From: Unnikrishnan M (umunnikr) <umunnikr@cisco.com>
Date: Thu, 1 Aug 2024 17:45:23 +0000 (+0000)
Subject: Pull request #4294: file_api: set max file depth as part of snort configuration
X-Git-Tag: 3.3.3.0~12
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ac9989231f92341cb3b1a7b3805f8ae36f18ee19;p=thirdparty%2Fsnort3.git

Pull request #4294: file_api: set max file depth as part of snort configuration

Merge in SNORT/snort3 from ~UMUNNIKR/snort3:file_race_condition_fix to master

Squashed commit of the following:

commit 181b94d110f4736315a41c66d9979947d46022d1
Author: Unnikrishnan M <umunnikr@cisco.com>
Date:   Thu Feb 15 09:48:35 2024 +0530

    file_api: max depth is set as part of initial config
---

diff --git a/src/file_api/file_inspect.cc b/src/file_api/file_inspect.cc
index 02d488abd..2b9abfcbe 100644
--- a/src/file_api/file_inspect.cc
+++ b/src/file_api/file_inspect.cc
@@ -1,5 +1,5 @@
 //--------------------------------------------------------------------------
-// Copyright (C) 2014-2023 Cisco and/or its affiliates. All rights reserved.
+// Copyright (C) 2014-2024 Cisco and/or its affiliates. All rights reserved.
 // Copyright (C) 2012-2013 Sourcefire, Inc.
 //
 // This program is free software; you can redistribute it and/or modify it
@@ -50,7 +50,7 @@ FileInspect:: ~FileInspect()
         delete config;
 }
 
-bool FileInspect::configure(SnortConfig*)
+bool FileInspect::configure(SnortConfig* sc)
 {
     if (!config)
         return true;
@@ -63,6 +63,8 @@ bool FileInspect::configure(SnortConfig*)
         file_cache->set_max_files(config->max_files_cached);
     }
 
+    FileService::set_max_file_depth(sc);
+
     return true;
 }
 
diff --git a/src/file_api/file_service.cc b/src/file_api/file_service.cc
index 5f076679a..a87ac0f6f 100644
--- a/src/file_api/file_service.cc
+++ b/src/file_api/file_service.cc
@@ -150,49 +150,44 @@ bool FileService::is_file_service_enabled()
 /* Get maximal file depth based on configuration
  * This function must be called after all file services are configured/enabled.
  */
-int64_t FileService::get_max_file_depth()
+int64_t FileService::get_max_file_depth(FileConfig *fc)
 {
-    FileConfig* file_config = get_file_config();
+    FileConfig* file_config = fc ? fc : get_file_config();
 
     if (!file_config)
         return -1;
 
-    if (file_config->file_depth)
+    if (file_config->file_depth > 0)
         return file_config->file_depth;
 
-    file_config->file_depth = -1;
+    return -1;
+}
+
+void FileService::set_max_file_depth(const SnortConfig* sc)
+{
+    FileConfig* file_config = get_file_config(sc);
+
+    if (!file_config)
+        return;
 
     if (file_type_id_enabled)
     {
         file_config->file_depth = file_config->file_type_depth;
     }
 
-    if (file_signature_enabled)
+    if ((file_signature_enabled) and
+        (file_config->file_signature_depth > file_config->file_depth))
     {
-        if (file_config->file_signature_depth > file_config->file_depth)
-            file_config->file_depth = file_config->file_signature_depth;
+        file_config->file_depth = file_config->file_signature_depth;
     }
 
     if (file_config->file_depth > 0)
     {
         /*Extra byte for deciding whether file data will be over limit*/
         file_config->file_depth++;
-        return (file_config->file_depth);
     }
-    else
-    {
-        return -1;
-    }
-}
-
-void FileService::reset_depths()
-{
-    FileConfig* file_config = get_file_config();
-
-    if (file_config)
-        file_config->file_depth = 0;
 
-    decode_conf.sync_all_depths();
+    return;
 }
 
 namespace snort
diff --git a/src/file_api/file_service.h b/src/file_api/file_service.h
index 6698a74ed..f13634aeb 100644
--- a/src/file_api/file_service.h
+++ b/src/file_api/file_service.h
@@ -30,6 +30,7 @@
 
 class FileEnforcer;
 class FileCache;
+class FileConfig;
 
 namespace snort
 {
@@ -58,8 +59,8 @@ public:
     static bool is_file_signature_enabled() { return file_signature_enabled; }
     static bool is_file_capture_enabled() { return file_capture_enabled; }
     static bool is_file_service_enabled();
-    static int64_t get_max_file_depth();
-    static void reset_depths();
+    static int64_t get_max_file_depth(FileConfig* = nullptr);
+    static void set_max_file_depth(const SnortConfig*);
 
     static FileCache* get_file_cache() { return file_cache; }
     static DecodeConfig decode_conf;
diff --git a/src/mime/file_mime_config.cc b/src/mime/file_mime_config.cc
index 9776dcfd0..56a9c52db 100644
--- a/src/mime/file_mime_config.cc
+++ b/src/mime/file_mime_config.cc
@@ -28,6 +28,7 @@
 
 #include "log/messages.h"
 #include "file_api/file_service.h"
+#include "file_api/file_config.h"
 
 using namespace snort;
 
@@ -142,9 +143,9 @@ bool DecodeConfig::is_decoding_enabled() const
 }
 
 // update file depth and max_depth etc
-void DecodeConfig::sync_all_depths()
+void DecodeConfig::sync_all_depths(const SnortConfig* sc)
 {
-    file_depth = FileService::get_max_file_depth();
+    file_depth = FileService::get_max_file_depth(get_file_config(sc));
     decode_enabled = (file_depth >= 0) or (b64_depth >= 0) or (qp_depth >= 0) or
         (bitenc_depth >= 0) or (uu_depth >= 0);
 }
diff --git a/src/mime/file_mime_config.h b/src/mime/file_mime_config.h
index 3c3625624..7f335d27e 100644
--- a/src/mime/file_mime_config.h
+++ b/src/mime/file_mime_config.h
@@ -23,6 +23,7 @@
 
 // List of MIME decode and log configuration functions
 #include "main/snort_types.h"
+#include "main/snort_config.h"
 
 /*These are temporary values*/
 #define DEFAULT_MIME_MEMCAP           838860
@@ -71,7 +72,7 @@ public:
 
     int64_t get_file_depth() const;
     bool is_decoding_enabled() const;
-    void sync_all_depths();
+    void sync_all_depths(const SnortConfig*);
     void show(bool = false) const;
     int get_max_depth(int) const;
 
diff --git a/src/service_inspectors/http_inspect/http_inspect.cc b/src/service_inspectors/http_inspect/http_inspect.cc
index c4f9b37c6..3e353794c 100755
--- a/src/service_inspectors/http_inspect/http_inspect.cc
+++ b/src/service_inspectors/http_inspect/http_inspect.cc
@@ -137,10 +137,10 @@ HttpInspect::~HttpInspect()
     delete script_finder;
 }
 
-bool HttpInspect::configure(SnortConfig*)
+bool HttpInspect::configure(SnortConfig* sc)
 {
     params->js_norm_param.configure();
-    params->mime_decode_conf->sync_all_depths();
+    params->mime_decode_conf->sync_all_depths(sc);
     pub_id = DataBus::get_id(http_pub_key);
 
     return true;
diff --git a/src/service_inspectors/imap/imap.cc b/src/service_inspectors/imap/imap.cc
index cd5b4e677..cbe4a1e7c 100644
--- a/src/service_inspectors/imap/imap.cc
+++ b/src/service_inspectors/imap/imap.cc
@@ -787,9 +787,9 @@ Imap::~Imap()
         delete config;
 }
 
-bool Imap::configure(SnortConfig*)
+bool Imap::configure(SnortConfig* sc)
 {
-    config->decode_conf.sync_all_depths();
+    config->decode_conf.sync_all_depths(sc);
 
     if (config->decode_conf.get_file_depth() > -1)
         config->log_config.log_filename = true;
diff --git a/src/service_inspectors/pop/pop.cc b/src/service_inspectors/pop/pop.cc
index fc82f8a44..c09c4025f 100644
--- a/src/service_inspectors/pop/pop.cc
+++ b/src/service_inspectors/pop/pop.cc
@@ -723,9 +723,9 @@ Pop::~Pop()
         delete config;
 }
 
-bool Pop::configure(SnortConfig* )
+bool Pop::configure(SnortConfig* sc)
 {
-    config->decode_conf.sync_all_depths();
+    config->decode_conf.sync_all_depths(sc);
 
     if (config->decode_conf.get_file_depth() > -1)
         config->log_config.log_filename = true;
diff --git a/src/service_inspectors/smtp/smtp.cc b/src/service_inspectors/smtp/smtp.cc
index cdcff88b1..0879d8885 100644
--- a/src/service_inspectors/smtp/smtp.cc
+++ b/src/service_inspectors/smtp/smtp.cc
@@ -1560,11 +1560,11 @@ Smtp::~Smtp()
     delete config;
 }
 
-bool Smtp::configure(SnortConfig*)
+bool Smtp::configure(SnortConfig* sc)
 {
     SMTP_RegXtraDataFuncs(config);
 
-    config->decode_conf.sync_all_depths();
+    config->decode_conf.sync_all_depths(sc);
 
     if (config->decode_conf.get_file_depth() > -1)
         config->log_config.log_filename = true;