From: Raza Shafiq (rshafiq) Date: Tue, 27 Feb 2024 18:24:51 +0000 (+0000) Subject: Pull request #4225: flow: updated flow_data linklist with STL container X-Git-Tag: 3.1.82.0~15 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=65f12461c66149ef273ffe86a424ccd0347b4f19;p=thirdparty%2Fsnort3.git Pull request #4225: flow: updated flow_data linklist with STL container Merge in SNORT/snort3 from ~RSHAFIQ/snort3:master_flow_data to master Squashed commit of the following: commit 3e6805d43c0eb9da2a94820da3fc86ec94b1d80f Author: rshafiq Date: Thu Feb 22 15:08:43 2024 -0500 flow: updated flow_data linklist with STL container --- diff --git a/src/flow/flow.cc b/src/flow/flow.cc index bb1b297a2..cba3e0264 100644 --- a/src/flow/flow.cc +++ b/src/flow/flow.cc @@ -201,68 +201,40 @@ void Flow::trust() int Flow::set_flow_data(FlowData* fd) { - FlowData* old = get_flow_data(fd->get_id()); - assert(old != fd); - - if (old) - free_flow_data(old); - - fd->prev = nullptr; - fd->next = flow_data; - - if ( flow_data ) - flow_data->prev = fd; - - flow_data = fd; + if ( !fd ) return -1; + + current_flow_data = fd; + uint32_t id = fd->get_id(); + // operator[] will create a new entry if it does not exist + // or replace the existing one if it does + // when replacing, the old entry is deleted + flow_data[id] = std::unique_ptr(fd); return 0; } + FlowData* Flow::get_flow_data(unsigned id) const { - FlowData* fd = flow_data; - - while (fd) - { - if (fd->get_id() == id) - return fd; - - fd = fd->next; - } + auto it = flow_data.find(id); + if ( it != flow_data.end() ) + return it->second.get(); return nullptr; } -// FIXIT-L: implement doubly linked list with STL to cut down on code we maintain void Flow::free_flow_data(FlowData* fd) { - if ( fd == flow_data ) - { - flow_data = fd->next; - if ( flow_data ) - flow_data->prev = nullptr; - } - else if ( !fd->next ) - { - fd->prev->next = nullptr; - } - else - { - fd->prev->next = fd->next; - fd->next->prev = fd->prev; - } - delete fd; + if ( !fd ) return; + flow_data.erase(fd->get_id()); } void Flow::free_flow_data(uint32_t proto) { - FlowData* fd = get_flow_data(proto); - - if ( fd ) - free_flow_data(fd); + flow_data.erase(proto); } void Flow::free_flow_data() { - if (!flow_data) + if ( flow_data.empty() ) return; const SnortConfig* sc = SnortConfig::get_conf(); PolicySelector* ps = sc->policy_map->get_policy_selector(); @@ -291,12 +263,7 @@ void Flow::free_flow_data() } } - while (flow_data) - { - FlowData* tmp = flow_data; - flow_data = flow_data->next; - delete tmp; - } + flow_data.clear(); if (ps) { @@ -308,16 +275,13 @@ void Flow::free_flow_data() void Flow::call_handlers(Packet* p, bool eof) { - FlowData* fd = flow_data; - - while (fd) + for (auto& fd_pair : flow_data) { + FlowData* fd = fd_pair.second.get(); if ( eof ) fd->handle_eof(p); else fd->handle_retransmit(p); - - fd = fd->next; } } diff --git a/src/flow/flow.h b/src/flow/flow.h index 29fcca07e..3fd020c34 100644 --- a/src/flow/flow.h +++ b/src/flow/flow.h @@ -418,6 +418,8 @@ public: // FIXIT-M privatize if possible // fields are organized by initialization and size to minimize // void space + std::unordered_map> flow_data; + DeferredTrust deferred_trust; const FlowKey* key = nullptr; @@ -441,7 +443,7 @@ public: // FIXIT-M privatize if possible Layer mpls_server = {}; IpsContextChain context_chain; - FlowData* flow_data = nullptr; + FlowData* current_flow_data = nullptr; FlowStats flowstats = {}; StreamFlowIntf* stream_intf = nullptr; diff --git a/src/network_inspectors/appid/appid_session.cc b/src/network_inspectors/appid/appid_session.cc index ec85268e3..9b7927431 100644 --- a/src/network_inspectors/appid/appid_session.cc +++ b/src/network_inspectors/appid/appid_session.cc @@ -222,7 +222,7 @@ AppIdSession* AppIdSession::create_future_session(const Packet* ctrlPkt, const S char src_ip[INET6_ADDRSTRLEN]; char dst_ip[INET6_ADDRSTRLEN]; - AppIdInspector* inspector = (AppIdInspector*)ctrlPkt->flow->flow_data->get_handler(); + AppIdInspector* inspector = (AppIdInspector*)ctrlPkt->flow->current_flow_data->get_handler(); if ((inspector == nullptr) or strcmp(inspector->get_name(), MOD_NAME)) inspector = (AppIdInspector*)InspectorManager::get_inspector(MOD_NAME, true);