From: Russ Combs (rucombs) Date: Wed, 7 Dec 2016 00:27:41 +0000 (-0500) Subject: Merge pull request #739 in SNORT/snort3 from cppcheck_fixes to master X-Git-Tag: 3.0.0-233~156 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8c3010cbe6ad66749dec8305d04b8d105bf1e1f4;p=thirdparty%2Fsnort3.git Merge pull request #739 in SNORT/snort3 from cppcheck_fixes to master Squashed commit of the following: commit 0842be13d69f74dee314966e11ceb742d451da17 Author: Bhagya Tholpady Date: Mon Dec 5 12:51:39 2016 -0500 cppcheck error fixes --- diff --git a/extra/src/inspectors/http_server/hi_client_norm.cc b/extra/src/inspectors/http_server/hi_client_norm.cc index 4b2ea928a..80f1831af 100644 --- a/extra/src/inspectors/http_server/hi_client_norm.cc +++ b/extra/src/inspectors/http_server/hi_client_norm.cc @@ -71,12 +71,13 @@ int hi_split_header_cookie( const u_char* this_header_start = raw_header; const u_char* this_header_end; int this_header_len = 0; - size_t header_rem = *i_header_len; - size_t cookie_rem = *i_cookie_len; if (!cookie || !i_header_len || !i_cookie_len) return HI_INVALID_ARG; + size_t header_rem = *i_header_len; + size_t cookie_rem = *i_cookie_len; + /* Can't use hi_util_in_bounds header because == is okay */ if (cookie->cookie_end > raw_header + i_raw_header_len) return HI_OUT_OF_BOUNDS; diff --git a/extra/src/inspectors/http_server/hi_ui_config.cc b/extra/src/inspectors/http_server/hi_ui_config.cc index 4e4a27724..81c439438 100644 --- a/extra/src/inspectors/http_server/hi_ui_config.cc +++ b/extra/src/inspectors/http_server/hi_ui_config.cc @@ -62,15 +62,15 @@ HTTPINSPECT_GLOBAL_CONF::~HTTPINSPECT_GLOBAL_CONF() delete(decode_conf); } +HTTPINSPECT_CONF_BASE::HTTPINSPECT_CONF_BASE() +{ + memset(this, 0, sizeof(*this)); +} + +HTTPINSPECT_CONF_BASE::~HTTPINSPECT_CONF_BASE(){} + HTTPINSPECT_CONF::HTTPINSPECT_CONF() { - // can't just zero the whole thing because of embedded objects - // FIXIT-L really need explicit assignments or refactor into substruct(s) - // that can simply be zeroed - uint8_t* end = (uint8_t*)&whitespace; - unsigned len = end - (uint8_t*)this; - memset(this, 0, len); - hi_ui_config_default(this); http_cmd_lookup_init(&cmd_lookup); } diff --git a/extra/src/inspectors/http_server/hi_ui_config.h b/extra/src/inspectors/http_server/hi_ui_config.h index 4cc374000..77e005279 100644 --- a/extra/src/inspectors/http_server/hi_ui_config.h +++ b/extra/src/inspectors/http_server/hi_ui_config.h @@ -114,7 +114,7 @@ struct HTTPINSPECT_GLOBAL_CONF ** and there is a global structure for servers that don't have ** a unique configuration. */ -struct HTTPINSPECT_CONF +struct HTTPINSPECT_CONF_BASE { HTTPINSPECT_GLOBAL_CONF* global; @@ -227,6 +227,12 @@ struct HTTPINSPECT_CONF PROFILES profile; CMD_LOOKUP* cmd_lookup; + HTTPINSPECT_CONF_BASE(); + ~HTTPINSPECT_CONF_BASE(); +}; + +struct HTTPINSPECT_CONF:public HTTPINSPECT_CONF_BASE +{ ByteBitSet whitespace; ByteBitSet non_rfc_chars; diff --git a/src/catch/catch.hpp b/src/catch/catch.hpp index cde076dd2..7f1bed520 100644 --- a/src/catch/catch.hpp +++ b/src/catch/catch.hpp @@ -4146,7 +4146,7 @@ namespace Clara { } void parseIntoTokens( std::string const& arg, std::vector& tokens ) { - for( std::size_t i = 0; i <= arg.size(); ++i ) { + for( std::size_t i = 0; i < arg.size(); ++i ) { char c = arg[i]; if( c == '"' ) inQuotes = !inQuotes; diff --git a/src/control/idle_processing.cc b/src/control/idle_processing.cc index 946e9aade..8e3cdfe21 100644 --- a/src/control/idle_processing.cc +++ b/src/control/idle_processing.cc @@ -69,14 +69,14 @@ TEST_CASE("idle callback", "[control]") CHECK(s_niph2 == 1); IdleProcessing::execute(); - CHECK(s_niph1 == 2); - CHECK(s_niph2 == 2); + CHECK((s_niph1 == 2)); + CHECK((s_niph2 == 2)); IdleProcessing::unregister_all(); IdleProcessing::execute(); - CHECK(s_niph1 == 2); - CHECK(s_niph2 == 2); + CHECK((s_niph1 == 2)); + CHECK((s_niph2 == 2)); } #endif diff --git a/src/decompress/file_decomp.cc b/src/decompress/file_decomp.cc index fdd2f7245..9382bca62 100644 --- a/src/decompress/file_decomp.cc +++ b/src/decompress/file_decomp.cc @@ -454,27 +454,27 @@ void File_Decomp_Alert(fd_session_p_t SessionPtr, int Event) TEST_CASE("File_Decomp_StopFree-null", "[file_decomp]") { - REQUIRE(File_Decomp_StopFree((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_StopFree((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_Reset-null", "[file_decomp]") { - REQUIRE(File_Decomp_Reset((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_Reset((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_End-null", "[file_decomp]") { - REQUIRE(File_Decomp_End((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_End((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_Init-null", "[file_decomp]") { - REQUIRE(File_Decomp_Init((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_Init((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_SetBuf-null", "[file_decomp]") { - REQUIRE(File_Decomp_SetBuf((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_SetBuf((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_SetBuf-Decompr_Depth-error", "[file_decomp]") @@ -484,7 +484,7 @@ TEST_CASE("File_Decomp_SetBuf-Decompr_Depth-error", "[file_decomp]") REQUIRE(p_s != nullptr); p_s->Total_Out = 20; p_s->Decompr_Depth = 10; - REQUIRE(File_Decomp_SetBuf(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp_SetBuf(p_s) == File_Decomp_Error)); File_Decomp_Free(p_s); } @@ -495,7 +495,7 @@ TEST_CASE("File_Decomp_SetBuf-Compr_Depth-error", "[file_decomp]") REQUIRE(p_s != nullptr); p_s->Total_In = 20; p_s->Compr_Depth = 10; - REQUIRE(File_Decomp_SetBuf(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp_SetBuf(p_s) == File_Decomp_Error)); File_Decomp_Free(p_s); } @@ -517,7 +517,7 @@ TEST_CASE("File_Decomp_New", "[file_decomp]") TEST_CASE("File_Decomp-null", "[file_decomp]") { - REQUIRE(File_Decomp((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp-not_active", "[file_decomp]") @@ -525,7 +525,7 @@ TEST_CASE("File_Decomp-not_active", "[file_decomp]") fd_session_p_t p_s = File_Decomp_New(); REQUIRE(p_s != nullptr); - REQUIRE(File_Decomp(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp(p_s) == File_Decomp_Error)); File_Decomp_Free(p_s); } @@ -535,7 +535,7 @@ TEST_CASE("File_Decomp-complete_state", "[file_decomp]") REQUIRE(p_s != nullptr); p_s->State = STATE_COMPLETE; - REQUIRE(File_Decomp(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp(p_s) == File_Decomp_Error)); File_Decomp_Free(p_s); } @@ -544,7 +544,7 @@ TEST_CASE("Initialize_Decompression-not_active", "[file_decomp]") fd_session_p_t p_s = File_Decomp_New(); REQUIRE(p_s != nullptr); - REQUIRE(Initialize_Decompression(p_s) == File_Decomp_Error); + REQUIRE((Initialize_Decompression(p_s) == File_Decomp_Error)); File_Decomp_Free(p_s); } @@ -553,7 +553,7 @@ TEST_CASE("Process_Decompression-not_active", "[file_decomp]") fd_session_p_t p_s = File_Decomp_New(); REQUIRE(p_s != nullptr); - REQUIRE(Process_Decompression(p_s) == File_Decomp_Error); + REQUIRE((Process_Decompression(p_s) == File_Decomp_Error)); File_Decomp_Free(p_s); } #endif diff --git a/src/decompress/file_decomp_pdf.cc b/src/decompress/file_decomp_pdf.cc index db9fbbad1..5891c5360 100644 --- a/src/decompress/file_decomp_pdf.cc +++ b/src/decompress/file_decomp_pdf.cc @@ -1158,17 +1158,17 @@ fd_status_t File_Decomp_PDF(fd_session_p_t SessionPtr) TEST_CASE("File_Decomp_PDF-null", "[file_decomp_pdf]") { - REQUIRE(File_Decomp_PDF((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_PDF((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_Init_PDF-null", "[file_decomp_pdf]") { - REQUIRE(File_Decomp_Init_PDF((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_Init_PDF((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_End_PDF-null", "[file_decomp_pdf]") { - REQUIRE(File_Decomp_End_PDF((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_End_PDF((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_PDF-not_pdf-error", "[file_decomp_pdf]") @@ -1178,7 +1178,7 @@ TEST_CASE("File_Decomp_PDF-not_pdf-error", "[file_decomp_pdf]") REQUIRE(p_s != nullptr); p_s->PDF = (fd_PDF_t*)snort_calloc(sizeof(fd_PDF_t)); p_s->File_Type = FILE_TYPE_SWF; - REQUIRE(File_Decomp_PDF(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp_PDF(p_s) == File_Decomp_Error)); p_s->File_Type = FILE_TYPE_PDF; File_Decomp_Free(p_s); } @@ -1191,7 +1191,7 @@ TEST_CASE("File_Decomp_PDF-bad_state-error", "[file_decomp_pdf]") p_s->PDF = (fd_PDF_t*)snort_calloc(sizeof(fd_PDF_t)); p_s->File_Type = FILE_TYPE_PDF; p_s->PDF->State = PDF_STATE_NEW; - REQUIRE(File_Decomp_PDF(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp_PDF(p_s) == File_Decomp_Error)); File_Decomp_Free(p_s); } @@ -1204,7 +1204,7 @@ TEST_CASE("File_Decomp_End_PDF-bad_type-error", "[file_decomp_pdf]") p_s->File_Type = FILE_TYPE_PDF; p_s->PDF->Decomp_Type = FILE_COMPRESSION_TYPE_LZMA; p_s->PDF->State = PDF_STATE_PROCESS_STREAM; - REQUIRE(File_Decomp_End_PDF(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp_End_PDF(p_s) == File_Decomp_Error)); File_Decomp_Free(p_s); } #endif diff --git a/src/decompress/file_decomp_swf.cc b/src/decompress/file_decomp_swf.cc index 3ff04c55f..5ff79e7f1 100644 --- a/src/decompress/file_decomp_swf.cc +++ b/src/decompress/file_decomp_swf.cc @@ -348,17 +348,17 @@ fd_status_t File_Decomp_SWF(fd_session_p_t SessionPtr) TEST_CASE("File_Decomp_SWF-null", "[file_decomp_swf]") { - REQUIRE(File_Decomp_SWF((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_SWF((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_Init_SWF-null", "[file_decomp_swf]") { - REQUIRE(File_Decomp_Init_SWF((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_Init_SWF((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_End_SWF-null", "[file_decomp_swf]") { - REQUIRE(File_Decomp_End_SWF((fd_session_p_t)NULL) == File_Decomp_Error); + REQUIRE((File_Decomp_End_SWF((fd_session_p_t)NULL) == File_Decomp_Error)); } TEST_CASE("File_Decomp_SWF-not_swf-error", "[file_decomp_swf]") @@ -368,7 +368,7 @@ TEST_CASE("File_Decomp_SWF-not_swf-error", "[file_decomp_swf]") REQUIRE(p_s != nullptr); p_s->SWF = (fd_SWF_t*)snort_calloc(sizeof(fd_SWF_t)); p_s->File_Type = FILE_TYPE_PDF; - REQUIRE(File_Decomp_SWF(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp_SWF(p_s) == File_Decomp_Error)); p_s->File_Type = FILE_TYPE_SWF; File_Decomp_Free(p_s); } @@ -381,7 +381,7 @@ TEST_CASE("File_Decomp_SWF-bad_state-error", "[file_decomp_swf]") p_s->SWF = (fd_SWF_t*)snort_calloc(sizeof(fd_SWF_t)); p_s->File_Type = FILE_TYPE_SWF; p_s->SWF->State = SWF_STATE_NEW; - REQUIRE(File_Decomp_SWF(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp_SWF(p_s) == File_Decomp_Error)); File_Decomp_Free(p_s); } @@ -392,7 +392,7 @@ TEST_CASE("File_Decomp_Init_SWF-bad_type-error", "[file_decomp_swf]") REQUIRE(p_s != nullptr); p_s->File_Type = FILE_TYPE_SWF; p_s->Decomp_Type = FILE_COMPRESSION_TYPE_DEFLATE; - REQUIRE(File_Decomp_Init_SWF(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp_Init_SWF(p_s) == File_Decomp_Error)); File_Decomp_Free(p_s); } @@ -403,7 +403,7 @@ TEST_CASE("File_Decomp_End_SWF-bad_type-error", "[file_decomp_swf]") REQUIRE(p_s != nullptr); p_s->SWF = (fd_SWF_t*)snort_calloc(sizeof(fd_SWF_t)); p_s->Decomp_Type = FILE_COMPRESSION_TYPE_DEFLATE; - REQUIRE(File_Decomp_End_SWF(p_s) == File_Decomp_Error); + REQUIRE((File_Decomp_End_SWF(p_s) == File_Decomp_Error)); p_s->File_Type = FILE_TYPE_SWF; File_Decomp_Free(p_s); } diff --git a/src/detection/sfrim.cc b/src/detection/sfrim.cc index 003eb6cce..5a1a914ec 100644 --- a/src/detection/sfrim.cc +++ b/src/detection/sfrim.cc @@ -97,23 +97,23 @@ TEST_CASE("basic", "[RuleIndexMap]") rule_index_map_t* rim = RuleIndexMapCreate(); unsigned gid, sid; - CHECK(RuleIndexMapAdd(rim, 1, 2) == 0); - CHECK(RuleIndexMapAdd(rim, 2, 4) == 1); - CHECK(RuleIndexMapAdd(rim, 4, 8) == 2); + CHECK((RuleIndexMapAdd(rim, 1, 2) == 0)); + CHECK((RuleIndexMapAdd(rim, 2, 4) == 1)); + CHECK((RuleIndexMapAdd(rim, 4, 8) == 2)); SECTION("valid") { CHECK(RuleIndexMapGet(rim, 1, gid, sid)); - CHECK(gid == 2); - CHECK(sid == 4); + CHECK((gid == 2)); + CHECK((sid == 4)); } SECTION("invalid") { CHECK(!RuleIndexMapGet(rim, 3, gid, sid)); - CHECK(gid == 0); - CHECK(sid == 0); + CHECK((gid == 0)); + CHECK((sid == 0)); } RuleIndexMapFree(rim); } diff --git a/src/file_api/file_capture.cc b/src/file_api/file_capture.cc index 403134616..fe902e150 100644 --- a/src/file_api/file_capture.cc +++ b/src/file_api/file_capture.cc @@ -427,7 +427,8 @@ FileCaptureState FileCapture::reserve_file(const FileInfo* file) */ FileCaptureBlock* FileCapture::get_file_data(uint8_t** buff, int* size) { - if (!buff||!size || (current_block == nullptr)) + assert(buff && size); + if (current_block == nullptr) { *size = 0; *buff = nullptr; diff --git a/src/file_api/file_identifier.cc b/src/file_api/file_identifier.cc index 4a7de85de..c5dc73a7c 100644 --- a/src/file_api/file_identifier.cc +++ b/src/file_api/file_identifier.cc @@ -442,8 +442,8 @@ TEST_CASE ("FileIdRuleUnknow", "[FileMagic]") void* context = nullptr; - CHECK(rc.find_file_type_id((const uint8_t*)data, strlen(data), 0, &context) == - SNORT_FILE_TYPE_UNKNOWN); + CHECK((rc.find_file_type_id((const uint8_t*)data, strlen(data), 0, &context) == + SNORT_FILE_TYPE_UNKNOWN)); } TEST_CASE ("FileIdRuleEXE", "[FileMagic]") @@ -510,7 +510,7 @@ TEST_CASE ("FileIdRulePDFEXE", "[FileMagic]") void* context = nullptr; // Match the last one - CHECK(rc.find_file_type_id((const uint8_t*)data, strlen(data), 0, &context) == 3); + CHECK((rc.find_file_type_id((const uint8_t*)data, strlen(data), 0, &context) == 3)); } TEST_CASE ("FileIdRuleFirst", "[FileMagic]") diff --git a/src/file_api/file_stats.cc b/src/file_api/file_stats.cc index 0cecb4ab6..93a504981 100644 --- a/src/file_api/file_stats.cc +++ b/src/file_api/file_stats.cc @@ -90,12 +90,12 @@ void file_stats_print() for (unsigned i = 0; i < FILE_ID_MAX; i++) { - const char* type_name = file_type_name(i).c_str(); - if (type_name && + std::string type_name = file_type_name(i); + if (type_name.length() && (file_totals.files_processed[i][0] || file_totals.files_processed[i][1] )) { LogMessage("%12s(%3d) " FMTu64("-10") " " FMTu64("-10") " \n", - type_name, i, + type_name.c_str(), i, file_totals.files_processed[i][0], file_totals.files_processed[i][1]); processed_total[0]+= file_totals.files_processed[i][0]; @@ -112,12 +112,12 @@ void file_stats_print() for (unsigned i = 0; i < FILE_ID_MAX; i++) { - const char* type_name = file_type_name(i).c_str(); - if (type_name && + std::string type_name = file_type_name(i); + if (type_name.length() && (file_totals.files_processed[i][0] || file_totals.files_processed[i][1] )) { LogMessage("%12s(%3d) " FMTu64("-10") " " FMTu64("-10") " \n", - type_name, i, + type_name.c_str(), i, file_totals.data_processed[i][0], file_totals.data_processed[i][1]); @@ -148,12 +148,12 @@ void file_stats_print() processed_total[1] = 0; for (unsigned i = 0; i < FILE_ID_MAX; i++) { - const char* type_name = file_type_name(i).c_str(); - if (type_name && + std::string type_name = file_type_name(i); + if (type_name.length() && (file_totals.signatures_processed[i][0] || file_totals.signatures_processed[i][1] )) { LogMessage("%12s(%3d) " FMTu64("-10") " " FMTu64("-10") " \n", - type_name, i, + type_name.c_str(), i, file_totals.signatures_processed[i][0], file_totals.signatures_processed[i][1]); processed_total[0]+= file_totals.signatures_processed[i][0]; processed_total[1]+= file_totals.signatures_processed[i][1]; diff --git a/src/filters/rate_filter.cc b/src/filters/rate_filter.cc index 6ee4f8c3a..fc141971d 100644 --- a/src/filters/rate_filter.cc +++ b/src/filters/rate_filter.cc @@ -86,10 +86,8 @@ int RateFilter_Create( #ifdef RF_DBG printf( - "THRESHOLD: gid=%u, sid=%u, tracking=%d, count=%d, seconds=%d \n", + "THRESHOLD: gid=%u, sid=%u, tracking=%d, count=%u, seconds=%u \n", thdx->gid, thdx->sid, thdx->tracking, thdx->count, thdx->seconds); -} - #endif /* Add the object to the table - */ diff --git a/src/filters/sfrf.cc b/src/filters/sfrf.cc index 257552877..ace2dae75 100644 --- a/src/filters/sfrf.cc +++ b/src/filters/sfrf.cc @@ -332,7 +332,7 @@ int SFRF_ConfigAdd( } #ifdef SFRF_DEBUG - printf("--%d-%d-%d: Threshold node added to tail of list\n", + printf("--%d-%u-%u: Threshold node added to tail of list\n", pNewConfigNode->tid, pNewConfigNode->gid, pNewConfigNode->sid); @@ -417,7 +417,7 @@ static int SFRF_TestObject( dynNode->count--; #ifdef SFRF_DEBUG - printf("--SFRF_DEBUG: %d-%d-%d: %d Packet IP %s, op: %d, count %d, action %d\n", + printf("--SFRF_DEBUG: %d-%u-%u: %u Packet IP %s, op: %d, count %u, action %d\n", cfgNode->tid, cfgNode->gid, cfgNode->sid, (unsigned)curTime, ip->ntoa(), op, dynNode->count, retValue); @@ -466,7 +466,7 @@ int SFRF_TestThreshold( PolicyId policy_id = get_network_policy()->policy_id; #ifdef SFRF_DEBUG - printf("--%d-%d-%d: %s() entering\n", 0, gid, sid, __func__); + printf("--%d-%u-%u: %s() entering\n", 0, gid, sid, __func__); fflush(stdout); #endif @@ -485,7 +485,7 @@ int SFRF_TestThreshold( if ( !genHash ) { #ifdef SFRF_DEBUG - printf("--SFRF_DEBUG: %d-%d-%d: no hash table entry for gid\n", 0, gid, sid); + printf("--SFRF_DEBUG: %d-%u-%u: no hash table entry for gid\n", 0, gid, sid); fflush(stdout); #endif return status; @@ -501,7 +501,7 @@ int SFRF_TestThreshold( if ( !pSidNode ) { #ifdef SFRF_DEBUG - printf("--SFRF_DEBUG: %d-%d-%d: no DOS THD object\n", 0, gid, sid); + printf("--SFRF_DEBUG: %d-%u-%u: no DOS THD object\n", 0, gid, sid); fflush(stdout); #endif return status; @@ -511,7 +511,7 @@ int SFRF_TestThreshold( if ( !pSidNode->configNodeList ) { #ifdef SFRF_DEBUG - printf("--SFRF_DEBUG: %d-%d-%d: No user configuration\n", + printf("--SFRF_DEBUG: %d-%u-%u: No user configuration\n", 0, gid, sid); fflush(stdout); #endif @@ -557,7 +557,7 @@ int SFRF_TestThreshold( } #ifdef SFRF_DEBUG - printf("--SFRF_DEBUG: %d-%d-%d: Time %d, rate limit blocked: %d\n", + printf("--SFRF_DEBUG: %d-%u-%u: Time %u, rate limit blocked: %d\n", cfgNode->tid, gid, sid, (unsigned)curTime, newStatus); fflush(stdout); #endif diff --git a/src/filters/sfthd.cc b/src/filters/sfthd.cc index c268a849d..703a72b53 100644 --- a/src/filters/sfthd.cc +++ b/src/filters/sfthd.cc @@ -565,7 +565,7 @@ static int sfthd_create_threshold_global( #ifdef THD_DEBUG printf("THD_DEBUG-GLOBAL: created global threshold object " - "for gen_id=%d\n",config->gen_id); + "for gen_id=%u\n",config->gen_id); fflush(stdout); #endif @@ -723,8 +723,8 @@ static inline int sfthd_test_non_suppress( sfthd_ip_node->tlast = curtime; #ifdef THD_DEBUG - printf("...dt=%d, sfthd_node->seconds=%d\n",dt, sfthd_node->seconds); - printf("...sfthd_ip_node->count=%d, sfthd_node->count=%d\n", + printf("...dt=%u, sfthd_node->seconds=%u\n",dt, sfthd_node->seconds); + printf("...sfthd_ip_node->count=%u, sfthd_node->count=%d\n", sfthd_ip_node->count,sfthd_node->count); fflush(stdout); #endif @@ -754,8 +754,8 @@ static inline int sfthd_test_non_suppress( } #ifdef THD_DEBUG - printf("...dt=%d, sfthd_node->seconds=%d\n",dt, sfthd_node->seconds); - printf("...sfthd_ip_node->count=%d, sfthd_node->count=%d\n", + printf("...dt=%u, sfthd_node->seconds=%u\n",dt, sfthd_node->seconds); + printf("...sfthd_ip_node->count=%u, sfthd_node->count=%d\n", sfthd_ip_node->count,sfthd_node->count); fflush(stdout); #endif @@ -1164,7 +1164,7 @@ int sfthd_test_threshold( if ( status < 0 ) /* -1 == Don't log and stop looking */ { #ifdef THD_DEBUG - printf("THD_DEBUG: gen_id=%u sig_id=%u, UnLoggable\n\n",gen_id, sig_id,cnt); + printf("THD_DEBUG: gen_id=%u sig_id=%u, UnLoggable %d\n\n",gen_id, sig_id,cnt); fflush(stdout); #endif return (status < -1) ? 1 : -1; /* !0 == Don't log it*/ @@ -1242,7 +1242,7 @@ int sfthd_show_objects(ThresholdObjects* thd_objs) SFGHASH* sfthd_hash; THD_ITEM* sfthd_item; THD_NODE* sfthd_node; - int gen_id; + unsigned gen_id; SFGHASH_NODE* item_hash_node; PolicyId policyId; @@ -1298,7 +1298,7 @@ int sfthd_show_objects(ThresholdObjects* thd_objs) else { printf(".........count =%d\n",sfthd_node->count); - printf(".........seconds =%d\n",sfthd_node->seconds); + printf(".........seconds =%u\n",sfthd_node->seconds); } } } diff --git a/src/flow/ha.cc b/src/flow/ha.cc index dad982b0d..de5d91a14 100644 --- a/src/flow/ha.cc +++ b/src/flow/ha.cc @@ -293,13 +293,16 @@ static uint16_t calculate_update_msg_content_length(Flow* flow) uint16_t length = 0; for (int i=0; iha_state->check_pending(1<<(i-1)) ) + { + // Don't check 'i' against SESSION_HA_CLIENT_INDEX (==0), as this creates a false positive with cppcheck + if ( (i == 0 ) || flow->ha_state->check_pending(1<<(i-1)) ) { assert((*s_client_map)[i]); length += ((*s_client_map)[i]->get_message_size() + sizeof(HAClientHeader)); DebugFormat(DEBUG_HA, "HighAvailability::calculate_update_msg_content_length(): length: %d\n", length); } + } return length; } @@ -329,8 +332,11 @@ static void write_update_msg_content(Flow* flow, HAMessage* msg) assert(s_client_map); for ( int i=0; iha_state->check_pending(1<<(i-1)) ) + { + // Don't check 'i' against SESSION_HA_CLIENT_INDEX (==0), as this creates a false positive with cppcheck + if ( (i == 0) || flow->ha_state->check_pending(1<<(i-1)) ) write_update_msg_client((*s_client_map)[i],flow, msg); + } } static void consume_receive_delete_message(HAMessage* msg) diff --git a/src/framework/range.cc b/src/framework/range.cc index f2e295a06..f29a0da01 100644 --- a/src/framework/range.cc +++ b/src/framework/range.cc @@ -272,7 +272,7 @@ TEST_CASE("dflt op", "[RangeCheck]") REQUIRE(rc.parse("5")); REQUIRE(rc.op == RangeCheck::EQ); - REQUIRE(rc.max == 5); + REQUIRE((rc.max == 5)); CHECK(rc.eval(5)); @@ -286,7 +286,7 @@ TEST_CASE("=", "[RangeCheck]") REQUIRE(rc.parse("=+0x5")); REQUIRE(rc.op == RangeCheck::EQ); - REQUIRE(rc.max == 5); + REQUIRE((rc.max == 5)); CHECK(rc.eval(5)); @@ -300,7 +300,7 @@ TEST_CASE("!", "[RangeCheck]") REQUIRE(rc.parse("!-5")); REQUIRE(rc.op == RangeCheck::NOT); - REQUIRE(rc.max == -5); + REQUIRE((rc.max == -5)); CHECK(rc.eval(-4)); CHECK(rc.eval(-6)); @@ -314,7 +314,7 @@ TEST_CASE("!=", "[RangeCheck]") REQUIRE(rc.parse("!=5")); REQUIRE(rc.op == RangeCheck::NOT); - REQUIRE(rc.max == 5); + REQUIRE((rc.max == 5)); CHECK(rc.eval(4)); CHECK(rc.eval(6)); @@ -328,7 +328,7 @@ TEST_CASE("<", "[RangeCheck]") REQUIRE(rc.parse("<5")); REQUIRE(rc.op == RangeCheck::LT); - REQUIRE(rc.max == 5); + REQUIRE((rc.max == 5)); CHECK(rc.eval(4)); CHECK(rc.eval(-1)); @@ -343,7 +343,7 @@ TEST_CASE("<=", "[RangeCheck]") REQUIRE(rc.parse("<=5")); REQUIRE(rc.op == RangeCheck::LE); - REQUIRE(rc.max == 5); + REQUIRE((rc.max == 5)); CHECK(rc.eval(5)); CHECK(rc.eval(-1)); @@ -357,8 +357,8 @@ TEST_CASE(">", "[RangeCheck]") RangeCheck rc; REQUIRE(rc.parse(">5")); - REQUIRE(rc.op == RangeCheck::GT); - REQUIRE(rc.min == 5); + REQUIRE((rc.op == RangeCheck::GT)); + REQUIRE((rc.min == 5)); CHECK(rc.eval(6)); CHECK(rc.eval(10)); @@ -372,8 +372,8 @@ TEST_CASE(">=", "[RangeCheck]") RangeCheck rc; REQUIRE(rc.parse(">=5")); - REQUIRE(rc.op == RangeCheck::GE); - REQUIRE(rc.min == 5); + REQUIRE((rc.op == RangeCheck::GE)); + REQUIRE((rc.min == 5)); CHECK(rc.eval(5)); CHECK(rc.eval(10)); @@ -387,9 +387,9 @@ TEST_CASE("<>", "[RangeCheck]") RangeCheck rc; REQUIRE(rc.parse("0<>5")); - REQUIRE(rc.op == RangeCheck::LG); + REQUIRE((rc.op == RangeCheck::LG)); REQUIRE(rc.min == 0); - REQUIRE(rc.max == 5); + REQUIRE((rc.max == 5)); CHECK(rc.eval(1)); CHECK(rc.eval(4)); @@ -405,8 +405,8 @@ TEST_CASE("<=>", "[RangeCheck]") RangeCheck rc; REQUIRE(rc.parse("0<=>5")); - REQUIRE(rc.op == RangeCheck::LEG); - REQUIRE(rc.max == 5); + REQUIRE((rc.op == RangeCheck::LEG)); + REQUIRE((rc.max == 5)); CHECK(rc.eval(0)); CHECK(rc.eval(1)); @@ -427,80 +427,80 @@ TEST_CASE("parsing", "[RangeCheck]") { REQUIRE(rc.parse("5")); CHECK(rc.op == RangeCheck::EQ); - CHECK(rc.max == 5); + CHECK((rc.max == 5)); } SECTION("b") { REQUIRE(rc.parse(" 5 ")); CHECK(rc.op == RangeCheck::EQ); - CHECK(rc.max == 5); + CHECK((rc.max == 5)); } SECTION("c") { REQUIRE(rc.parse(" ! 5 ")); CHECK(rc.op == RangeCheck::NOT); - CHECK(rc.max == 5); + CHECK((rc.max == 5)); } SECTION("d") { REQUIRE(rc.parse(" != 5 ")); CHECK(rc.op == RangeCheck::NOT); - CHECK(rc.max == 5); + CHECK((rc.max == 5)); } SECTION("e") { REQUIRE(rc.parse(" < 5 ")); - CHECK(rc.op == RangeCheck::LT); - CHECK(rc.max == 5); + CHECK((rc.op == RangeCheck::LT)); + CHECK((rc.max == 5)); } SECTION("f") { REQUIRE(rc.parse(" > 5 ")); - CHECK(rc.op == RangeCheck::GT); - CHECK(rc.min == 5); + CHECK((rc.op == RangeCheck::GT)); + CHECK((rc.min == 5)); } SECTION("g") { REQUIRE(rc.parse(" <= 5 ")); - CHECK(rc.op == RangeCheck::LE); - CHECK(rc.max == 5); + CHECK((rc.op == RangeCheck::LE)); + CHECK((rc.max == 5)); } SECTION("h") { REQUIRE(rc.parse(" >= 5 ")); - CHECK(rc.op == RangeCheck::GE); - CHECK(rc.min == 5); + CHECK((rc.op == RangeCheck::GE)); + CHECK((rc.min == 5)); } SECTION("i") { REQUIRE(rc.parse(" 10 <> 50 ")); - CHECK(rc.op == RangeCheck::LG); - CHECK(rc.min == 10); - CHECK(rc.max == 50); + CHECK((rc.op == RangeCheck::LG)); + CHECK((rc.min == 10)); + CHECK((rc.max == 50)); } SECTION("j") { REQUIRE(rc.parse(" 0x10 <=> 0x50 ")); - CHECK(rc.op == RangeCheck::LEG); - CHECK(rc.min == 0x10); - CHECK(rc.max == 0x50); + CHECK((rc.op == RangeCheck::LEG)); + CHECK((rc.min == 0x10)); + CHECK((rc.max == 0x50)); } SECTION("k") { REQUIRE(rc.parse(" -0123 <=> 0x123 ")); - CHECK(rc.op == RangeCheck::LEG); - CHECK(rc.min == -83); - CHECK(rc.max == 291); + CHECK((rc.op == RangeCheck::LEG)); + CHECK((rc.min == -83)); + CHECK((rc.max == 291)); } } diff --git a/src/framework/value.cc b/src/framework/value.cc index 56c5fadee..aff043e21 100644 --- a/src/framework/value.cc +++ b/src/framework/value.cc @@ -265,7 +265,7 @@ TEST_CASE("mac addr negative test", "[Value]") Value test_val("12345"); test_val.get_buffer(num_chars); - REQUIRE(num_chars == 5); + REQUIRE((num_chars == 5)); test_val.get_mac(mac); CHECK(memcmp(mac,zero,6)==0); @@ -285,7 +285,7 @@ TEST_CASE("get addr test", "[Value]") { Value test_val("1234567890123456"); test_str = (uint8_t*)test_val.get_buffer(num_chars); - REQUIRE(num_chars == 16); + REQUIRE((num_chars == 16)); test_val.get_addr(addr); CHECK(memcmp(addr,test_str,16)==0); @@ -294,7 +294,7 @@ TEST_CASE("get addr test", "[Value]") { Value test_val("12345678901234567890"); test_val.get_buffer(num_chars); - REQUIRE(num_chars == 20); + REQUIRE((num_chars == 20)); test_val.get_addr(addr); CHECK(memcmp(addr,zero,16)==0); @@ -315,7 +315,7 @@ TEST_CASE("get addr IPv4 test", "[Value]") { Value test_val("1234"); test_str = (uint8_t*)test_val.get_buffer(num_chars); - REQUIRE(num_chars == 4); + REQUIRE((num_chars == 4)); test_val.get_addr_ip4(addr); CHECK(memcmp(addr,test_str,4)==0); @@ -324,7 +324,7 @@ TEST_CASE("get addr IPv4 test", "[Value]") { Value test_val("123456"); test_val.get_buffer(num_chars); - REQUIRE(num_chars == 6); + REQUIRE((num_chars == 6)); test_val.get_addr_ip4(addr); CHECK(memcmp(addr,zero,4)==0); @@ -344,7 +344,7 @@ TEST_CASE("get addr IPv6 test", "[Value]") { Value test_val("1234567890123456"); test_str = (uint8_t *)test_val.get_buffer(num_chars); - REQUIRE(num_chars == 16); + REQUIRE((num_chars == 16)); test_val.get_addr_ip6(addr); CHECK(memcmp(addr,test_str,16)==0); @@ -353,7 +353,7 @@ TEST_CASE("get addr IPv6 test", "[Value]") { Value test_val("123456"); test_val.get_buffer(num_chars); - REQUIRE(num_chars == 6); + REQUIRE((num_chars == 6)); test_val.get_addr_ip6(addr); CHECK(memcmp(addr,zero,16)==0); @@ -429,15 +429,15 @@ TEST_CASE("update mask", "[Value]") mask16 = 0x1100; test_val.update_mask(mask16, flag16, invert); - CHECK(mask16 == 0x0100); + CHECK((mask16 == 0x0100)); mask32 = 0x11000000; test_val.update_mask(mask32, flag32, invert); - CHECK(mask32 == 0x01000000); + CHECK((mask32 == 0x01000000)); mask64 = 0x1100000000000000; test_val.update_mask(mask64, flag64, invert); - CHECK(mask64 == 0x0100000000000000); + CHECK((mask64 == 0x0100000000000000)); } SECTION("invert false") @@ -445,19 +445,19 @@ TEST_CASE("update mask", "[Value]") invert = false; mask8 = 0x01; test_val.update_mask(mask8, flag8, invert); - CHECK(mask8 == 0x11); + CHECK((mask8 == 0x11)); mask16 = 0x0100; test_val.update_mask(mask16, flag16, invert); - CHECK(mask16 == 0x1100); + CHECK((mask16 == 0x1100)); mask32 = 0x01000000; test_val.update_mask(mask32, flag32, invert); - CHECK(mask32 == 0x11000000); + CHECK((mask32 == 0x11000000)); mask64 = 0x0100000000000000; test_val.update_mask(mask64, flag64, invert); - CHECK(mask64 == 0x1100000000000000); + CHECK((mask64 == 0x1100000000000000)); } } @@ -475,15 +475,15 @@ TEST_CASE("update mask", "[Value]") mask16 = 0x1100; test_val.update_mask(mask16, flag16, invert); - CHECK(mask16 == 0x0100); + CHECK((mask16 == 0x0100)); mask32 = 0x11000000; test_val.update_mask(mask32, flag32, invert); - CHECK(mask32 == 0x01000000); + CHECK((mask32 == 0x01000000)); mask64 = 0x1100000000000000; test_val.update_mask(mask64, flag64, invert); - CHECK(mask64 == 0x0100000000000000); + CHECK((mask64 == 0x0100000000000000)); } SECTION("invert true") @@ -491,19 +491,19 @@ TEST_CASE("update mask", "[Value]") invert = false; mask8 = 0x01; test_val.update_mask(mask8, flag8, invert); - CHECK(mask8 == 0x11); + CHECK((mask8 == 0x11)); mask16 = 0x0100; test_val.update_mask(mask16, flag16, invert); - CHECK(mask16 == 0x1100); + CHECK((mask16 == 0x1100)); mask32 = 0x01000000; test_val.update_mask(mask32, flag32, invert); - CHECK(mask32 == 0x11000000); + CHECK((mask32 == 0x11000000)); mask64 = 0x0100000000000000; test_val.update_mask(mask64, flag64, invert); - CHECK(mask64 == 0x1100000000000000); + CHECK((mask64 == 0x1100000000000000)); } } } diff --git a/src/hash/sfxhash.cc b/src/hash/sfxhash.cc index 683811dcf..5c82f488a 100644 --- a/src/hash/sfxhash.cc +++ b/src/hash/sfxhash.cc @@ -1296,7 +1296,7 @@ int main(int argc, char** argv) } } - printf("...Auto-Node-Recovery: %d recycle attempts, %d completions.\n",t->anr_tries, + printf("...Auto-Node-Recovery: %u recycle attempts, %u completions.\n",t->anr_tries, t->anr_count); /* Free the table and it's user data */ diff --git a/src/ips_options/extract.cc b/src/ips_options/extract.cc index 5369eb519..3baa63065 100644 --- a/src/ips_options/extract.cc +++ b/src/ips_options/extract.cc @@ -178,7 +178,7 @@ int string_extract(int bytes_to_grab, int base, const uint8_t* ptr, #ifdef TEST_BYTE_EXTRACT printf("[----]\n"); - for (x=0; (x<=TEXTLEN) && (byte_array[x] != '\0'); x++) + for (x=0; (x::get(L, -1); - CHECK(r == 3); + CHECK((r == 3)); } lua_pop(L, 1); @@ -62,7 +62,7 @@ static void test_signed() lua_pushinteger(L, 5); { b = Lua::Stack::validate(L, -1, k); - CHECK(k == 5); + CHECK((k == 5)); CHECK(b); } lua_pop(L, 1); @@ -72,7 +72,7 @@ static void test_signed() lua_pushnil(L); { b = Lua::Stack::validate(L, -1, k); - CHECK(k == 7); + CHECK((k == 7)); CHECK(!b); } lua_pop(L, 1); @@ -87,7 +87,7 @@ static void test_unsigned() lua_pushinteger(L, 3); { auto r = Lua::Stack::get(L, -1); - CHECK(r == 3); + CHECK((r == 3)); } lua_pop(L, 1); @@ -113,7 +113,7 @@ static void test_unsigned() lua_pushinteger(L, 5); { b = Lua::Stack::validate(L, -1, k); - CHECK(k == 5); + CHECK((k == 5)); CHECK(b); } lua_pop(L, 1); @@ -123,14 +123,14 @@ static void test_unsigned() lua_pushnil(L); { b = Lua::Stack::validate(L, -1, k); - CHECK(k == 7); + CHECK((k == 7)); CHECK(!b); } lua_pop(L, 1); lua_pushinteger(L, -1); { b = Lua::Stack::validate(L, -1, k); - CHECK(k == 7); + CHECK((k == 7)); CHECK(!b); } lua_pop(L, 1); @@ -160,7 +160,7 @@ static void test_cstring() lua_pushlstring(L, "f\0b", 3); { s = Lua::Stack::get(L, -1, len); - CHECK(len == 3); + CHECK((len == 3)); CHECK(!strncmp(s, "f\0b", len)); } lua_pop(L, 1); @@ -190,7 +190,7 @@ static void test_cstring() Lua::Stack::push(L, s, 3); { s = lua_tolstring(L, -1, &len); - CHECK(len == 3); + CHECK((len == 3)); CHECK(!strncmp(s, "f\0b", len)); } lua_pop(L, 1); @@ -269,7 +269,7 @@ static void test_string() lua_pushlstring(L, "f\0b", 3); { s = Lua::Stack::get(L, -1); - CHECK(s.length() == 3); + CHECK((s.length() == 3)); CHECK(!strncmp(s.c_str(), "f\0b", 3)); } lua_pop(L, 1); @@ -288,7 +288,7 @@ static void test_string() Lua::Stack::push(L, s); { cs = lua_tolstring(L, -1, &len); - CHECK(len == 3); + CHECK((len == 3)); CHECK(!strncmp(cs, "f\0b", len)); } lua_pop(L, 1); @@ -314,7 +314,7 @@ static void test_string() { b = Lua::Stack::validate(L, -1, s); CHECK(b); - CHECK(s.length() == 3); + CHECK((s.length() == 3)); CHECK(!strncmp(s.c_str(), "f\0o", 3)); } lua_pop(L, 1); diff --git a/src/main/snort_debug.cc b/src/main/snort_debug.cc index 54d630ba6..a1d44622a 100644 --- a/src/main/snort_debug.cc +++ b/src/main/snort_debug.cc @@ -294,7 +294,7 @@ TEST_CASE("safety", "[trace]") testing_dump[0] = '\0'; trace_log(testing, message); - CHECK( strlen(testing_dump) == STD_BUF - 1 ); + CHECK( (strlen(testing_dump) == STD_BUF - 1) ); } #endif diff --git a/src/memory/memory_cap.cc b/src/memory/memory_cap.cc index d19a77b89..b4bc9aadf 100644 --- a/src/memory/memory_cap.cc +++ b/src/memory/memory_cap.cc @@ -274,7 +274,7 @@ TEST_CASE( "memory cap free space", "[memory]" ) HandlerSpy handler { -1, tracker }; CHECK( memory::free_space(2, 1024, tracker, handler) ); - CHECK( handler.calls == 2 ); + CHECK( (handler.calls == 2) ); } SECTION( "handler fails to free enough space" ) diff --git a/src/network_inspectors/appid/appid_stats.cc b/src/network_inspectors/appid/appid_stats.cc index 5a9cd2a8a..bce02e282 100644 --- a/src/network_inspectors/appid/appid_stats.cc +++ b/src/network_inspectors/appid/appid_stats.cc @@ -398,7 +398,7 @@ static void dump_statistics() header.length = buffSize - ( 2 * sizeof(uint32_t)); buffer = (uint8_t*)snort_calloc(buffSize); # ifdef DEBUG_STATS - fprintf(SF_DEBUG_FILE, "Write App Records %u Size: %lu\n", + fprintf(SF_DEBUG_FILE, "Write App Records %u Size: %zu\n", bucket->appRecordCnt, buffSize); # endif } diff --git a/src/network_inspectors/appid/detector_plugins/detector_http.cc b/src/network_inspectors/appid/detector_plugins/detector_http.cc index a40b651c8..39dd392a3 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_http.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_http.cc @@ -674,9 +674,14 @@ static SearchTool* processPatterns(DetectorHTTPPattern* patternList, { SearchTool* patternMatcher = new SearchTool("ac_full"); - for (uint32_t i = 0; i < patternListCount; i++) - patternMatcher->add(patternList[i].pattern, patternList[i].pattern_size, - &patternList[i], false); + if( patternList ) + { + for (size_t i = 0; i < patternListCount; i++) + { + patternMatcher->add(patternList[i].pattern, patternList[i].pattern_size, + &patternList[i], false); + } + } /* Add patterns from Lua API */ HTTPListElement* element; @@ -698,7 +703,7 @@ static int processHostPatterns(DetectorHTTPPattern* patternList, size_t patternL if (!detectorHttpConfig->RTMPHosUrlMatcher) detectorHttpConfig->RTMPHosUrlMatcher = mlmpCreate(); - for (uint32_t i = 0; i < patternListCount; i++) + for (size_t i = 0; i < patternListCount; i++) { if (addMlmpPattern(detectorHttpConfig->host_url_matcher, &detectorHttpConfig->hosUrlPatternsList, patternList[i].pattern, patternList[i].pattern_size, @@ -753,7 +758,7 @@ static SearchTool* processContentTypePatterns(DetectorHTTPPattern* patternList, SearchTool* patternMatcher = new SearchTool("ac_full"); HTTPListElement* element; - for (uint32_t i = 0; i < patternListCount; i++) + for (size_t i = 0; i < patternListCount; i++) { patternMatcher->add(patternList[i].pattern, patternList[i].pattern_size, &patternList[i], false); @@ -802,7 +807,7 @@ static SearchTool* registerHeaderPatterns(HeaderPattern* patternList, size_t pat { SearchTool* patternMatcher = new SearchTool("ac_full"); - for (uint32_t i = 0; i < patternListCount; i++) + for (size_t i = 0; i < patternListCount; i++) patternMatcher->add(patternList[i].data, patternList[i].length, &patternList[i], true); patternMatcher->prep(); @@ -839,11 +844,9 @@ static FieldPattern http_field_patterns[] = static SearchTool* processHttpFieldPatterns(FieldPattern* patternList, size_t patternListCount) { - u_int32_t i; - SearchTool* patternMatcher = new SearchTool("ac_full"); - for (i=0; i < patternListCount; i++) + for (size_t i=0; i < patternListCount; i++) patternMatcher->add( (char *)patternList[i].data, patternList[i].length, &patternList[i], false); diff --git a/src/network_inspectors/binder/test/binder_test.cc b/src/network_inspectors/binder/test/binder_test.cc index 18770f548..1d5499c83 100644 --- a/src/network_inspectors/binder/test/binder_test.cc +++ b/src/network_inspectors/binder/test/binder_test.cc @@ -29,6 +29,7 @@ #include "framework/inspector.h" #include "managers/inspector_manager.h" #include "main/policy.h" +#include "main/snort_config.h" #include "profiler/profiler.h" #include "stream/stream_splitter.h" #include "utils/stats.h" @@ -37,6 +38,34 @@ #include THREAD_LOCAL SnortConfig* snort_conf = nullptr; + +static SnortState s_state; + +SnortConfig::SnortConfig() +{ + state = &s_state; + memset(state, 0, sizeof(*state)); + num_slots = 1; +} + +SnortConfig::~SnortConfig() { } +unsigned get_instance_id() +{ return 0; } + +FileIdentifier::~FileIdentifier() { } + +FileVerdict FilePolicy::type_lookup(Flow*, FileContext*) +{ return FILE_VERDICT_UNKNOWN; } + +FileVerdict FilePolicy::type_lookup(Flow*, FileInfo*) +{ return FILE_VERDICT_UNKNOWN; } + +FileVerdict FilePolicy::signature_lookup(Flow*, FileContext*) +{ return FILE_VERDICT_UNKNOWN; } + +FileVerdict FilePolicy::signature_lookup(Flow*, FileInfo*) +{ return FILE_VERDICT_UNKNOWN; } + THREAD_LOCAL BindStats bstats; static const PegInfo bind_pegs[] = { { nullptr, nullptr } }; @@ -99,7 +128,7 @@ int16_t FindProtocolReference(const char*) { return 0; } void set_policies(SnortConfig*, unsigned) { } HostAttributeEntry* SFAT_LookupHostEntryByIP(const SfIp*) { return nullptr; } -Flow::Flow() { } +Flow::Flow() { memset(this, 0, sizeof(*this)); } Flow::~Flow() { } extern const BaseApi* nin_binder; @@ -116,22 +145,11 @@ TEST_GROUP(binder) TEST(binder, exec) { - uint8_t* conf = new uint8_t[sizeof(SnortConfig)]; - memset(conf,0,sizeof(SnortConfig)); - snort_conf = (SnortConfig*)conf; + snort_conf = new SnortConfig; Flow* flow = new Flow; - constexpr size_t offset = offsetof(Flow, flow_data); - memset((uint8_t*)flow+offset, 0, sizeof(Flow)-offset); - s_inspector = new MyInspector(); flow->pkt_type = PktType::UDP; - flow->key = nullptr; - flow->session = nullptr; - flow->clouseau = nullptr; - flow->gadget = nullptr; - flow->ssn_client = nullptr; - flow->ssn_server = nullptr; flow->key = new FlowKey; ((FlowKey*)flow->key)->init(PktType::UDP, IpProtocol::UDP, &s_src_ip, (uint16_t)10, &s_dst_ip, (uint16_t)11, 0, 0, 0); InspectApi* api = (InspectApi*)nin_binder; @@ -154,7 +172,7 @@ TEST(binder, exec) delete flow->key; delete flow; delete s_inspector; - delete[] conf; + delete snort_conf; } int main(int argc, char** argv) diff --git a/src/network_inspectors/packet_capture/packet_capture.cc b/src/network_inspectors/packet_capture/packet_capture.cc index fe7e1b8ca..d3cb6f658 100644 --- a/src/network_inspectors/packet_capture/packet_capture.cc +++ b/src/network_inspectors/packet_capture/packet_capture.cc @@ -430,11 +430,11 @@ TEST_CASE("bpf filter", "[PacketCapture]") cap.eval(&p_match); CHECK ( cap.write_packet_called ); - CHECK ( cap_count_stats.checked == 3 ); - CHECK ( cap_count_stats.matched == 2 ); + CHECK ( (cap_count_stats.checked == 3) ); + CHECK ( (cap_count_stats.matched == 2) ); - REQUIRE ( cap.pcap.size() >= 2 ); - CHECK ( cap.pcap.size() == 2 ); + REQUIRE ( (cap.pcap.size() >= 2) ); + CHECK ( (cap.pcap.size() == 2) ); CHECK ( cap.pcap[0] == &p_match ); CHECK ( cap.pcap[1] == &p_match ); diff --git a/src/network_inspectors/perf_monitor/cpu_tracker.cc b/src/network_inspectors/perf_monitor/cpu_tracker.cc index da4e77e29..beb870dd1 100644 --- a/src/network_inspectors/perf_monitor/cpu_tracker.cc +++ b/src/network_inspectors/perf_monitor/cpu_tracker.cc @@ -144,7 +144,7 @@ TEST_CASE("timeval to scalar", "[cpu_tracker]") t.tv_sec = 1459523272; t.tv_usec = 123456; - CHECK(get_microseconds(t) == 1459523272123456 ); + CHECK((get_microseconds(t) == 1459523272123456)); t.tv_sec = 0; t.tv_usec = 0; diff --git a/src/network_inspectors/perf_monitor/flow_tracker.cc b/src/network_inspectors/perf_monitor/flow_tracker.cc index bf0bb31b6..09c487f1d 100644 --- a/src/network_inspectors/perf_monitor/flow_tracker.cc +++ b/src/network_inspectors/perf_monitor/flow_tracker.cc @@ -185,10 +185,10 @@ TEST_CASE("no protocol", "[FlowTracker]") tracker.update(&p); tracker.process(false); - CHECK( *f->public_values["flow.byte_total"].pc == 32639 ); + CHECK( (*f->public_values["flow.byte_total"].pc == 32639) ); CHECK( f->public_values["flow.packets_by_bytes"].ipc->at(123) == 0 ); CHECK( f->public_values["flow.packets_by_bytes"].ipc->at(127) == 1 ); - CHECK( f->public_values["flow.packets_by_bytes"].ipc->at(256) == 2 ); + CHECK( (f->public_values["flow.packets_by_bytes"].ipc->at(256) == 2) ); CHECK( *f->public_values["flow.oversized_packets"].pc == 1 ); tracker.real_clear(); @@ -234,9 +234,9 @@ TEST_CASE("icmp", "[FlowTracker]") tracker.update(&p); tracker.process(false); - CHECK( f->public_values["flow_icmp.bytes_by_type"].ipc->at(3) == 127 ); - CHECK( f->public_values["flow_icmp.bytes_by_type"].ipc->at(9) == 512 ); - CHECK( f->public_values["flow_icmp.bytes_by_type"].ipc->at(127) == 32000 ); + CHECK( (f->public_values["flow_icmp.bytes_by_type"].ipc->at(3) == 127) ); + CHECK( (f->public_values["flow_icmp.bytes_by_type"].ipc->at(9) == 512) ); + CHECK( (f->public_values["flow_icmp.bytes_by_type"].ipc->at(127) == 32000) ); tracker.real_clear(); CHECK( f->public_values["flow_icmp.bytes_by_type"].ipc->at(3) == 0 ); @@ -288,9 +288,9 @@ TEST_CASE("tcp", "[FlowTracker]") tracker.update(&p); tracker.process(false); - CHECK( f->public_values["flow_tcp.bytes_by_source"].ipc->at(1024) == 1663 ); - CHECK( f->public_values["flow_tcp.bytes_by_dest"].ipc->at(1024) == 2048 ); - CHECK( *f->public_values["flow_tcp.high_port_bytes"].pc == 32000 ); + CHECK( (f->public_values["flow_tcp.bytes_by_source"].ipc->at(1024) == 1663) ); + CHECK( (f->public_values["flow_tcp.bytes_by_dest"].ipc->at(1024) == 2048) ); + CHECK( (*f->public_values["flow_tcp.high_port_bytes"].pc == 32000) ); tracker.real_clear(); CHECK( f->public_values["flow_tcp.bytes_by_source"].ipc->at(1024) == 0 ); @@ -342,9 +342,9 @@ TEST_CASE("udp", "[FlowTracker]") tracker.update(&p); tracker.process(false); - CHECK( f->public_values["flow_udp.bytes_by_source"].ipc->at(1024) == 1663 ); - CHECK( f->public_values["flow_udp.bytes_by_dest"].ipc->at(1024) == 2048 ); - CHECK( *f->public_values["flow_udp.high_port_bytes"].pc == 32000 ); + CHECK( (f->public_values["flow_udp.bytes_by_source"].ipc->at(1024) == 1663) ); + CHECK( (f->public_values["flow_udp.bytes_by_dest"].ipc->at(1024) == 2048) ); + CHECK( (*f->public_values["flow_udp.high_port_bytes"].pc == 32000) ); tracker.real_clear(); CHECK( f->public_values["flow_udp.bytes_by_source"].ipc->at(1024) == 0 ); diff --git a/src/network_inspectors/perf_monitor/perf_module.cc b/src/network_inspectors/perf_monitor/perf_module.cc index 1611a9151..446163b34 100644 --- a/src/network_inspectors/perf_monitor/perf_module.cc +++ b/src/network_inspectors/perf_monitor/perf_module.cc @@ -179,7 +179,7 @@ bool PerfMonModule::begin(const char* fqn, int, SnortConfig*) mod_pegs.clear(); } else - memset(&config, 0, sizeof(PerfConfig)); + memset(static_cast(&config), 0, sizeof(config)); return true; } diff --git a/src/network_inspectors/perf_monitor/perf_module.h b/src/network_inspectors/perf_monitor/perf_module.h index 8e6cf9f3d..a6a1f13d5 100644 --- a/src/network_inspectors/perf_monitor/perf_module.h +++ b/src/network_inspectors/perf_monitor/perf_module.h @@ -56,7 +56,7 @@ enum PerfOutput PERF_CONSOLE }; -struct PerfConfig +struct PerfConfigBase { int perf_flags; @@ -67,7 +67,10 @@ struct PerfConfig uint32_t flowip_memcap; PerfFormat format; PerfOutput output; +}; +struct PerfConfig:public PerfConfigBase +{ std::vector modules; std::vector mod_peg_idxs; }; diff --git a/src/packet_io/test/sfdaq_module_test.cc b/src/packet_io/test/sfdaq_module_test.cc index dfa69ebcf..44a0aff9a 100644 --- a/src/packet_io/test/sfdaq_module_test.cc +++ b/src/packet_io/test/sfdaq_module_test.cc @@ -86,7 +86,7 @@ TEST_CASE("Kitchen Sink", "[SFDAQModule]") /* Validate the configuration */ SFDAQConfig *cfg = sc.daq_config; - REQUIRE(cfg->module_dirs.size() == 2); + REQUIRE((cfg->module_dirs.size() == 2)); CHECK(cfg->module_dirs[0] == module_dir1.get_string()); CHECK(cfg->module_dirs[1] == module_dir2.get_string()); @@ -94,7 +94,7 @@ TEST_CASE("Kitchen Sink", "[SFDAQModule]") CHECK(cfg->input_spec == input_spec.get_string()); - REQUIRE(cfg->variables.size() == 3); + REQUIRE((cfg->variables.size() == 3)); CHECK(cfg->variables[0].first == "foo"); CHECK(cfg->variables[0].second == "bar"); CHECK(cfg->variables[1].first == "debug"); @@ -102,15 +102,15 @@ TEST_CASE("Kitchen Sink", "[SFDAQModule]") CHECK(cfg->variables[2].first == "hello"); CHECK(cfg->variables[2].second == "world"); - CHECK(cfg->mru_size == 6666); + CHECK((cfg->mru_size == 6666)); REQUIRE(cfg->instances.size() == 1); for (auto it : cfg->instances) { - CHECK(it.first == 5); + CHECK((it.first == 5)); SFDAQInstanceConfig* icfg = it.second; CHECK(icfg->input_spec == instance_input_spec.get_string()); - REQUIRE(icfg->variables.size() == 2); + REQUIRE((icfg->variables.size() == 2)); CHECK(icfg->variables[0].first == "instance5_var1"); CHECK(icfg->variables[0].second == "foo"); CHECK(icfg->variables[1].first == instance_var2.get_string()); @@ -140,8 +140,8 @@ TEST_CASE("Kitchen Sink", "[SFDAQModule]") REQUIRE(cfg->variables.size() == 1); CHECK(cfg->variables[0].first == "cli_global_variable"); CHECK(cfg->variables[0].second == "abc"); - CHECK(cfg->mru_size == 3333); - REQUIRE(cfg->instances.size() == 2); + CHECK((cfg->mru_size == 3333)); + REQUIRE((cfg->instances.size() == 2)); for (auto it : cfg->instances) { CHECK((it.first == 2 || it.first == 5)); diff --git a/src/profiler/memory_profiler.cc b/src/profiler/memory_profiler.cc index a8059d7c9..d75f05f81 100644 --- a/src/profiler/memory_profiler.cc +++ b/src/profiler/memory_profiler.cc @@ -220,10 +220,10 @@ TEST_CASE( "memory stats", "[profiler][memory_profiler]" ) MemoryStats stats_b = { 5, 6, 7, 8 }; stats += stats_b; - CHECK( stats.allocs == 6 ); - CHECK( stats.deallocs == 8 ); - CHECK( stats.allocated == 10 ); - CHECK( stats.deallocated == 12 ); + CHECK( (stats.allocs == 6) ); + CHECK( (stats.deallocs == 8) ); + CHECK( (stats.allocated == 10) ); + CHECK( (stats.deallocated == 12) ); } SECTION( "update" ) @@ -232,19 +232,19 @@ TEST_CASE( "memory stats", "[profiler][memory_profiler]" ) { stats.update_allocs(10); - CHECK( stats.allocs == 2 ); - CHECK( stats.deallocs == 2 ); // e.g. no change - CHECK( stats.allocated == 13 ); - CHECK( stats.deallocated == 4 ); // e.g. no change + CHECK( (stats.allocs == 2) ); + CHECK( (stats.deallocs == 2) ); // e.g. no change + CHECK( (stats.allocated == 13) ); + CHECK( (stats.deallocated == 4) ); // e.g. no change SECTION( "deallocations" ) { stats.update_deallocs(10); - CHECK( stats.allocs == 2 ); // e.g. no change - CHECK( stats.deallocs == 3 ); - CHECK( stats.allocated == 13 ); // e.g. no change - CHECK( stats.deallocated == 14 ); + CHECK( (stats.allocs == 2) ); // e.g. no change + CHECK( (stats.deallocs == 3) ); + CHECK( (stats.allocated == 13) ); // e.g. no change + CHECK( (stats.deallocated == 14) ); } } } @@ -287,24 +287,24 @@ TEST_CASE( "memory profiler view", "[profiler][memory_profiler]" ) SECTION( "total_used" ) { - CHECK( view.total() == 100 ); + CHECK( (view.total() == 100) ); } SECTION( "avg_allocation" ) { - CHECK( view.avg_alloc() == 100.0 ); + CHECK( (view.avg_alloc() == 100.0) ); } SECTION( "pct_of" ) { MemoryStats ms = { 0, 0, 200, 0 }; - CHECK( view.pct_of(ms) == 50.0 ); + CHECK( (view.pct_of(ms) == 50.0) ); SECTION( "zero division" ) { ms.allocated = 0; - CHECK( view.pct_of(ms) == 0.0 ); + CHECK( (view.pct_of(ms) == 0.0) ); } } } @@ -320,7 +320,7 @@ TEST_CASE( "memory profiler view", "[profiler][memory_profiler]" ) SECTION( "pct_caller" ) { - CHECK( child.pct_caller() == 50.0 ); + CHECK( (child.pct_caller() == 50.0) ); } } } diff --git a/src/profiler/profiler_nodes.cc b/src/profiler/profiler_nodes.cc index 913255cbc..2349a59f7 100644 --- a/src/profiler/profiler_nodes.cc +++ b/src/profiler/profiler_nodes.cc @@ -292,8 +292,8 @@ TEST_CASE( "profiler node", "[profiler]" ) auto& result = node.get_stats(); - CHECK( result.time.elapsed == 2_ticks ); - CHECK( result.time.checks == 2 ); + CHECK( (result.time.elapsed == 2_ticks) ); + CHECK( (result.time.checks == 2) ); } SECTION( "reset" ) diff --git a/src/profiler/rule_profiler.cc b/src/profiler/rule_profiler.cc index 37d493d34..acd3f0de0 100644 --- a/src/profiler/rule_profiler.cc +++ b/src/profiler/rule_profiler.cc @@ -412,19 +412,19 @@ TEST_CASE( "otn state", "[profiler][rule_profiler]" ) state_a += state_b; - CHECK( state_a.elapsed == 5_ticks ); - CHECK( state_a.elapsed_match == 7_ticks ); - CHECK( state_a.checks == 6 ); - CHECK( state_a.matches == 8 ); - CHECK( state_a.alerts == 12 ); + CHECK( (state_a.elapsed == 5_ticks) ); + CHECK( (state_a.elapsed_match == 7_ticks) ); + CHECK( (state_a.checks == 6) ); + CHECK( (state_a.matches == 8) ); + CHECK( (state_a.alerts == 12) ); } SECTION( "reset" ) { state_a = OtnState(); - CHECK( state_a.elapsed == 0_ticks ); - CHECK( state_a.elapsed_match == 0_ticks ); + CHECK( (state_a.elapsed == 0_ticks) ); + CHECK( (state_a.elapsed_match == 0_ticks) ); CHECK( state_a.checks == 0 ); CHECK( state_a.matches == 0 ); CHECK( state_a.alerts == 0 ); @@ -473,27 +473,27 @@ TEST_CASE( "rule entry", "[profiler][rule_profiler]" ) SECTION( "elapsed" ) { - CHECK( entry.elapsed() == 3_ticks ); + CHECK( (entry.elapsed() == 3_ticks) ); } SECTION( "elapsed_match" ) { - CHECK( entry.elapsed_match() == 2_ticks ); + CHECK( (entry.elapsed_match() == 2_ticks) ); } SECTION( "elapsed_no_match" ) { - CHECK( entry.elapsed_no_match() == 1_ticks ); + CHECK( (entry.elapsed_no_match() == 1_ticks) ); } SECTION( "checks" ) { - CHECK( entry.checks() == 3 ); + CHECK( (entry.checks() == 3) ); } SECTION( "matches" ) { - CHECK( entry.matches() == 2 ); + CHECK( (entry.matches() == 2) ); } SECTION( "no_matches" ) @@ -503,17 +503,17 @@ TEST_CASE( "rule entry", "[profiler][rule_profiler]" ) SECTION( "alerts" ) { - CHECK( entry.alerts() == 77 ); + CHECK( (entry.alerts() == 77) ); } SECTION( "timeouts" ) { - CHECK( entry.timeouts() == 5 ); + CHECK( (entry.timeouts() == 5) ); } SECTION( "suspends" ) { - CHECK( entry.suspends() == 2 ); + CHECK( (entry.suspends() == 2) ); } @@ -521,21 +521,21 @@ TEST_CASE( "rule entry", "[profiler][rule_profiler]" ) { auto ticks = entry.avg_match(); INFO( ticks.count() << " == " << (1_ticks).count() ); - CHECK( ticks == 1_ticks ); + CHECK( (ticks == 1_ticks) ); } SECTION( "avg_no_match" ) { auto ticks = entry.avg_no_match(); INFO( ticks.count() << " == " << (1_ticks).count() ); - CHECK( ticks == 1_ticks ); + CHECK( (ticks == 1_ticks) ); } SECTION( "avg_check" ) { auto ticks = entry.avg_check(); INFO( ticks.count() << " == " << (1_ticks).count() ); - CHECK( ticks == 1_ticks ); + CHECK( (ticks == 1_ticks) ); } } @@ -693,10 +693,10 @@ TEST_CASE( "rule profiler time context", "[profiler][rule_profiler]" ) } INFO( "elapsed: " << stats.elapsed.count() ); - CHECK( stats.elapsed > 0_ticks ); + CHECK( (stats.elapsed > 0_ticks) ); CHECK( stats.checks == 1 ); INFO( "elapsed_match: " << stats.elapsed_match.count() ); - CHECK( stats.elapsed_match == 0_ticks ); + CHECK( (stats.elapsed_match == 0_ticks) ); } SECTION( "explicitly calling stop" ) @@ -711,7 +711,7 @@ TEST_CASE( "rule profiler time context", "[profiler][rule_profiler]" ) ctx.stop(true); INFO( "elapsed: " << stats.elapsed.count() ); - CHECK( stats.elapsed > 0_ticks ); + CHECK( (stats.elapsed > 0_ticks) ); CHECK( stats.checks == 1 ); CHECK( stats.elapsed_match == stats.elapsed ); save = stats; @@ -726,9 +726,9 @@ TEST_CASE( "rule profiler time context", "[profiler][rule_profiler]" ) ctx.stop(false); INFO( "elapsed: " << stats.elapsed.count() ); - CHECK( stats.elapsed > 0_ticks ); + CHECK( (stats.elapsed > 0_ticks) ); CHECK( stats.checks == 1 ); - CHECK( stats.elapsed_match == 0_ticks ); + CHECK( (stats.elapsed_match == 0_ticks) ); save = stats; } } diff --git a/src/profiler/time_profiler.cc b/src/profiler/time_profiler.cc index b0e0f4ed7..292967180 100644 --- a/src/profiler/time_profiler.cc +++ b/src/profiler/time_profiler.cc @@ -248,7 +248,7 @@ TEST_CASE( "profiler tree builder", "[profiler][profiler_tree_builder]" ) CHECK( root.view.name == "a" ); - REQUIRE( root.children.size() == 2 ); + REQUIRE( (root.children.size() == 2) ); SECTION( "b branch" ) { @@ -266,7 +266,7 @@ TEST_CASE( "profiler tree builder", "[profiler][profiler_tree_builder]" ) auto &c_entry = root.children[1]; REQUIRE( c_entry.view.name == "c" ); - REQUIRE( c_entry.children.size() == 2 ); + REQUIRE( (c_entry.children.size() == 2) ); CHECK( c_entry.children[0].view.name == "e" ); CHECK( c_entry.children[1].view.name == "f" ); @@ -312,16 +312,16 @@ TEST_CASE( "time profiler stats", "[profiler][time_profiler]" ) TimeProfilerStats stats_b = { 1_ticks, 1 }; stats += stats_b; - CHECK( stats.elapsed == 3_ticks ); - CHECK( stats.checks == 4 ); + CHECK( (stats.elapsed == 3_ticks) ); + CHECK( (stats.checks == 4) ); } SECTION( "update" ) { stats.update(1_ticks); - CHECK( stats.elapsed == 3_ticks ); - CHECK( stats.checks == 4 ); + CHECK( (stats.elapsed == 3_ticks) ); + CHECK( (stats.checks == 4) ); } SECTION( "reset" ) @@ -359,28 +359,28 @@ TEST_CASE( "time profiler view", "[profiler][time_profiler]" ) SECTION( "elapsed" ) { - CHECK( view.elapsed() == 12_ticks ); + CHECK( (view.elapsed() == 12_ticks) ); } SECTION( "checks" ) { - CHECK( view.checks() == 6 ); + CHECK( (view.checks() == 6) ); } SECTION( "avg_check" ) { - CHECK( view.avg_check() == 2_ticks ); + CHECK( (view.avg_check() == 2_ticks) ); } SECTION( "pct_of" ) { TimeProfilerStats tps = { 24_ticks, 6 }; - CHECK( view.pct_of(tps) == 50.0 ); + CHECK( (view.pct_of(tps) == 50.0) ); SECTION( "zero division" ) { tps.elapsed = 0_ticks; - CHECK( view.pct_of(tps) == 0.0 ); + CHECK( (view.pct_of(tps) == 0.0) ); } } } @@ -395,7 +395,7 @@ TEST_CASE( "time profiler view", "[profiler][time_profiler]" ) SECTION( "pct_caller" ) { - CHECK( child.pct_caller() == 50.0 ); + CHECK( (child.pct_caller() == 50.0) ); } } } @@ -514,7 +514,7 @@ TEST_CASE( "time profiler time context", "[profiler][time_profiler]" ) { TimeContext ctx2(stats); - CHECK( stats.ref_count == 2 ); + CHECK( (stats.ref_count == 2) ); } CHECK( stats.ref_count == 1 ); diff --git a/src/search_engines/acsmx.cc b/src/search_engines/acsmx.cc index 979b81197..c53c8b0a3 100644 --- a/src/search_engines/acsmx.cc +++ b/src/search_engines/acsmx.cc @@ -598,7 +598,7 @@ int main(int argc, char** argv) exit (0); } acsm = acsmNew (); - strcpy (text, argv[1]); + strncpy(text, argv[1], sizeof(text)); for (i = 1; i < argc; i++) if (strcmp (argv[i], "-nocase") == 0) nocase = 1; diff --git a/src/service_inspectors/ftp_telnet/ftp_print.cc b/src/service_inspectors/ftp_telnet/ftp_print.cc index c1f7b8b79..a74bfcc42 100644 --- a/src/service_inspectors/ftp_telnet/ftp_print.cc +++ b/src/service_inspectors/ftp_telnet/ftp_print.cc @@ -256,11 +256,11 @@ int PrintFTPServerConf(FTP_SERVER_PROTO_CONF* ServerConf) FTPCmd->cmd_name, FTPCmd->max_param_len); #ifdef PRINT_DEFAULT_CONFIGS if (FTPCmd->data_chan_cmd) - snprintf(buf, BUF_SIZE, "%s data_chan "); + snprintf(buf, BUF_SIZE, "%s", "data_chan "); if (FTPCmd->data_xfer_cmd) - snprintf(buf, BUF_SIZE, "%s data_xfer "); + snprintf(buf, BUF_SIZE, "%s", "data_xfer "); if (FTPCmd->encr_cmd) - snprintf(buf, BUF_SIZE, "%s encr "); + snprintf(buf, BUF_SIZE, "%s", "encr "); #endif if (FTPCmd->check_validity) diff --git a/src/service_inspectors/http_inspect/http_head_norm.cc b/src/service_inspectors/http_inspect/http_head_norm.cc index d1e4ea072..7266706c8 100644 --- a/src/service_inspectors/http_inspect/http_head_norm.cc +++ b/src/service_inspectors/http_inspect/http_head_norm.cc @@ -102,6 +102,8 @@ void HeaderNormalizer::normalize(const HeaderId head_id, const int count, uint8_t* const norm_value = new uint8_t[buffer_length]; uint8_t* const temp_space = new uint8_t[buffer_length]; + memset(norm_value, 0, buffer_length); + memset(temp_space, 0, buffer_length); uint8_t* working = (num_normalizers%2 == 0) ? norm_value : temp_space; int32_t data_length = 0; for (int j=0; j < num_matches; j++) diff --git a/src/service_inspectors/sip/sip.cc b/src/service_inspectors/sip/sip.cc index 3a9c09ece..3d0e6b1a3 100644 --- a/src/service_inspectors/sip/sip.cc +++ b/src/service_inspectors/sip/sip.cc @@ -185,7 +185,7 @@ static void PrintSipConf(SIP_PROTO_CONF* config) *********************************************************************/ static inline int SIP_Process(Packet* p, SIPData* sessp, SIP_PROTO_CONF* config) { - int status; + bool status; char* sip_buff = (char*)p->data; char* end; SIP_Roptions* pRopts; diff --git a/src/service_inspectors/sip/sip_dialog.cc b/src/service_inspectors/sip/sip_dialog.cc index 170fd723e..7e4a7079b 100644 --- a/src/service_inspectors/sip/sip_dialog.cc +++ b/src/service_inspectors/sip/sip_dialog.cc @@ -42,7 +42,7 @@ static void SIP_updateMedias(SIP_MediaSession*, SIP_MediaList*); static int SIP_compareMedias(SIP_MediaDataList, SIP_MediaDataList); -static int SIP_checkMediaChange(SIPMsg* sipMsg, SIP_DialogData* dialog); +static bool SIP_checkMediaChange(SIPMsg* sipMsg, SIP_DialogData* dialog); static int SIP_processRequest(SIPMsg*, SIP_DialogData*, SIP_DialogList*, Packet*, SIP_PROTO_CONF*); static int SIP_processInvite(SIPMsg*, SIP_DialogData*, SIP_DialogList*); static int SIP_processACK(SIPMsg*, SIP_DialogData*, SIP_DialogList*, Packet*, SIP_PROTO_CONF*); @@ -144,12 +144,13 @@ static int SIP_processRequest(SIPMsg* sipMsg, SIP_DialogData* dialog, SIP_Dialog ********************************************************************/ static int SIP_processInvite(SIPMsg* sipMsg, SIP_DialogData* dialog, SIP_DialogList* dList) { - int ret = true; - DebugFormat(DEBUG_SIP, "Processing invite, dialog state %d \n", dialog->state); + bool ret = true; if (NULL == dialog) return false; + DebugFormat(DEBUG_SIP, "Processing invite, dialog state %d \n", dialog->state); + /*Check for the invite replay attack: authenticated invite without challenge*/ // check whether this invite has authorization information if ((SIP_DLG_AUTHENCATING != dialog->state) && (NULL != sipMsg->authorization)) @@ -334,7 +335,7 @@ static int SIP_processResponse(SIPMsg* sipMsg, SIP_DialogData* dialog, SIP_Dialo * true: media not changed * false: media changed ********************************************************************/ -static int SIP_checkMediaChange(SIPMsg* sipMsg, SIP_DialogData* dialog) +static bool SIP_checkMediaChange(SIPMsg* sipMsg, SIP_DialogData* dialog) { SIP_MediaSession* medias; diff --git a/src/service_inspectors/sip/sip_parser.cc b/src/service_inspectors/sip/sip_parser.cc index f6c5a906e..b4575f0ff 100644 --- a/src/service_inspectors/sip/sip_parser.cc +++ b/src/service_inspectors/sip/sip_parser.cc @@ -52,10 +52,10 @@ #define SIP_TAG_KEYWORD "tag=" #define SIP_TAG_KEYWORD_LEN 4 -static int sip_headers_parse(SIPMsg*, const char*, char*,char**, SIP_PROTO_CONF*); -static int sip_startline_parse(SIPMsg*, const char*, char*,char**, SIP_PROTO_CONF*); -static int sip_body_parse(SIPMsg*, const char*, char*, char**); -static int sip_check_headers(SIPMsg*, SIP_PROTO_CONF*); +static bool sip_headers_parse(SIPMsg*, const char*, char*,char**, SIP_PROTO_CONF*); +static bool sip_startline_parse(SIPMsg*, const char*, char*,char**, SIP_PROTO_CONF*); +static bool sip_body_parse(SIPMsg*, const char*, char*, char**); +static bool sip_check_headers(SIPMsg*, SIP_PROTO_CONF*); static int sip_parse_via(SIPMsg*, const char*, const char*, SIP_PROTO_CONF*); static int sip_parse_from(SIPMsg*, const char*, const char*, SIP_PROTO_CONF*); @@ -320,7 +320,7 @@ static inline int sip_is_valid_version(const char* start) * true ********************************************************************/ -static int sip_startline_parse(SIPMsg* msg, const char* buff, char* end, char** lineEnd, +static bool sip_startline_parse(SIPMsg* msg, const char* buff, char* end, char** lineEnd, SIP_PROTO_CONF* config) { char* next; @@ -458,7 +458,7 @@ static int sip_startline_parse(SIPMsg* msg, const char* buff, char* end, char** * false * true ********************************************************************/ -static int sip_headers_parse(SIPMsg* msg, const char* buff, char* end, char** headEnd, +static bool sip_headers_parse(SIPMsg* msg, const char* buff, char* end, char** headEnd, SIP_PROTO_CONF* config) { char* next; @@ -515,7 +515,7 @@ static int sip_headers_parse(SIPMsg* msg, const char* buff, char* end, char** he * false * true ********************************************************************/ -static int sip_body_parse(SIPMsg* msg, const char* buff, char* end, char** bodyEnd) +static bool sip_body_parse(SIPMsg* msg, const char* buff, char* end, char** bodyEnd) { int length; char* next; @@ -575,7 +575,7 @@ static int sip_body_parse(SIPMsg* msg, const char* buff, char* end, char** bodyE * false * true ********************************************************************/ -static int sip_check_headers(SIPMsg* msg, SIP_PROTO_CONF* config) +static bool sip_check_headers(SIPMsg* msg, SIP_PROTO_CONF* config) { int ret = true; if (0 == msg->fromLen) @@ -1254,11 +1254,11 @@ static int sip_parse_sdp_m(SIPMsg* msg, const char* start, const char* end) * false * true ********************************************************************/ -int sip_parse(SIPMsg* msg, const char* buff, char* end, SIP_PROTO_CONF* config) +bool sip_parse(SIPMsg* msg, const char* buff, char* end, SIP_PROTO_CONF* config) { char* nextIndex; char* start; - int status; + bool status; /*Initialize key values*/ msg->methodFlag = SIP_METHOD_NULL; diff --git a/src/service_inspectors/sip/sip_parser.h b/src/service_inspectors/sip/sip_parser.h index 9d809777a..f416c0eec 100644 --- a/src/service_inspectors/sip/sip_parser.h +++ b/src/service_inspectors/sip/sip_parser.h @@ -90,7 +90,7 @@ struct SIPMsg #define MAX_STAT_CODE 999 #define MIN_STAT_CODE 100 -int sip_parse(SIPMsg*, const char*, char*, SIP_PROTO_CONF*); +bool sip_parse(SIPMsg*, const char*, char*, SIP_PROTO_CONF*); void sip_freeMsg(SIPMsg* msg); void sip_freeMediaSession(SIP_MediaSession*); void sip_freeMediaList(SIP_MediaList medias); diff --git a/src/stream/ip/ip_session.cc b/src/stream/ip/ip_session.cc index 776367a85..79bbb0725 100644 --- a/src/stream/ip/ip_session.cc +++ b/src/stream/ip/ip_session.cc @@ -150,6 +150,7 @@ bool IpSession::setup(Packet*) ip_stats.sessions--; // Incremented in SESSION_STATS_ADD MODULE_PROFILE_END(ip_perf_stats); return false; + } #endif return true; } diff --git a/src/time/stopwatch_test.cc b/src/time/stopwatch_test.cc index 5ee728c7c..a183d4473 100644 --- a/src/time/stopwatch_test.cc +++ b/src/time/stopwatch_test.cc @@ -56,7 +56,7 @@ TEST_CASE( "stopwatch", "[time][stopwatch]" ) Clock::reset(); REQUIRE_FALSE( sw.active() ); - REQUIRE( sw.get() == 0_ticks ); + REQUIRE( (sw.get() == 0_ticks) ); SECTION( "start" ) { @@ -70,7 +70,7 @@ TEST_CASE( "stopwatch", "[time][stopwatch]" ) SECTION( "running elapsed time should be non-zero" ) { Clock::inc(); - CHECK( sw.get() > 0_ticks ); + CHECK( (sw.get() > 0_ticks) ); } SECTION( "start on running clock has no effect" ) @@ -115,7 +115,7 @@ TEST_CASE( "stopwatch", "[time][stopwatch]" ) { sw.reset(); CHECK_FALSE( sw.active() ); - CHECK( sw.get() == 0_ticks ); + CHECK( (sw.get() == 0_ticks) ); } SECTION( "reset on stopped clock" ) @@ -123,7 +123,7 @@ TEST_CASE( "stopwatch", "[time][stopwatch]" ) sw.stop(); sw.reset(); CHECK_FALSE( sw.active() ); - CHECK( sw.get() == 0_ticks ); + CHECK( (sw.get() == 0_ticks) ); } } @@ -134,7 +134,7 @@ TEST_CASE( "stopwatch", "[time][stopwatch]" ) { sw.cancel(); CHECK_FALSE( sw.active() ); - CHECK( sw.get() == 0_ticks ); + CHECK( (sw.get() == 0_ticks) ); } SECTION( "cancel on stopped clock that has lap time" ) diff --git a/src/utils/bitop_test.cc b/src/utils/bitop_test.cc index 58fc08f05..2359f162f 100644 --- a/src/utils/bitop_test.cc +++ b/src/utils/bitop_test.cc @@ -35,7 +35,7 @@ TEST_CASE( "bitop", "[bitop]" ) { bitop.set(6); - CHECK( bitop.get_buf_element(0) == 0x02 ); + CHECK( (bitop.get_buf_element(0) == 0x02) ); CHECK( bitop.is_set(6) ); CHECK_FALSE( bitop.is_set(7) ); @@ -48,6 +48,6 @@ TEST_CASE( "bitop", "[bitop]" ) SECTION( "size" ) { - CHECK( bitop.size() == 24 ); + CHECK( (bitop.size() == 24) ); } }