From: Victor Julien <vjulien@oisf.net>
Date: Fri, 5 Jan 2024 11:56:24 +0000 (+0100)
Subject: detect/iponly: move parsing only fields to init_data
X-Git-Tag: suricata-8.0.0-beta1~1732
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=976d8e65ae697cb34aca3f7c4fb6e8f92303a060;p=thirdparty%2Fsuricata.git

detect/iponly: move parsing only fields to init_data

IP-only parse results were not used at runtime.
---

diff --git a/src/detect-engine-build.c b/src/detect-engine-build.c
index 0c07150e69..605a568238 100644
--- a/src/detect-engine-build.c
+++ b/src/detect-engine-build.c
@@ -1921,6 +1921,12 @@ static int SigMatchPrepare(DetectEngineCtx *de_ctx)
                 sm = nsm;
             }
         }
+        if (s->init_data->cidr_dst != NULL)
+            IPOnlyCIDRListFree(s->init_data->cidr_dst);
+
+        if (s->init_data->cidr_src != NULL)
+            IPOnlyCIDRListFree(s->init_data->cidr_src);
+
         SCFree(s->init_data->buffers);
         SCFree(s->init_data);
         s->init_data = NULL;
diff --git a/src/detect-engine-iponly.c b/src/detect-engine-iponly.c
index 3bd1eb0497..1d3d8ceb94 100644
--- a/src/detect-engine-iponly.c
+++ b/src/detect-engine-iponly.c
@@ -872,10 +872,10 @@ int IPOnlySigParseAddress(const DetectEngineCtx *de_ctx,
     if (flag == 0) {
         if (strcasecmp(addrstr, "any") == 0) {
             s->flags |= SIG_FLAG_SRC_ANY;
-            if (IPOnlyCIDRListParse(de_ctx, &s->cidr_src, "[0.0.0.0/0,::/0]") < 0)
+            if (IPOnlyCIDRListParse(de_ctx, &s->init_data->cidr_src, "[0.0.0.0/0,::/0]") < 0)
                 goto error;
 
-        } else if (IPOnlyCIDRListParse(de_ctx, &s->cidr_src, (char *)addrstr) < 0) {
+        } else if (IPOnlyCIDRListParse(de_ctx, &s->init_data->cidr_src, (char *)addrstr) < 0) {
             goto error;
         }
 
@@ -883,10 +883,10 @@ int IPOnlySigParseAddress(const DetectEngineCtx *de_ctx,
     } else {
         if (strcasecmp(addrstr, "any") == 0) {
             s->flags |= SIG_FLAG_DST_ANY;
-            if (IPOnlyCIDRListParse(de_ctx, &s->cidr_dst, "[0.0.0.0/0,::/0]") < 0)
+            if (IPOnlyCIDRListParse(de_ctx, &s->init_data->cidr_dst, "[0.0.0.0/0,::/0]") < 0)
                 goto error;
 
-        } else if (IPOnlyCIDRListParse(de_ctx, &s->cidr_dst, (char *)addrstr) < 0) {
+        } else if (IPOnlyCIDRListParse(de_ctx, &s->init_data->cidr_dst, (char *)addrstr) < 0) {
             goto error;
         }
 
@@ -1567,23 +1567,23 @@ void IPOnlyAddSignature(DetectEngineCtx *de_ctx, DetectEngineIPOnlyCtx *io_ctx,
     SCLogDebug("Adding IPs from rule: %" PRIu32 " (%s) as %" PRIu32 " mapped to %" PRIu32 "\n",
             s->id, s->msg, s->num, mapped_signum);
     /* Set the internal signum to the list before merging */
-    IPOnlyCIDRListSetSigNum(s->cidr_src, mapped_signum);
+    IPOnlyCIDRListSetSigNum(s->init_data->cidr_src, mapped_signum);
 
-    IPOnlyCIDRListSetSigNum(s->cidr_dst, mapped_signum);
+    IPOnlyCIDRListSetSigNum(s->init_data->cidr_dst, mapped_signum);
 
     /**
      * ipv4 and ipv6 are mixed, but later we will separate them into
      * different trees
      */
-    io_ctx->ip_src = IPOnlyCIDRItemInsert(io_ctx->ip_src, s->cidr_src);
-    io_ctx->ip_dst = IPOnlyCIDRItemInsert(io_ctx->ip_dst, s->cidr_dst);
+    io_ctx->ip_src = IPOnlyCIDRItemInsert(io_ctx->ip_src, s->init_data->cidr_src);
+    io_ctx->ip_dst = IPOnlyCIDRItemInsert(io_ctx->ip_dst, s->init_data->cidr_dst);
 
     if (mapped_signum > io_ctx->max_idx)
         io_ctx->max_idx = mapped_signum;
 
     /** no longer ref to this, it's in the table now */
-    s->cidr_src = NULL;
-    s->cidr_dst = NULL;
+    s->init_data->cidr_src = NULL;
+    s->init_data->cidr_dst = NULL;
 }
 
 #ifdef UNITTESTS
diff --git a/src/detect-parse.c b/src/detect-parse.c
index e1c073efd6..c297caecbc 100644
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -1645,12 +1645,6 @@ void SigFree(DetectEngineCtx *de_ctx, Signature *s)
     if (s == NULL)
         return;
 
-    if (s->cidr_dst != NULL)
-        IPOnlyCIDRListFree(s->cidr_dst);
-
-    if (s->cidr_src != NULL)
-        IPOnlyCIDRListFree(s->cidr_src);
-
     int i;
 
     if (s->init_data && s->init_data->transforms.cnt) {
@@ -1681,6 +1675,12 @@ void SigFree(DetectEngineCtx *de_ctx, Signature *s)
                 sm = nsm;
             }
         }
+        if (s->init_data->cidr_dst != NULL)
+            IPOnlyCIDRListFree(s->init_data->cidr_dst);
+
+        if (s->init_data->cidr_src != NULL)
+            IPOnlyCIDRListFree(s->init_data->cidr_src);
+
         SCFree(s->init_data->buffers);
         s->init_data->buffers = NULL;
     }
diff --git a/src/detect.h b/src/detect.h
index 76c6d2b66f..1c2fc3d50a 100644
--- a/src/detect.h
+++ b/src/detect.h
@@ -547,6 +547,9 @@ typedef struct SignatureInitData_ {
     /* used at init to determine max dsize */
     SigMatch *dsize_sm;
 
+    /** netblocks and hosts specified at the sid, in CIDR format */
+    IPOnlyCIDRItem *cidr_src, *cidr_dst;
+
     /* list id for `mpm_sm`. Should always match `SigMatchListSMBelongsTo(s, mpm_sm)`. */
     int mpm_sm_list;
     /* the fast pattern added from this signature */
@@ -633,9 +636,6 @@ typedef struct Signature_ {
     uint16_t profiling_id;
 #endif
 
-    /** netblocks and hosts specified at the sid, in CIDR format */
-    IPOnlyCIDRItem *cidr_src, *cidr_dst;
-
     DetectEngineAppInspectionEngine *app_inspect;
     DetectEnginePktInspectionEngine *pkt_inspect;
     DetectEngineFrameInspectionEngine *frame_inspect;