From: Eric Leblond <eric@regit.org>
Date: Fri, 22 Apr 2016 20:15:53 +0000 (+0200)
Subject: af-packet: AFPWalkBlock error handling
X-Git-Tag: suricata-3.1RC1~107
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5f84b55d98ca36b199d1c6b84dc89a5461687df8;p=thirdparty%2Fsuricata.git

af-packet: AFPWalkBlock error handling

Error handling was not done. The implementation is making the
choice to consider we must detroy the socket in case of parsing
error. The same was done for tpacket_v2.
---

diff --git a/src/source-af-packet.c b/src/source-af-packet.c
index df94a0d668..971cba0e7b 100644
--- a/src/source-af-packet.c
+++ b/src/source-af-packet.c
@@ -966,7 +966,6 @@ static inline int AFPParsePacketV3(AFPThreadVars *ptv, struct tpacket_block_desc
     }
 
     if (TmThreadsSlotProcessPkt(ptv->tv, ptv->slot, p) != TM_ECODE_OK) {
-        AFPFlushBlock(pbd);
         TmqhOutputPacketpool(ptv->tv, p);
         SCReturnInt(AFP_FAILURE);
     }
@@ -981,7 +980,10 @@ static inline int AFPWalkBlock(AFPThreadVars *ptv, struct tpacket_block_desc *pb
 
     ppd = (uint8_t *)pbd + pbd->hdr.bh1.offset_to_first_pkt;
     for (i = 0; i < num_pkts; ++i) {
-        AFPParsePacketV3(ptv, pbd, (struct tpacket3_hdr *)ppd);
+        if (unlikely(AFPParsePacketV3(ptv, pbd,
+                             (struct tpacket3_hdr *)ppd) == AFP_FAILURE)) {
+            SCReturnInt(AFP_READ_FAILURE);
+        }
         ppd = ppd + ((struct tpacket3_hdr *)ppd)->tp_next_offset;
     }
 
@@ -1075,11 +1077,22 @@ void AFPSwitchState(AFPThreadVars *ptv, int state)
 
     /* Do cleaning if switching to down state */
     if (state == AFP_STATE_DOWN) {
-        if (ptv->ring_v2) {
-            /* only used in reading phase, we can free it */
-            SCFree(ptv->ring_v2);
-            ptv->ring_v2 = NULL;
+#ifdef HAVE_TPACKET_V3
+        if (ptv->flags & AFP_TPACKET_V3) {
+            if (!ptv->ring_v3) {
+                SCFree(ptv->ring_v3);
+                ptv->ring_v3 = NULL;
+            }
+        } else {
+#endif
+            if (ptv->ring_v2) {
+                /* only used in reading phase, we can free it */
+                SCFree(ptv->ring_v2);
+                ptv->ring_v2 = NULL;
+            }
+#ifdef HAVE_TPACKET_V3
         }
+#endif
         if (ptv->socket != -1) {
             /* we need to wait for all packets to return data */
             if (SC_ATOMIC_SUB(ptv->mpeer->sock_usage, 1) == 0) {