From: Steve Chew (stechew) <stechew@cisco.com>
Date: Fri, 16 Jun 2023 03:10:27 +0000 (+0000)
Subject: Pull request #3875: main: Update OopsHandler to get private data length to print... 
X-Git-Tag: 3.1.64.0~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6cfa1f47e2076822ac6d9ef4f21eeb5f1ce6aed0;p=thirdparty%2Fsnort3.git

Pull request #3875: main: Update OopsHandler to get private data length to print private data during crash.

Merge in SNORT/snort3 from ~STECHEW/snort3:daq_privptr_len_ioctl to master

Squashed commit of the following:

commit 46ce6c984ace2f8f753ac1f781da4469de259396
Author: Steve Chew <stechew@cisco.com>
Date:   Sun Jun 11 23:56:06 2023 -0400

    main: Update OopsHandler to get private data length to print private data during crash.
---

diff --git a/src/main/analyzer.cc b/src/main/analyzer.cc
index b03b15c44..634d71b64 100644
--- a/src/main/analyzer.cc
+++ b/src/main/analyzer.cc
@@ -371,7 +371,7 @@ void Analyzer::post_process_daq_pkt_msg(Packet* p)
         if (verdict == DAQ_VERDICT_BLOCK or verdict == DAQ_VERDICT_BLACKLIST)
             p->active->send_reason_to_daq(*p);
 
-        oops_handler->set_current_message(nullptr);
+        oops_handler->set_current_message(nullptr, nullptr);
         p->pkth = nullptr;  // No longer avail after finalize_message.
 
         {
@@ -430,7 +430,7 @@ void Analyzer::process_daq_pkt_msg(DAQ_Msg_h msg, bool retry)
 
 void Analyzer::process_daq_msg(DAQ_Msg_h msg, bool retry)
 {
-    oops_handler->set_current_message(msg);
+    oops_handler->set_current_message(msg, daq_instance);
     memory::MemoryCap::free_space();
 
     DAQ_Verdict verdict = DAQ_VERDICT_PASS;
@@ -452,7 +452,7 @@ void Analyzer::process_daq_msg(DAQ_Msg_h msg, bool retry)
             }
             break;
     }
-    oops_handler->set_current_message(nullptr);
+    oops_handler->set_current_message(nullptr, nullptr);
     {
         Profile profile(daqPerfStats);
         daq_instance->finalize_message(msg, verdict);
@@ -683,7 +683,7 @@ void Analyzer::term()
     HighAvailabilityManager::thread_term();
     SideChannelManager::thread_term();
 
-    oops_handler->set_current_message(nullptr);
+    oops_handler->set_current_message(nullptr, nullptr);
 
     daq_instance->stop();
     SFDAQ::set_local_instance(nullptr);
diff --git a/src/main/oops_handler.cc b/src/main/oops_handler.cc
index 0f093dc63..aad38c872 100644
--- a/src/main/oops_handler.cc
+++ b/src/main/oops_handler.cc
@@ -51,6 +51,21 @@ void OopsHandler::tterm()
     local_oops_handler = nullptr;
 }
 
+void OopsHandler::set_current_message(DAQ_Msg_h cur_msg, snort::SFDAQInstance* daq_instance)
+{
+    msg = cur_msg;
+    priv_data_len = 0;
+
+    if (daq_instance)
+    {
+        DIOCTL_GetPrivDataLen ioctl_data = {cur_msg,  0};
+        if (DAQ_SUCCESS == daq_instance->ioctl(DIOCTL_GET_PRIV_DATA_LEN, &ioctl_data, sizeof(ioctl_data)))
+        {
+            priv_data_len = ioctl_data.priv_data_len;
+        }
+    }
+}
+
 void OopsHandler::eternalize(int fd)
 {
     if (!msg)
@@ -77,4 +92,10 @@ void OopsHandler::eternalize(int fd)
     ssp.printf("\n== Data (%u) ==\n", data_len);
     ssp.hex_dump(data, data_len);
     ssp.printf("\n");
+    if (priv_data_len)
+    {
+        memcpy(priv_data, daq_msg_get_priv_data(msg), std::min<size_t>(priv_data_len, sizeof(priv_data)));
+        ssp.printf("== Private Data (%u) ==\n", priv_data_len);
+        ssp.hex_dump(priv_data, priv_data_len);
+    }
 }
diff --git a/src/main/oops_handler.h b/src/main/oops_handler.h
index a99bf2b0e..ad3ca01b0 100644
--- a/src/main/oops_handler.h
+++ b/src/main/oops_handler.h
@@ -22,6 +22,8 @@
 
 #include <daq_common.h>
 
+#include "packet_io/sfdaq_instance.h"
+
 class OopsHandler
 {
 public:
@@ -31,7 +33,7 @@ public:
     ~OopsHandler() = default;
 
     void tinit();
-    void set_current_message(DAQ_Msg_h cm) { msg = cm; }
+    void set_current_message(DAQ_Msg_h, snort::SFDAQInstance*);
     void tterm();
 
 private:
@@ -45,6 +47,8 @@ private:
     size_t header_len = 0;
     uint8_t data[UINT16_MAX] = { };
     uint32_t data_len = 0;
+    uint8_t priv_data[UINT16_MAX] = { };
+    uint16_t priv_data_len = 0;
 };
 
 #endif
diff --git a/src/main/test/distill_verdict_stubs.h b/src/main/test/distill_verdict_stubs.h
index 0150916aa..73931fb4c 100644
--- a/src/main/test/distill_verdict_stubs.h
+++ b/src/main/test/distill_verdict_stubs.h
@@ -73,6 +73,7 @@ void Swapper::apply(Analyzer&) { }
 Swapper::~Swapper() = default;
 void OopsHandler::tinit() { }
 void OopsHandler::tterm() { }
+void OopsHandler::set_current_message(DAQ_Msg_h, snort::SFDAQInstance*) { }
 uint16_t get_run_num() { return 0; }
 void set_run_num(uint16_t) { }
 void set_instance_id(unsigned) { }