From: Victor Julien Date: Fri, 19 Aug 2022 09:08:04 +0000 (+0200) Subject: app-layer: specify direction in tx cleanup X-Git-Tag: suricata-7.0.0-beta1~144 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a1d728bb65eab0632a7bcbe9d2ef76fb3aec5501;p=thirdparty%2Fsuricata.git app-layer: specify direction in tx cleanup In preparation of per tx files storage. --- diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index a8eac56eff..78c6abd04a 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -6792,7 +6792,7 @@ static int HTPParserTest25(void) NULL, alp_tctx, f, ALPROTO_HTTP1, STREAM_TOCLIENT, (uint8_t *)str, strlen(str)); FAIL_IF_NOT(r == 0); - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, STREAM_TOCLIENT); uint64_t ret[4]; UTHAppLayerParserStateGetIds(f->alparser, &ret[0], &ret[1], &ret[2], &ret[3]); @@ -6804,7 +6804,7 @@ static int HTPParserTest25(void) r = AppLayerParserParse(NULL, alp_tctx, f, ALPROTO_HTTP1, STREAM_TOSERVER | STREAM_EOF, (uint8_t *)str, strlen(str)); FAIL_IF_NOT(r == 0); - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, STREAM_TOCLIENT); UTHAppLayerParserStateGetIds(f->alparser, &ret[0], &ret[1], &ret[2], &ret[3]); FAIL_IF_NOT(ret[0] == 8); // inspect_id[0] not updated by ..Cleanup() until full tx is done @@ -6815,7 +6815,7 @@ static int HTPParserTest25(void) r = AppLayerParserParse(NULL, alp_tctx, f, ALPROTO_HTTP1, STREAM_TOCLIENT | STREAM_EOF, (uint8_t *)str, strlen(str)); FAIL_IF_NOT(r == 0); - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, STREAM_TOCLIENT); UTHAppLayerParserStateGetIds(f->alparser, &ret[0], &ret[1], &ret[2], &ret[3]); FAIL_IF_NOT(ret[0] == 9); // inspect_id[0] diff --git a/src/app-layer-ike.c b/src/app-layer-ike.c index 110db2bd24..852d215824 100644 --- a/src/app-layer-ike.c +++ b/src/app-layer-ike.c @@ -166,7 +166,7 @@ static int IkeParserTest(void) sizeof(encrypted)); FAIL_IF_NOT(r == 0); - AppLayerParserTransactionsCleanup(&f); + AppLayerParserTransactionsCleanup(&f, STREAM_TOCLIENT); UTHAppLayerParserStateGetIds(f.alparser, &ret[0], &ret[1], &ret[2], &ret[3]); FAIL_IF_NOT(ret[0] == 5); // inspect_id[0] FAIL_IF_NOT(ret[1] == 5); // inspect_id[1] diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c index 6843b22ff8..2ace163b10 100644 --- a/src/app-layer-parser.c +++ b/src/app-layer-parser.c @@ -926,7 +926,7 @@ extern bool g_filedata_logger_enabled; /** * \brief remove obsolete (inspected and logged) transactions */ -void AppLayerParserTransactionsCleanup(Flow *f) +void AppLayerParserTransactionsCleanup(Flow *f, const uint8_t pkt_dir) { SCEnter(); DEBUG_ASSERT_FLOW_LOCKED(f); diff --git a/src/app-layer-parser.h b/src/app-layer-parser.h index aede85bf80..fb9f6510bd 100644 --- a/src/app-layer-parser.h +++ b/src/app-layer-parser.h @@ -298,7 +298,7 @@ void AppLayerParserStreamTruncated(uint8_t ipproto, AppProto alproto, void *alst AppLayerParserState *AppLayerParserStateAlloc(void); void AppLayerParserStateFree(AppLayerParserState *pstate); -void AppLayerParserTransactionsCleanup(Flow *f); +void AppLayerParserTransactionsCleanup(Flow *f, const uint8_t pkt_dir); #ifdef DEBUG void AppLayerParserStatePrintDetails(AppLayerParserState *pstate); diff --git a/src/app-layer-rfb.c b/src/app-layer-rfb.c index c070e37fa6..49f67b6d0a 100644 --- a/src/app-layer-rfb.c +++ b/src/app-layer-rfb.c @@ -132,14 +132,14 @@ static int RFBParserTest(void) NULL, alp_tctx, f, ALPROTO_RFB, STREAM_TOCLIENT, (uint8_t *)server_init, sizeof(server_init)); FAIL_IF_NOT(r == 0); - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, STREAM_TOCLIENT); UTHAppLayerParserStateGetIds(f->alparser, &ret[0], &ret[1], &ret[2], &ret[3]); FAIL_IF_NOT(ret[0] == 1); // inspect_id[0] FAIL_IF_NOT(ret[1] == 1); // inspect_id[1] FAIL_IF_NOT(ret[2] == 1); // log_id FAIL_IF_NOT(ret[3] == 1); // min_id - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, STREAM_TOCLIENT); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); UTHFreeFlow(f); diff --git a/src/app-layer-smb.c b/src/app-layer-smb.c index 776e1c2381..a1c3afaaca 100644 --- a/src/app-layer-smb.c +++ b/src/app-layer-smb.c @@ -111,7 +111,7 @@ static int SMBParserTxCleanupTest(void) FAIL_IF_NOT(r == 0); req_str[28]++; - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, STREAM_TOSERVER); UTHAppLayerParserStateGetIds(f->alparser, &ret[0], &ret[1], &ret[2], &ret[3]); FAIL_IF_NOT(ret[0] == 0); // inspect_id[0] FAIL_IF_NOT(ret[1] == 0); // inspect_id[1] @@ -157,7 +157,7 @@ static int SMBParserTxCleanupTest(void) r = AppLayerParserParse(NULL, alp_tctx, f, ALPROTO_SMB, STREAM_TOCLIENT, (uint8_t *)resp_str, sizeof(resp_str)); FAIL_IF_NOT(r == 0); - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, STREAM_TOCLIENT); UTHAppLayerParserStateGetIds(f->alparser, &ret[0], &ret[1], &ret[2], &ret[3]); FAIL_IF_NOT(ret[0] == 2); // inspect_id[0] @@ -169,7 +169,7 @@ static int SMBParserTxCleanupTest(void) r = AppLayerParserParse(NULL, alp_tctx, f, ALPROTO_SMB, STREAM_TOCLIENT, (uint8_t *)resp_str, sizeof(resp_str)); FAIL_IF_NOT(r == 0); - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, STREAM_TOCLIENT); UTHAppLayerParserStateGetIds(f->alparser, &ret[0], &ret[1], &ret[2], &ret[3]); FAIL_IF_NOT(ret[0] == 8); // inspect_id[0] @@ -181,7 +181,7 @@ static int SMBParserTxCleanupTest(void) r = AppLayerParserParse(NULL, alp_tctx, f, ALPROTO_SMB, STREAM_TOSERVER | STREAM_EOF, (uint8_t *)req_str, sizeof(req_str)); FAIL_IF_NOT(r == 0); - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, STREAM_TOSERVER); UTHAppLayerParserStateGetIds(f->alparser, &ret[0], &ret[1], &ret[2], &ret[3]); FAIL_IF_NOT(ret[0] == 8); // inspect_id[0] not updated by ..Cleanup() until full tx is done @@ -193,7 +193,7 @@ static int SMBParserTxCleanupTest(void) r = AppLayerParserParse(NULL, alp_tctx, f, ALPROTO_SMB, STREAM_TOCLIENT | STREAM_EOF, (uint8_t *)resp_str, sizeof(resp_str)); FAIL_IF_NOT(r == 0); - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, STREAM_TOCLIENT); UTHAppLayerParserStateGetIds(f->alparser, &ret[0], &ret[1], &ret[2], &ret[3]); FAIL_IF_NOT(ret[0] == 9); // inspect_id[0] diff --git a/src/flow-worker.c b/src/flow-worker.c index 66fa73baad..b5a8895aa8 100644 --- a/src/flow-worker.c +++ b/src/flow-worker.c @@ -449,7 +449,7 @@ static void FlowWorkerFlowTimeout(ThreadVars *tv, Packet *p, FlowWorkerThreadDat FLOWWORKER_PROFILING_END(p, PROFILE_FLOWWORKER_TCPPRUNE); /* run tx cleanup last */ - AppLayerParserTransactionsCleanup(p->flow); + AppLayerParserTransactionsCleanup(p->flow, STREAM_FLAGS_FOR_PACKET(p)); FlowDeReference(&p->flow); /* flow is unlocked later in FlowFinish() */ @@ -592,7 +592,7 @@ static TmEcode FlowWorker(ThreadVars *tv, Packet *p, void *data) } /* run tx cleanup last */ - AppLayerParserTransactionsCleanup(p->flow); + AppLayerParserTransactionsCleanup(p->flow, STREAM_FLAGS_FOR_PACKET(p)); Flow *f = p->flow; FlowDeReference(&p->flow); diff --git a/src/tests/fuzz/fuzz_applayerparserparse.c b/src/tests/fuzz/fuzz_applayerparserparse.c index a7c7653673..6da5b78b1c 100644 --- a/src/tests/fuzz/fuzz_applayerparserparse.c +++ b/src/tests/fuzz/fuzz_applayerparserparse.c @@ -169,7 +169,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) break; } - AppLayerParserTransactionsCleanup(f); + AppLayerParserTransactionsCleanup(f, flags & (STREAM_TOSERVER | STREAM_TOCLIENT)); } alsize -= alnext - albuffer + 4; albuffer = alnext + 4;