return -1; + SCReturnInt(APP_LAYER_ERROR); } if (state->command == FTP_COMMAND_UNKNOWN || tx->command_descriptor == NULL) { /* unknown */ @@ -760,7 +759,6 @@ static int FTPParseResponse(Flow *f, void *ftp_state, AppLayerParserState *pstat if (state->command == FTP_COMMAND_EPRT) { uint16_t dyn_port = rs_ftp_active_eprt(state->port_line, state->port_line_len); if (dyn_port == 0) { - retcode = 0; goto tx_complete; } state->dyn_port = dyn_port; @@ -774,7 +772,6 @@ static int FTPParseResponse(Flow *f, void *ftp_state, AppLayerParserState *pstat if ((flags & STREAM_TOCLIENT)) { uint16_t dyn_port = rs_ftp_active_port(state->port_line, state->port_line_len); if (dyn_port == 0) { - retcode = 0; goto tx_complete; } state->dyn_port = dyn_port; @@ -807,12 +804,12 @@ static int FTPParseResponse(Flow *f, void *ftp_state, AppLayerParserState *pstat /* Handle preliminary replies -- keep tx open */ if (FTPIsPPR(input, input_len)) { - return retcode; + SCReturnInt(APP_LAYER_OK); } tx_complete: tx->done = true; - return retcode; + SCReturnInt(APP_LAYER_OK); } diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index 3293a74e8a..ceeb9accf6 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -847,7 +847,7 @@ static int HTPHandleRequestData(Flow *f, void *htp_state, void *local_data, const uint8_t flags) { SCEnter(); - int ret = 1; + int ret = 0; HtpState *hstate = (HtpState *)htp_state; /* On the first invocation, create the connection parser structure to @@ -910,7 +910,7 @@ static int HTPHandleResponseData(Flow *f, void *htp_state, void *local_data, const uint8_t flags) { SCEnter(); - int ret = 1; + int ret = 0; HtpState *hstate = (HtpState *)htp_state; /* On the first invocation, create the connection parser structure to diff --git a/src/app-layer-modbus.c b/src/app-layer-modbus.c index e026e333fc..b4ce99e6f8 100644 --- a/src/app-layer-modbus.c +++ b/src/app-layer-modbus.c @@ -1301,9 +1301,9 @@ static int ModbusParseRequest(Flow *f, ModbusHeader header; if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) { - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } while (input_len > 0) { @@ -1312,17 +1312,17 @@ static int ModbusParseRequest(Flow *f, /* Extract MODBUS Header */ if (ModbusParseHeader(modbus, &header, adu, adu_len)) - SCReturnInt(0); + SCReturnInt(APP_LAYER_OK); /* Update ADU length with length in Modbus header. */ adu_len = (uint32_t) sizeof(ModbusHeader) + (uint32_t) header.length - 1; if (adu_len > input_len) - SCReturnInt(0); + SCReturnInt(APP_LAYER_OK); /* Allocate a Transaction Context and add it to Transaction list */ tx = ModbusTxAlloc(modbus); if (tx == NULL) - SCReturnInt(0); + SCReturnInt(APP_LAYER_OK); /* Check MODBUS Header */ ModbusCheckHeader(modbus, &header); @@ -1340,7 +1340,7 @@ static int ModbusParseRequest(Flow *f, input_len -= adu_len; } - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } /** \internal @@ -1366,9 +1366,9 @@ static int ModbusParseResponse(Flow *f, ModbusTransaction *tx; if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) { - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } while (input_len > 0) { @@ -1377,12 +1377,12 @@ static int ModbusParseResponse(Flow *f, /* Extract MODBUS Header */ if (ModbusParseHeader(modbus, &header, adu, adu_len)) - SCReturnInt(0); + SCReturnInt(APP_LAYER_OK); /* Update ADU length with length in Modbus header. */ adu_len = (uint32_t) sizeof(ModbusHeader) + (uint32_t) header.length - 1; if (adu_len > input_len) - SCReturnInt(0); + SCReturnInt(APP_LAYER_OK); /* Find the transaction context thanks to transaction ID (and function code) */ tx = ModbusTxFindByTransaction(modbus, header.transactionId); @@ -1391,7 +1391,7 @@ static int ModbusParseResponse(Flow *f, /* and add it to Transaction list */ tx = ModbusTxAlloc(modbus); if (tx == NULL) - SCReturnInt(0); + SCReturnInt(APP_LAYER_OK); SCLogDebug("MODBUS_DECODER_EVENT_UNSOLICITED_RESPONSE"); ModbusSetEvent(modbus, MODBUS_DECODER_EVENT_UNSOLICITED_RESPONSE); @@ -1414,7 +1414,7 @@ static int ModbusParseResponse(Flow *f, input_len -= adu_len; } - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } /** \internal diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c index d97b9b574c..089472c63d 100644 --- a/src/app-layer-parser.c +++ b/src/app-layer-parser.c @@ -1233,10 +1233,11 @@ int AppLayerParserParse(ThreadVars *tv, AppLayerParserThreadCtx *alp_tctx, Flow /* invoke the recursive parser, but only on data. We may get empty msgs on EOF */ if (input_len > 0 || (flags & STREAM_EOF)) { /* invoke the parser */ - if (p->Parser[(flags & STREAM_TOSERVER) ? 0 : 1](f, alstate, pstate, + int parse_res = p->Parser[(flags & STREAM_TOSERVER) ? 0 : 1](f, alstate, pstate, input, input_len, alp_tctx->alproto_local_storage[f->protomap][alproto], - flags) < 0) + flags); + if (parse_res < 0) { goto error; } diff --git a/src/app-layer-parser.h b/src/app-layer-parser.h index fc367d2ff3..7b3f81fe2d 100644 --- a/src/app-layer-parser.h +++ b/src/app-layer-parser.h @@ -51,6 +51,9 @@ * completely inspected */ #define APP_LAYER_TX_PREFILTER_MASK ~APP_LAYER_TX_INSPECTED_FLAG +#define APP_LAYER_OK 0 +#define APP_LAYER_ERROR -1 + int AppLayerParserProtoIsRegistered(uint8_t ipproto, AppProto alproto); /***** transaction handling *****/ diff --git a/src/app-layer-smb.c b/src/app-layer-smb.c index a0917ff163..ba19933423 100644 --- a/src/app-layer-smb.c +++ b/src/app-layer-smb.c @@ -45,7 +45,7 @@ static int SMBTCPParseRequest(Flow *f, void *state, res = rs_smb_parse_request_tcp(f, state, pstate, input, input_len, local_data, flags); } - if (res != 1) { + if (res != 0) { SCLogDebug("SMB request%s of %u bytes, retval %d", (input == NULL && input_len > 0) ? " is GAP" : "", input_len, res); } @@ -68,7 +68,7 @@ static int SMBTCPParseResponse(Flow *f, void *state, res = rs_smb_parse_response_tcp(f, state, pstate, input, input_len, local_data, flags); } - if (res != 1) { + if (res != 0) { SCLogDebug("SMB response%s of %u bytes, retval %d", (input == NULL && input_len > 0) ? " is GAP" : "", input_len, res); } diff --git a/src/app-layer-smtp.c b/src/app-layer-smtp.c index a4f5e0ef7f..7acab8405d 100644 --- a/src/app-layer-smtp.c +++ b/src/app-layer-smtp.c @@ -1361,9 +1361,9 @@ static int SMTPParse(int direction, Flow *f, SMTPState *state, SCEnter(); if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) { - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } state->input = input; @@ -1374,18 +1374,18 @@ static int SMTPParse(int direction, Flow *f, SMTPState *state, if (direction == 0) { while (SMTPGetLine(state) >= 0) { if (SMTPProcessRequest(state, f, pstate) == -1) - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } /* toclient */ } else { while (SMTPGetLine(state) >= 0) { if (SMTPProcessReply(state, f, pstate, thread_data) == -1) - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } } - SCReturnInt(0); + SCReturnInt(APP_LAYER_OK); } static int SMTPParseClientRecord(Flow *f, void *alstate, diff --git a/src/app-layer-ssh.c b/src/app-layer-ssh.c index 0459eb2181..53d790b1f9 100644 --- a/src/app-layer-ssh.c +++ b/src/app-layer-ssh.c @@ -428,9 +428,9 @@ static int SSHParseRequest(Flow *f, void *state, AppLayerParserState *pstate, SshHeader *ssh_header = &ssh_state->cli_hdr; if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) { - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } int r = SSHParseData(ssh_state, ssh_header, input, input_len); @@ -442,7 +442,10 @@ static int SSHParseRequest(Flow *f, void *state, AppLayerParserState *pstate, AppLayerParserStateSetFlag(pstate, APP_LAYER_PARSER_BYPASS_READY); } - SCReturnInt(r); + if (r < 0) { + SCReturnInt(APP_LAYER_ERROR); + } + SCReturnInt(APP_LAYER_OK); } static int SSHParseResponse(Flow *f, void *state, AppLayerParserState *pstate, @@ -453,9 +456,9 @@ static int SSHParseResponse(Flow *f, void *state, AppLayerParserState *pstate, SshHeader *ssh_header = &ssh_state->srv_hdr; if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) { - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } int r = SSHParseData(ssh_state, ssh_header, input, input_len); @@ -467,7 +470,10 @@ static int SSHParseResponse(Flow *f, void *state, AppLayerParserState *pstate, AppLayerParserStateSetFlag(pstate, APP_LAYER_PARSER_BYPASS_READY); } - SCReturnInt(r); + if (r < 0) { + SCReturnInt(APP_LAYER_ERROR); + } + SCReturnInt(APP_LAYER_OK); } /** \brief Function to allocates the SSH state memory diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c index 599774e196..61469d4736 100644 --- a/src/app-layer-ssl.c +++ b/src/app-layer-ssl.c @@ -2410,9 +2410,9 @@ static int SSLDecode(Flow *f, uint8_t direction, void *alstate, AppLayerParserSt AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) { /* flag session as finished if APP_LAYER_PARSER_EOF is set */ ssl_state->flags |= SSL_AL_FLAG_STATE_FINISHED; - SCReturnInt(1); + SCReturnInt(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { - SCReturnInt(-1); + SCReturnInt(APP_LAYER_ERROR); } if (direction == 0) @@ -2434,7 +2434,7 @@ static int SSLDecode(Flow *f, uint8_t direction, void *alstate, AppLayerParserSt SSLParserReset(ssl_state); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET); - return -1; + return APP_LAYER_ERROR; } /* ssl_state->bytes_processed is zero for a fresh record or @@ -2454,7 +2454,7 @@ static int SSLDecode(Flow *f, uint8_t direction, void *alstate, AppLayerParserSt SSLParserReset(ssl_state); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); - return -1; + return APP_LAYER_ERROR; } else { input_len -= retval; input += retval; @@ -2469,7 +2469,7 @@ static int SSLDecode(Flow *f, uint8_t direction, void *alstate, AppLayerParserSt SSLParserReset(ssl_state); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); - return -1; + return APP_LAYER_ERROR; } else { input_len -= retval; input += retval; @@ -2495,7 +2495,7 @@ static int SSLDecode(Flow *f, uint8_t direction, void *alstate, AppLayerParserSt SCLogDebug("Error parsing SSLv2.x. Reseting parser " "state. Let's get outta here"); SSLParserReset(ssl_state); - return 0; + return APP_LAYER_OK; } else { input_len -= retval; input += retval; @@ -2509,7 +2509,7 @@ static int SSLDecode(Flow *f, uint8_t direction, void *alstate, AppLayerParserSt SCLogDebug("Error parsing SSLv3.x. Reseting parser " "state. Let's get outta here"); SSLParserReset(ssl_state); - return 0; + return APP_LAYER_OK; } else { if (retval > input_len) { SCLogDebug("Error parsing SSLv3.x. Reseting parser " @@ -2541,7 +2541,7 @@ static int SSLDecode(Flow *f, uint8_t direction, void *alstate, AppLayerParserSt if (AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF)) ssl_state->flags |= SSL_AL_FLAG_STATE_FINISHED; - return 1; + return APP_LAYER_OK; } static int SSLParseClientRecord(Flow *f, void *alstate, AppLayerParserState *pstate,