From: Philippe Antoine Date: Tue, 10 Jun 2025 07:33:19 +0000 (+0200) Subject: rust: bindgen SCAppLayerParserStateIssetFlag X-Git-Tag: suricata-8.0.0-rc1~96 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b29d46d81f0b394f3976e7268aa0a856b16196b1;p=thirdparty%2Fsuricata.git rust: bindgen SCAppLayerParserStateIssetFlag Ticket: 7667 --- diff --git a/doc/userguide/devguide/extending/app-layer/parser.rst b/doc/userguide/devguide/extending/app-layer/parser.rst index 262ed89ba2..b8d7da350c 100644 --- a/doc/userguide/devguide/extending/app-layer/parser.rst +++ b/doc/userguide/devguide/extending/app-layer/parser.rst @@ -35,7 +35,7 @@ In Rust, the callbacks are similar. #[no_mangle] pub extern "C" fn rs_dns_parse_response_tcp(_flow: *const core::Flow, state: *mut std::os::raw::c_void, - _pstate: *mut std::os::raw::c_void, + _pstate: *mut AppLayerParserState, input: *const u8, input_len: u32, _data: *const std::os::raw::c_void, diff --git a/examples/plugins/altemplate/src/template.rs b/examples/plugins/altemplate/src/template.rs index 3674143baa..48dc4c48f1 100644 --- a/examples/plugins/altemplate/src/template.rs +++ b/examples/plugins/altemplate/src/template.rs @@ -28,17 +28,19 @@ use std::ffi::CString; use std::os::raw::{c_char, c_int, c_void}; use suricata::applayer::{ state_get_tx_iterator, AppLayerEvent, AppLayerParserConfParserEnabled, - AppLayerParserRegisterLogger, AppLayerParserStateIssetFlag, AppLayerRegisterParser, - AppLayerRegisterProtocolDetection, AppLayerResult, AppLayerStateData, AppLayerTxData, - RustParser, State, StreamSlice, Transaction, APP_LAYER_PARSER_EOF_TC, APP_LAYER_PARSER_EOF_TS, - APP_LAYER_PARSER_OPT_ACCEPT_GAPS, + AppLayerParserRegisterLogger, AppLayerRegisterParser, AppLayerRegisterProtocolDetection, + AppLayerResult, AppLayerStateData, AppLayerTxData, RustParser, State, StreamSlice, Transaction, + APP_LAYER_PARSER_EOF_TC, APP_LAYER_PARSER_EOF_TS, APP_LAYER_PARSER_OPT_ACCEPT_GAPS, }; use suricata::conf::conf_get; use suricata::core::{ALPROTO_UNKNOWN, IPPROTO_TCP}; use suricata::{ build_slice, cast_pointer, export_state_data_get, export_tx_data_get, SCLogError, SCLogNotice, }; -use suricata_sys::sys::{AppProto, Flow, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, Flow, SCAppLayerParserStateIssetFlag, + SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; static mut TEMPLATE_MAX_TX: usize = 256; @@ -296,10 +298,10 @@ unsafe extern "C" fn template_state_tx_free(state: *mut c_void, tx_id: u64) { } unsafe extern "C" fn template_parse_request( - _flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + _flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { - let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0; + let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0; if eof { // If needed, handle EOF, or pass it into the parser. @@ -320,10 +322,10 @@ unsafe extern "C" fn template_parse_request( } unsafe extern "C" fn template_parse_response( - _flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + _flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { - let _eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0; + let _eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0; let state = cast_pointer!(state, TemplateState); if stream_slice.is_gap() { diff --git a/rust/src/applayer.rs b/rust/src/applayer.rs index a11cc8b2f5..c68a3b88cc 100644 --- a/rust/src/applayer.rs +++ b/rust/src/applayer.rs @@ -29,7 +29,7 @@ use crate::core::StreamingBufferConfig; // Make the AppLayerEvent derive macro available to users importing // AppLayerEvent from this module. pub use suricata_derive::AppLayerEvent; -use suricata_sys::sys::AppProto; +use suricata_sys::sys::{AppLayerParserState, AppProto}; /// Cast pointer to a variable, as a mutable reference to an object /// @@ -481,7 +481,7 @@ impl AppLayerGetFileState { pub type ParseFn = unsafe extern "C" fn (flow: *mut Flow, state: *mut c_void, - pstate: *mut c_void, + pstate: *mut AppLayerParserState, stream_slice: StreamSlice, data: *const c_void) -> AppLayerResult; pub type ProbeFn = unsafe extern "C" fn (flow: *const Flow, flags: u8, input:*const u8, input_len: u32, rdir: *mut u8) -> AppProto; @@ -537,7 +537,6 @@ pub const APP_LAYER_TX_ACCEPT: u8 = BIT_U8!(4); /// cbindgen:ignore extern "C" { - pub fn AppLayerParserStateIssetFlag(state: *mut c_void, flag: u16) -> u16; pub fn AppLayerParserSetStreamDepth(ipproto: u8, alproto: AppProto, stream_depth: u32); pub fn AppLayerParserConfParserEnabled(ipproto: *const c_char, proto: *const c_char) -> c_int; pub fn AppLayerParserRegisterLogger(pproto: u8, alproto: AppProto); diff --git a/rust/src/applayertemplate/template.rs b/rust/src/applayertemplate/template.rs index 529ae16c37..05c0ba60da 100644 --- a/rust/src/applayertemplate/template.rs +++ b/rust/src/applayertemplate/template.rs @@ -25,7 +25,10 @@ use std; use std::collections::VecDeque; use std::ffi::CString; use std::os::raw::{c_char, c_int, c_void}; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag, + SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; static mut TEMPLATE_MAX_TX: usize = 256; @@ -283,10 +286,10 @@ unsafe extern "C" fn template_state_tx_free(state: *mut c_void, tx_id: u64) { } unsafe extern "C" fn template_parse_request( - _flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + _flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { - let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0; + let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0; if eof { // If needed, handle EOF, or pass it into the parser. @@ -307,10 +310,10 @@ unsafe extern "C" fn template_parse_request( } unsafe extern "C" fn template_parse_response( - _flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + _flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { - let _eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0; + let _eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0; let state = cast_pointer!(state, TemplateState); if stream_slice.is_gap() { diff --git a/rust/src/bittorrent_dht/bittorrent_dht.rs b/rust/src/bittorrent_dht/bittorrent_dht.rs index 1946b6070a..8ebf232687 100644 --- a/rust/src/bittorrent_dht/bittorrent_dht.rs +++ b/rust/src/bittorrent_dht/bittorrent_dht.rs @@ -15,8 +15,8 @@ * 02110-1301, USA. */ - use suricata_sys::sys::{ - AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCS, }; @@ -54,10 +54,10 @@ pub struct BitTorrentDHTTransaction { impl BitTorrentDHTTransaction { pub fn new(direction: Direction) -> Self { - Self { - tx_data: AppLayerTxData::for_direction(direction), - ..Default::default() - } + Self { + tx_data: AppLayerTxData::for_direction(direction), + ..Default::default() + } } /// Set an event on the transaction @@ -160,35 +160,42 @@ unsafe extern "C" fn state_free(state: *mut std::os::raw::c_void) { std::mem::drop(Box::from_raw(state as *mut BitTorrentDHTState)); } -unsafe extern "C" fn state_tx_free( - state: *mut std::os::raw::c_void, tx_id: u64, -) { +unsafe extern "C" fn state_tx_free(state: *mut std::os::raw::c_void, tx_id: u64) { let state = cast_pointer!(state, BitTorrentDHTState); state.free_tx(tx_id); } unsafe extern "C" fn parse_ts( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { return parse( - _flow, state, _pstate, stream_slice, - _data, Direction::ToServer); + _flow, + state, + _pstate, + stream_slice, + _data, + Direction::ToServer, + ); } unsafe extern "C" fn parse_tc( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { return parse( - _flow, state, _pstate, stream_slice, - _data, Direction::ToClient); + _flow, + state, + _pstate, + stream_slice, + _data, + Direction::ToClient, + ); } unsafe extern "C" fn parse( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, - stream_slice: StreamSlice, _data: *const std::os::raw::c_void, - direction: Direction, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const std::os::raw::c_void, direction: Direction, ) -> AppLayerResult { let state = cast_pointer!(state, BitTorrentDHTState); let buf = stream_slice.as_slice(); @@ -209,9 +216,7 @@ unsafe extern "C" fn state_get_tx( } } -unsafe extern "C" fn state_get_tx_count( - state: *mut std::os::raw::c_void, -) -> u64 { +unsafe extern "C" fn state_get_tx_count(state: *mut std::os::raw::c_void) -> u64 { let state = cast_pointer!(state, BitTorrentDHTState); return state.tx_id; } diff --git a/rust/src/dcerpc/dcerpc.rs b/rust/src/dcerpc/dcerpc.rs index fef4cce7ef..2c970dc347 100644 --- a/rust/src/dcerpc/dcerpc.rs +++ b/rust/src/dcerpc/dcerpc.rs @@ -25,7 +25,7 @@ use nom7::error::{Error, ErrorKind}; use nom7::number::Endianness; use nom7::{Err, IResult, Needed}; use suricata_sys::sys::{ - AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCSwPP, }; use std; @@ -1024,7 +1024,7 @@ fn evaluate_stub_params( } unsafe extern "C" fn parse_request( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { @@ -1048,7 +1048,7 @@ unsafe extern "C" fn parse_request( } unsafe extern "C" fn parse_response( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { diff --git a/rust/src/dcerpc/dcerpc_udp.rs b/rust/src/dcerpc/dcerpc_udp.rs index 730818fd37..745f7c1f47 100644 --- a/rust/src/dcerpc/dcerpc_udp.rs +++ b/rust/src/dcerpc/dcerpc_udp.rs @@ -25,7 +25,7 @@ use crate::direction::{Direction, DIR_BOTH}; use crate::flow::Flow; use nom7::Err; use suricata_sys::sys::{ - AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCSwPP, }; use std; @@ -237,7 +237,7 @@ impl DCERPCUDPState { } unsafe extern "C" fn parse( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { diff --git a/rust/src/dhcp/dhcp.rs b/rust/src/dhcp/dhcp.rs index 9f3b4d8761..2e5a5fb4e4 100644 --- a/rust/src/dhcp/dhcp.rs +++ b/rust/src/dhcp/dhcp.rs @@ -15,7 +15,9 @@ * 02110-1301, USA. */ -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; use crate::applayer::{self, *}; use crate::core::{ALPROTO_UNKNOWN, IPPROTO_UDP}; @@ -224,7 +226,7 @@ unsafe extern "C" fn dhcp_state_get_tx_count(state: *mut std::os::raw::c_void) - } unsafe extern "C" fn dhcp_parse( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, DHCPState); diff --git a/rust/src/dns/dns.rs b/rust/src/dns/dns.rs index a565d02d6f..6da3885abd 100644 --- a/rust/src/dns/dns.rs +++ b/rust/src/dns/dns.rs @@ -32,7 +32,8 @@ use crate::frames::Frame; use nom7::number::streaming::be_u16; use nom7::{Err, IResult}; use suricata_sys::sys::{ - AppProto, DetectEngineThreadCtx, SCAppLayerProtoDetectConfProtoDetectionEnabled, + AppLayerParserState, AppProto, DetectEngineThreadCtx, + SCAppLayerProtoDetectConfProtoDetectionEnabled, }; /// DNS record types. @@ -936,7 +937,7 @@ pub(crate) unsafe extern "C" fn state_tx_free(state: *mut std::os::raw::c_void, /// C binding parse a DNS request. Returns 1 on success, -1 on failure. pub(crate) unsafe extern "C" fn parse_request( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, DNSState); @@ -945,7 +946,7 @@ pub(crate) unsafe extern "C" fn parse_request( } unsafe extern "C" fn parse_response( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, DNSState); @@ -955,7 +956,7 @@ unsafe extern "C" fn parse_response( /// C binding parse a DNS request. Returns 1 on success, -1 on failure. unsafe extern "C" fn parse_request_tcp( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, DNSState); @@ -968,7 +969,7 @@ unsafe extern "C" fn parse_request_tcp( } unsafe extern "C" fn parse_response_tcp( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, DNSState); diff --git a/rust/src/enip/enip.rs b/rust/src/enip/enip.rs index 8e2e23c5fd..3ff7c4f632 100644 --- a/rust/src/enip/enip.rs +++ b/rust/src/enip/enip.rs @@ -29,7 +29,10 @@ use std; use std::collections::VecDeque; use std::ffi::CString; use std::os::raw::{c_char, c_int, c_void}; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag, + SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; pub(super) static mut ALPROTO_ENIP: AppProto = ALPROTO_UNKNOWN; @@ -493,26 +496,26 @@ unsafe extern "C" fn enip_state_tx_free(state: *mut c_void, tx_id: u64) { } unsafe extern "C" fn enip_parse_request_udp( - flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { let state = cast_pointer!(state, EnipState); state.parse_udp(stream_slice, true, flow) } unsafe extern "C" fn enip_parse_response_udp( - flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { let state = cast_pointer!(state, EnipState); state.parse_udp(stream_slice, false, flow) } unsafe extern "C" fn enip_parse_request_tcp( - flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { - let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0; + let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0; if eof { return AppLayerResult::ok(); } @@ -528,10 +531,10 @@ unsafe extern "C" fn enip_parse_request_tcp( } unsafe extern "C" fn enip_parse_response_tcp( - flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { - let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0; + let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0; if eof { return AppLayerResult::ok(); } diff --git a/rust/src/http2/http2.rs b/rust/src/http2/http2.rs index badec7e0c1..4502180809 100644 --- a/rust/src/http2/http2.rs +++ b/rust/src/http2/http2.rs @@ -39,7 +39,8 @@ use std::ffi::CString; use std::fmt; use std::io; use suricata_sys::sys::{ - AppProto, SCAppLayerForceProtocolChange, SCAppLayerProtoDetectConfProtoDetectionEnabled, + AppLayerParserState, AppProto, SCAppLayerForceProtocolChange, + SCAppLayerProtoDetectConfProtoDetectionEnabled, }; static mut ALPROTO_HTTP2: AppProto = ALPROTO_UNKNOWN; @@ -1463,7 +1464,7 @@ unsafe extern "C" fn http2_state_tx_free(state: *mut std::os::raw::c_void, tx_id } unsafe extern "C" fn http2_parse_ts( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, HTTP2State); @@ -1471,7 +1472,7 @@ unsafe extern "C" fn http2_parse_ts( } unsafe extern "C" fn http2_parse_tc( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, HTTP2State); diff --git a/rust/src/ike/ike.rs b/rust/src/ike/ike.rs index 8823c118d6..b63cd82d0b 100644 --- a/rust/src/ike/ike.rs +++ b/rust/src/ike/ike.rs @@ -29,10 +29,12 @@ use crate::ike::ikev1::{handle_ikev1, IkeV1Header, Ikev1Container}; use crate::ike::ikev2::{handle_ikev2, Ikev2Container}; use crate::ike::parser::*; use nom7::Err; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; use std; use std::collections::HashSet; use std::ffi::CString; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; #[derive(AppLayerEvent)] pub enum IkeEvent { @@ -126,11 +128,11 @@ impl Transaction for IKETransaction { impl IKETransaction { pub fn new(direction: Direction) -> Self { - Self { - direction, - tx_data: applayer::AppLayerTxData::for_direction(direction), - ..Default::default() - } + Self { + direction, + tx_data: applayer::AppLayerTxData::for_direction(direction), + ..Default::default() + } } /// Set an event. @@ -173,7 +175,9 @@ impl IKEState { } pub fn get_tx(&mut self, tx_id: u64) -> Option<&mut IKETransaction> { - self.transactions.iter_mut().find(|tx| tx.tx_id == tx_id + 1) + self.transactions + .iter_mut() + .find(|tx| tx.tx_id == tx_id + 1) } pub fn new_tx(&mut self, direction: Direction) -> IKETransaction { @@ -315,7 +319,7 @@ unsafe extern "C" fn ike_state_tx_free(state: *mut std::os::raw::c_void, tx_id: } unsafe extern "C" fn ike_parse_request( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, IKEState); @@ -323,7 +327,7 @@ unsafe extern "C" fn ike_parse_request( } unsafe extern "C" fn ike_parse_response( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, IKEState); diff --git a/rust/src/krb/krb5.rs b/rust/src/krb/krb5.rs index b7ef7475bf..ffd5978d10 100644 --- a/rust/src/krb/krb5.rs +++ b/rust/src/krb/krb5.rs @@ -32,7 +32,9 @@ use nom7::number::streaming::be_u32; use nom7::{Err, IResult}; use std; use std::ffi::CString; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; #[derive(AppLayerEvent)] pub enum KRB5Event { @@ -449,7 +451,7 @@ unsafe extern "C" fn krb5_probing_parser_tcp( } unsafe extern "C" fn krb5_parse_request( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let buf = stream_slice.as_slice(); @@ -461,7 +463,7 @@ unsafe extern "C" fn krb5_parse_request( } unsafe extern "C" fn krb5_parse_response( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let buf = stream_slice.as_slice(); @@ -473,7 +475,7 @@ unsafe extern "C" fn krb5_parse_response( } unsafe extern "C" fn krb5_parse_request_tcp( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, KRB5State); @@ -531,7 +533,7 @@ unsafe extern "C" fn krb5_parse_request_tcp( } unsafe extern "C" fn krb5_parse_response_tcp( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, KRB5State); diff --git a/rust/src/ldap/ldap.rs b/rust/src/ldap/ldap.rs index 431967df3f..53df6b49c5 100644 --- a/rust/src/ldap/ldap.rs +++ b/rust/src/ldap/ldap.rs @@ -29,7 +29,8 @@ use std::collections::VecDeque; use std::ffi::CString; use std::os::raw::{c_char, c_int, c_void}; use suricata_sys::sys::{ - AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade, + AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag, + SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade, }; use crate::ldap::types::*; @@ -178,7 +179,8 @@ impl LdapState { fn find_request(&mut self, message_id: MessageID) -> Option<&mut LdapTransaction> { self.transactions.iter_mut().find(|tx| { tx.request - .as_ref().is_some_and(|req| req.message_id == message_id) + .as_ref() + .is_some_and(|req| req.message_id == message_id) }) } @@ -577,11 +579,11 @@ unsafe extern "C" fn ldap_state_tx_free(state: *mut c_void, tx_id: u64) { } unsafe extern "C" fn ldap_parse_request( - flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { if stream_slice.is_empty() { - if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 { + if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 { return AppLayerResult::ok(); } else { return AppLayerResult::err(); @@ -598,11 +600,11 @@ unsafe extern "C" fn ldap_parse_request( } unsafe extern "C" fn ldap_parse_response( - flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { if stream_slice.is_empty() { - if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 { + if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 { return AppLayerResult::ok(); } else { return AppLayerResult::err(); @@ -618,16 +620,16 @@ unsafe extern "C" fn ldap_parse_response( } unsafe extern "C" fn ldap_parse_request_udp( - flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { let state = cast_pointer!(state, LdapState); state.parse_request_udp(flow, stream_slice) } unsafe extern "C" fn ldap_parse_response_udp( - flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { let state = cast_pointer!(state, LdapState); state.parse_response_udp(flow, stream_slice) diff --git a/rust/src/modbus/modbus.rs b/rust/src/modbus/modbus.rs index 91c00b2370..49e39ce46f 100644 --- a/rust/src/modbus/modbus.rs +++ b/rust/src/modbus/modbus.rs @@ -25,7 +25,10 @@ use sawp::error::ErrorKind as SawpErrorKind; use sawp::parser::{Direction, Parse}; use sawp::probe::{Probe, Status}; use sawp_modbus::{self, AccessType, ErrorFlags, Flags, Message}; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabledDefault}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag, + SCAppLayerProtoDetectConfProtoDetectionEnabledDefault, +}; pub const REQUEST_FLOOD: usize = 500; // Default unreplied Modbus requests are considered a flood pub const MODBUS_PARSER: sawp_modbus::Modbus = sawp_modbus::Modbus { probe_strict: true }; @@ -336,12 +339,12 @@ unsafe extern "C" fn modbus_state_tx_free(state: *mut std::os::raw::c_void, tx_i } unsafe extern "C" fn modbus_parse_request( - flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let buf = stream_slice.as_slice(); if buf.is_empty() { - if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 { + if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 { return AppLayerResult::ok(); } else { return AppLayerResult::err(); @@ -353,12 +356,12 @@ unsafe extern "C" fn modbus_parse_request( } unsafe extern "C" fn modbus_parse_response( - flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let buf = stream_slice.as_slice(); if buf.is_empty() { - if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 { + if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 { return AppLayerResult::ok(); } else { return AppLayerResult::err(); diff --git a/rust/src/mqtt/mqtt.rs b/rust/src/mqtt/mqtt.rs index dee1c1f558..f3c72b659b 100644 --- a/rust/src/mqtt/mqtt.rs +++ b/rust/src/mqtt/mqtt.rs @@ -30,7 +30,9 @@ use nom7::Err; use std; use std::collections::VecDeque; use std::ffi::CString; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; // Used as a special pseudo packet identifier to denote the first CONNECT // packet in a connection. Note that there is no risk of collision with a @@ -679,7 +681,7 @@ unsafe extern "C" fn mqtt_state_tx_free(state: *mut std::os::raw::c_void, tx_id: } unsafe extern "C" fn mqtt_parse_request( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, MQTTState); @@ -687,7 +689,7 @@ unsafe extern "C" fn mqtt_parse_request( } unsafe extern "C" fn mqtt_parse_response( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, MQTTState); diff --git a/rust/src/nfs/nfs.rs b/rust/src/nfs/nfs.rs index 41cebd4147..59ca1c6ff6 100644 --- a/rust/src/nfs/nfs.rs +++ b/rust/src/nfs/nfs.rs @@ -24,7 +24,7 @@ use std::ffi::CString; use nom7::{Err, Needed}; use suricata_sys::sys::{ - AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPPParseConfPorts, SCAppLayerProtoDetectPPRegister, }; @@ -1938,7 +1938,7 @@ extern "C" fn nfs_state_free(state: *mut std::os::raw::c_void) { /// C binding parse a NFS TCP request. Returns 1 on success, -1 on failure. unsafe extern "C" fn nfs_parse_request( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, NFSState); @@ -1958,7 +1958,7 @@ extern "C" fn nfs_parse_request_tcp_gap(state: &mut NFSState, input_len: u32) -> } unsafe extern "C" fn nfs_parse_response( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, NFSState); @@ -1979,7 +1979,7 @@ extern "C" fn nfs_parse_response_tcp_gap(state: &mut NFSState, input_len: u32) - /// C binding to parse an NFS/UDP request. Returns 1 on success, -1 on failure. unsafe extern "C" fn nfs_parse_request_udp( - f: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + f: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, NFSState); @@ -1989,7 +1989,7 @@ unsafe extern "C" fn nfs_parse_request_udp( } unsafe extern "C" fn nfs_parse_response_udp( - f: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + f: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, NFSState); diff --git a/rust/src/ntp/ntp.rs b/rust/src/ntp/ntp.rs index ba95849ae0..1a5c9ac0cc 100644 --- a/rust/src/ntp/ntp.rs +++ b/rust/src/ntp/ntp.rs @@ -28,7 +28,9 @@ use std; use std::ffi::CString; use nom7::Err; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; #[derive(AppLayerEvent)] pub enum NTPEvent { @@ -177,7 +179,7 @@ extern "C" fn ntp_state_free(state: *mut std::os::raw::c_void) { } unsafe extern "C" fn ntp_parse_request( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, NTPState); @@ -188,7 +190,7 @@ unsafe extern "C" fn ntp_parse_request( } unsafe extern "C" fn ntp_parse_response( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, NTPState); diff --git a/rust/src/pgsql/pgsql.rs b/rust/src/pgsql/pgsql.rs index 4cc786cd40..bc5c701a2d 100644 --- a/rust/src/pgsql/pgsql.rs +++ b/rust/src/pgsql/pgsql.rs @@ -31,7 +31,8 @@ use std; use std::collections::VecDeque; use std::ffi::CString; use suricata_sys::sys::{ - AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade, + AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag, + SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade, }; const PGSQL_CONFIG_DEFAULT_STREAM_DEPTH: u32 = 0; @@ -835,11 +836,11 @@ unsafe extern "C" fn state_tx_free(state: *mut std::os::raw::c_void, tx_id: u64) } unsafe extern "C" fn parse_request( - flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { if stream_slice.is_empty() { - if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 { + if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 { SCLogDebug!(" Suricata reached `eof`"); return AppLayerResult::ok(); } else { @@ -858,11 +859,11 @@ unsafe extern "C" fn parse_request( } unsafe extern "C" fn parse_response( - flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { if stream_slice.is_empty() { - if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 { + if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 { return AppLayerResult::ok(); } else { return AppLayerResult::err(); diff --git a/rust/src/pop3/pop3.rs b/rust/src/pop3/pop3.rs index 8459027095..018d0a3127 100644 --- a/rust/src/pop3/pop3.rs +++ b/rust/src/pop3/pop3.rs @@ -29,7 +29,8 @@ use std::collections::VecDeque; use std::ffi::CString; use std::os::raw::{c_char, c_int, c_void}; use suricata_sys::sys::{ - AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade, + AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag, + SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade, }; use sawp::error::Error as SawpError; @@ -401,10 +402,10 @@ unsafe extern "C" fn pop3_state_tx_free(state: *mut c_void, tx_id: u64) { } unsafe extern "C" fn pop3_parse_request( - flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice, + flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { - let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0; + let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0; if eof { // If needed, handle EOF, or pass it into the parser. @@ -425,10 +426,10 @@ unsafe extern "C" fn pop3_parse_request( } unsafe extern "C" fn pop3_parse_response( - flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice, + flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { - let _eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0; + let _eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0; let state = cast_pointer!(state, POP3State); if stream_slice.is_gap() { diff --git a/rust/src/quic/quic.rs b/rust/src/quic/quic.rs index 7128c2ccad..aa3e40587c 100644 --- a/rust/src/quic/quic.rs +++ b/rust/src/quic/quic.rs @@ -33,7 +33,9 @@ use crate::{ }; use std::collections::VecDeque; use std::ffi::CString; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; use tls_parser::TlsExtensionType; static mut ALPROTO_QUIC: AppProto = ALPROTO_UNKNOWN; @@ -464,7 +466,7 @@ unsafe extern "C" fn quic_probing_parser( } unsafe extern "C" fn quic_parse_tc( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, QuicState); @@ -478,7 +480,7 @@ unsafe extern "C" fn quic_parse_tc( } unsafe extern "C" fn quic_parse_ts( - _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, QuicState); diff --git a/rust/src/rdp/rdp.rs b/rust/src/rdp/rdp.rs index d66666d986..2048481d4e 100644 --- a/rust/src/rdp/rdp.rs +++ b/rust/src/rdp/rdp.rs @@ -25,7 +25,9 @@ use crate::flow::Flow; use crate::rdp::parser::*; use crate::direction::Direction; use nom7::Err; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; use std; use std::collections::VecDeque; use tls_parser::{parse_tls_plaintext, TlsMessage, TlsMessageHandshake, TlsRecordType}; @@ -441,7 +443,7 @@ fn probe_tls_handshake(input: &[u8]) -> bool { // unsafe extern "C" fn rdp_parse_ts( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void ) -> AppLayerResult { @@ -452,7 +454,7 @@ unsafe extern "C" fn rdp_parse_ts( } unsafe extern "C" fn rdp_parse_tc( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void ) -> AppLayerResult { diff --git a/rust/src/rfb/rfb.rs b/rust/src/rfb/rfb.rs index b1ec47ea10..ceb58f404f 100644 --- a/rust/src/rfb/rfb.rs +++ b/rust/src/rfb/rfb.rs @@ -21,18 +21,20 @@ use super::parser; use crate::applayer; use crate::applayer::*; -use crate::core::{ALPROTO_UNKNOWN, IPPROTO_TCP, sc_app_layer_parser_trigger_raw_stream_inspection}; +use crate::core::{ + sc_app_layer_parser_trigger_raw_stream_inspection, ALPROTO_UNKNOWN, IPPROTO_TCP, +}; use crate::direction::Direction; use crate::flow::Flow; use crate::frames::*; use nom7::Err; -use suricata_sys::sys::{ - AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, - SCAppLayerProtoDetectPMRegisterPatternCI, -}; use std; use std::ffi::CString; use std::os::raw::c_char; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, + SCAppLayerProtoDetectPMRegisterPatternCI, +}; pub(super) static mut ALPROTO_RFB: AppProto = ALPROTO_UNKNOWN; @@ -221,7 +223,10 @@ impl RFBState { if let Some(current_transaction) = self.get_current_tx() { current_transaction.ts_client_protocol_version = Some(request); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToServer as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToServer as i32, + ); } else { debug_validate_fail!( "no transaction set at protocol selection stage" @@ -261,7 +266,10 @@ impl RFBState { current_transaction.ts_security_type_selection = Some(request); current_transaction.chosen_security_type = Some(chosen_security_type as u32); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToServer as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToServer as i32, + ); } else { debug_validate_fail!("no transaction set at security type stage"); } @@ -319,7 +327,10 @@ impl RFBState { if let Some(current_transaction) = self.get_current_tx() { current_transaction.ts_vnc_response = Some(request); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToServer as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToServer as i32, + ); } else { debug_validate_fail!("no transaction set at security result stage"); } @@ -358,7 +369,10 @@ impl RFBState { if let Some(current_transaction) = self.get_current_tx() { current_transaction.ts_client_init = Some(request); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToServer as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToServer as i32, + ); } else { debug_validate_fail!("no transaction set at client init stage"); } @@ -445,7 +459,10 @@ impl RFBState { if let Some(current_transaction) = self.get_current_tx() { current_transaction.tc_server_protocol_version = Some(request); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToClient as i32, + ); } else { debug_validate_fail!("no transaction set but we just set one"); } @@ -495,7 +512,10 @@ impl RFBState { if let Some(current_transaction) = self.get_current_tx() { current_transaction.tc_supported_security_types = Some(request); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToClient as i32, + ); } else { debug_validate_fail!("no transaction set at security type stage"); } @@ -562,7 +582,10 @@ impl RFBState { current_transaction.tc_server_security_type = Some(request); current_transaction.chosen_security_type = Some(chosen_security_type); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToClient as i32, + ); } else { debug_validate_fail!("no transaction set at security type stage"); } @@ -602,7 +625,10 @@ impl RFBState { if let Some(current_transaction) = self.get_current_tx() { current_transaction.tc_vnc_challenge = Some(request); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToClient as i32, + ); } else { debug_validate_fail!("no transaction set at auth stage"); } @@ -643,7 +669,10 @@ impl RFBState { if let Some(current_transaction) = self.get_current_tx() { current_transaction.tc_security_result = Some(request); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToClient as i32, + ); } else { debug_validate_fail!( "no transaction set at security result stage" @@ -683,7 +712,10 @@ impl RFBState { Ok((_rem, request)) => { if let Some(current_transaction) = self.get_current_tx() { current_transaction.tc_failure_reason = Some(request); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToClient as i32, + ); } else { debug_validate_fail!("no transaction set at failure reason stage"); } @@ -725,7 +757,10 @@ impl RFBState { if let Some(current_transaction) = self.get_current_tx() { current_transaction.tc_server_init = Some(request); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToClient as i32, + ); // connection initialization is complete and parsed current_transaction.complete = true; } else { @@ -796,7 +831,7 @@ unsafe extern "C" fn rfb_state_tx_free(state: *mut std::os::raw::c_void, tx_id: } unsafe extern "C" fn rfb_parse_request( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, RFBState); @@ -804,7 +839,7 @@ unsafe extern "C" fn rfb_parse_request( } unsafe extern "C" fn rfb_parse_response( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, RFBState); diff --git a/rust/src/sip/sip.rs b/rust/src/sip/sip.rs index 7c7c68bd66..d77ed07d9a 100755 --- a/rust/src/sip/sip.rs +++ b/rust/src/sip/sip.rs @@ -19,19 +19,21 @@ use crate::applayer::{self, *}; use crate::core; -use crate::core::{ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP, sc_app_layer_parser_trigger_raw_stream_inspection}; +use crate::core::{ + sc_app_layer_parser_trigger_raw_stream_inspection, ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP, +}; use crate::direction::Direction; use crate::flow::Flow; use crate::frames::*; use crate::sip::parser::*; use nom7::Err; -use suricata_sys::sys::{ - AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, - SCAppLayerProtoDetectPMRegisterPatternCS, -}; use std; use std::collections::VecDeque; use std::ffi::CString; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag, + SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCS, +}; // app-layer-frame-documentation tag start: FrameType enum #[derive(AppLayerFrameType)] @@ -185,7 +187,10 @@ impl SIPState { tx.request_line = req_line; } self.transactions.push_back(tx); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToServer as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToServer as i32, + ); let consumed = start.len() - rem.len(); start = rem; @@ -281,7 +286,10 @@ impl SIPState { tx.response_line = resp_line; } self.transactions.push_back(tx); - sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32); + sc_app_layer_parser_trigger_raw_stream_inspection( + flow, + Direction::ToClient as i32, + ); let consumed = start.len() - rem.len(); start = rem; @@ -440,7 +448,7 @@ extern "C" fn sip_tx_get_alstate_progress( pub static mut ALPROTO_SIP: AppProto = ALPROTO_UNKNOWN; unsafe extern "C" fn sip_parse_request( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, SIPState); @@ -448,11 +456,11 @@ unsafe extern "C" fn sip_parse_request( } unsafe extern "C" fn sip_parse_request_tcp( - flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { if stream_slice.is_empty() { - if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 { + if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 { return AppLayerResult::ok(); } else { return AppLayerResult::err(); @@ -464,7 +472,7 @@ unsafe extern "C" fn sip_parse_request_tcp( } unsafe extern "C" fn sip_parse_response( - flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, SIPState); @@ -472,11 +480,11 @@ unsafe extern "C" fn sip_parse_response( } unsafe extern "C" fn sip_parse_response_tcp( - flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { if stream_slice.is_empty() { - if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 { + if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 { return AppLayerResult::ok(); } else { return AppLayerResult::err(); diff --git a/rust/src/smb/smb.rs b/rust/src/smb/smb.rs index 3c35b00f9e..269c0483b5 100644 --- a/rust/src/smb/smb.rs +++ b/rust/src/smb/smb.rs @@ -35,7 +35,7 @@ use nom7::error::{make_error, ErrorKind}; use lru::LruCache; use suricata_sys::sys::{ - AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCSwPP, SCAppLayerProtoDetectPPParseConfPorts, SCAppLayerProtoDetectPPRegister, }; @@ -2009,7 +2009,7 @@ extern "C" fn smb_state_free(state: *mut std::os::raw::c_void) { /// C binding parse a SMB request. Returns 1 on success, -1 on failure. unsafe extern "C" fn smb_parse_request_tcp(flow: *mut Flow, state: *mut ffi::c_void, - _pstate: *mut std::os::raw::c_void, + _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) @@ -2044,7 +2044,7 @@ extern "C" fn smb_parse_request_tcp_gap( unsafe extern "C" fn smb_parse_response_tcp(flow: *mut Flow, state: *mut ffi::c_void, - _pstate: *mut std::os::raw::c_void, + _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const ffi::c_void, ) diff --git a/rust/src/snmp/snmp.rs b/rust/src/snmp/snmp.rs index 659c317ecd..01462042e6 100644 --- a/rust/src/snmp/snmp.rs +++ b/rust/src/snmp/snmp.rs @@ -33,7 +33,7 @@ use der_parser::der::parse_der_sequence; use nom7::{Err, IResult}; use nom7::error::{ErrorKind, make_error}; use suricata_sys::sys::{ - AppProto, AppProtoNewProtoFromString, EveJsonTxLoggerRegistrationData, + AppLayerParserState, AppProto, AppProtoNewProtoFromString, EveJsonTxLoggerRegistrationData, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCOutputEvePreRegisterLogger, SCOutputJsonLogDirection, SCSigTablePreRegister, }; @@ -273,7 +273,7 @@ extern "C" fn snmp_state_free(state: *mut std::os::raw::c_void) { unsafe extern "C" fn snmp_parse_request(_flow: *mut Flow, state: *mut std::os::raw::c_void, - _pstate: *mut std::os::raw::c_void, + _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { @@ -283,7 +283,7 @@ unsafe extern "C" fn snmp_parse_request(_flow: *mut Flow, unsafe extern "C" fn snmp_parse_response(_flow: *mut Flow, state: *mut std::os::raw::c_void, - _pstate: *mut std::os::raw::c_void, + _pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { diff --git a/rust/src/ssh/ssh.rs b/rust/src/ssh/ssh.rs index 62a5b155e2..7d0063a7ef 100644 --- a/rust/src/ssh/ssh.rs +++ b/rust/src/ssh/ssh.rs @@ -25,7 +25,7 @@ use nom7::Err; use std::ffi::CString; use std::sync::atomic::{AtomicBool, Ordering}; use suricata_sys::sys::{ - AppLayerParserState_, AppProto, SCAppLayerParserStateSetFlag, + AppLayerParserState, AppProto, SCAppLayerParserStateSetFlag, SCAppLayerProtoDetectConfProtoDetectionEnabled, }; @@ -139,7 +139,7 @@ impl SSHState { } fn parse_record( - &mut self, mut input: &[u8], resp: bool, pstate: *mut std::os::raw::c_void, + &mut self, mut input: &[u8], resp: bool, pstate: *mut AppLayerParserState, flow: *const Flow, stream_slice: &StreamSlice, ) -> AppLayerResult { let (hdr, ohdr) = if !resp { @@ -239,11 +239,7 @@ impl SSHState { if flags != 0 { unsafe { - // TODO a later bindgen should prove that this cast is useless - SCAppLayerParserStateSetFlag( - pstate as *mut AppLayerParserState_, - flags, - ); + SCAppLayerParserStateSetFlag(pstate, flags); } } } @@ -336,7 +332,7 @@ impl SSHState { } fn parse_banner( - &mut self, input: &[u8], resp: bool, pstate: *mut std::os::raw::c_void, flow: *const Flow, + &mut self, input: &[u8], resp: bool, pstate: *mut AppLayerParserState, flow: *const Flow, stream_slice: &StreamSlice, ) -> AppLayerResult { let hdr = if !resp { @@ -461,7 +457,7 @@ extern "C" fn ssh_state_tx_free(_state: *mut std::os::raw::c_void, _tx_id: u64) } unsafe extern "C" fn ssh_parse_request( - flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = &mut cast_pointer!(state, SSHState); @@ -476,7 +472,7 @@ unsafe extern "C" fn ssh_parse_request( } unsafe extern "C" fn ssh_parse_response( - flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = &mut cast_pointer!(state, SSHState); diff --git a/rust/src/telnet/telnet.rs b/rust/src/telnet/telnet.rs index c0a7dfb30b..4d7782cd62 100644 --- a/rust/src/telnet/telnet.rs +++ b/rust/src/telnet/telnet.rs @@ -22,7 +22,10 @@ use crate::flow::Flow; use crate::frames::*; use std::ffi::CString; use nom7::IResult; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag, + SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; use super::parser; static mut ALPROTO_TELNET: AppProto = ALPROTO_UNKNOWN; @@ -417,11 +420,11 @@ unsafe extern "C" fn telnet_state_tx_free( unsafe extern "C" fn telnet_parse_request( flow: *mut Flow, state: *mut std::os::raw::c_void, - pstate: *mut std::os::raw::c_void, + pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void ) -> AppLayerResult { - let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0; + let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0; if eof { // If needed, handle EOF, or pass it into the parser. @@ -444,11 +447,11 @@ unsafe extern "C" fn telnet_parse_request( unsafe extern "C" fn telnet_parse_response( flow: *mut Flow, state: *mut std::os::raw::c_void, - pstate: *mut std::os::raw::c_void, + pstate: *mut AppLayerParserState, stream_slice: StreamSlice, _data: *const std::os::raw::c_void ) -> AppLayerResult { - let _eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0; + let _eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0; let state = cast_pointer!(state, TelnetState); if stream_slice.is_gap() { diff --git a/rust/src/websocket/websocket.rs b/rust/src/websocket/websocket.rs index aaf54f7c64..f2ed6fd87f 100644 --- a/rust/src/websocket/websocket.rs +++ b/rust/src/websocket/websocket.rs @@ -30,7 +30,9 @@ use nom7::Needed; use flate2::Decompress; use flate2::FlushDecompress; -use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled}; +use suricata_sys::sys::{ + AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, +}; use std; use std::collections::VecDeque; @@ -344,16 +346,16 @@ unsafe extern "C" fn websocket_state_tx_free(state: *mut c_void, tx_id: u64) { } unsafe extern "C" fn websocket_parse_request( - flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { let state = cast_pointer!(state, WebSocketState); state.parse(stream_slice, Direction::ToServer, flow) } unsafe extern "C" fn websocket_parse_response( - flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice, - _data: *const c_void, + flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState, + stream_slice: StreamSlice, _data: *const c_void, ) -> AppLayerResult { let state = cast_pointer!(state, WebSocketState); state.parse(stream_slice, Direction::ToClient, flow) diff --git a/rust/sys/src/sys.rs b/rust/sys/src/sys.rs index 13470292a3..47c54734be 100644 --- a/rust/sys/src/sys.rs +++ b/rust/sys/src/sys.rs @@ -698,3 +698,6 @@ pub type AppLayerParserState = AppLayerParserState_; extern "C" { pub fn SCAppLayerParserStateSetFlag(pstate: *mut AppLayerParserState, flag: u16); } +extern "C" { + pub fn SCAppLayerParserStateIssetFlag(pstate: *mut AppLayerParserState, flag: u16) -> u16; +} diff --git a/src/app-layer-ftp.c b/src/app-layer-ftp.c index 24245593d8..2458ef78f8 100644 --- a/src/app-layer-ftp.c +++ b/src/app-layer-ftp.c @@ -422,7 +422,7 @@ static AppLayerResult FTPParseRequest(Flow *f, void *ftp_state, AppLayerParserSt const uint8_t *input = StreamSliceGetData(&stream_slice); uint32_t input_len = StreamSliceGetDataLen(&stream_slice); - if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) { + if (input == NULL && SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) { SCReturnStruct(APP_LAYER_OK); } else if (input == NULL || input_len == 0) { SCReturnStruct(APP_LAYER_ERROR); @@ -986,8 +986,8 @@ static AppLayerResult FTPDataParse(Flow *f, FtpDataState *ftpdata_state, const uint8_t *input = StreamSliceGetData(&stream_slice); uint32_t input_len = StreamSliceGetDataLen(&stream_slice); const bool eof = (direction & STREAM_TOSERVER) - ? AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) != 0 - : AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) != 0; + ? SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) != 0 + : SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) != 0; SCTxDataUpdateFileFlags(&ftpdata_state->tx_data, ftpdata_state->state_data.file_flags); if (ftpdata_state->tx_data.file_tx == 0) diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index 8ad24fe970..a873764d95 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -823,9 +823,8 @@ static AppLayerResult HTPHandleRequestData(Flow *f, void *htp_state, AppLayerPar } /* if the TCP connection is closed, then close the HTTP connection */ - if (AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) && - !(hstate->flags & HTP_FLAG_STATE_CLOSED_TS)) - { + if (SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) && + !(hstate->flags & HTP_FLAG_STATE_CLOSED_TS)) { htp_connp_request_close(hstate->connp, &ts); hstate->flags |= HTP_FLAG_STATE_CLOSED_TS; SCLogDebug("stream eof encountered, closing htp handle for ts"); @@ -938,9 +937,8 @@ static AppLayerResult HTPHandleResponseData(Flow *f, void *htp_state, AppLayerPa } /* if we the TCP connection is closed, then close the HTTP connection */ - if (AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) && - !(hstate->flags & HTP_FLAG_STATE_CLOSED_TC)) - { + if (SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) && + !(hstate->flags & HTP_FLAG_STATE_CLOSED_TC)) { htp_connp_close(hstate->connp, &ts); hstate->flags |= HTP_FLAG_STATE_CLOSED_TC; } diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c index 75497284a8..1af0bc6ce2 100644 --- a/src/app-layer-parser.c +++ b/src/app-layer-parser.c @@ -1826,8 +1826,8 @@ void SCAppLayerParserStateSetFlag(AppLayerParserState *pstate, uint16_t flag) SCReturn; } -/* coccinelle: AppLayerParserStateIssetFlag():2,2:APP_LAYER_PARSER_ */ -uint16_t AppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint16_t flag) +/* coccinelle: SCAppLayerParserStateIssetFlag():2,2:APP_LAYER_PARSER_ */ +uint16_t SCAppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint16_t flag) { SCEnter(); SCReturnUInt(pstate->flags & flag); diff --git a/src/app-layer-parser.h b/src/app-layer-parser.h index 90075141e7..b4c33581d5 100644 --- a/src/app-layer-parser.h +++ b/src/app-layer-parser.h @@ -303,7 +303,7 @@ void AppLayerParserStateCleanup(const Flow *f, void *alstate, AppLayerParserStat void AppLayerParserRegisterProtocolParsers(void); void SCAppLayerParserStateSetFlag(AppLayerParserState *pstate, uint16_t flag); -uint16_t AppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint16_t flag); +uint16_t SCAppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint16_t flag); AppLayerParserState *AppLayerParserStateAlloc(void); void AppLayerParserStateFree(AppLayerParserState *pstate); diff --git a/src/app-layer-smtp.c b/src/app-layer-smtp.c index 12bf050ba9..f25b076130 100644 --- a/src/app-layer-smtp.c +++ b/src/app-layer-smtp.c @@ -1391,9 +1391,9 @@ static AppLayerResult SMTPParse(uint8_t direction, Flow *f, SMTPState *state, uint32_t input_len = StreamSliceGetDataLen(&stream_slice); if (input_buf == NULL && - ((direction == 0 && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) || + ((direction == 0 && SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) || (direction == 1 && - AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)))) { + SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)))) { SCReturnStruct(APP_LAYER_OK); } else if (input_buf == NULL || input_len == 0) { SCReturnStruct(APP_LAYER_OK); diff --git a/src/app-layer-ssh.c b/src/app-layer-ssh.c index 8a0343cf15..bb681f91a9 100644 --- a/src/app-layer-ssh.c +++ b/src/app-layer-ssh.c @@ -1151,7 +1151,7 @@ static int SSHParserTest18(void) void *tx = SCSshStateGetTx(ssh_state, 0); FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished); - FAIL_IF(!(AppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_NO_INSPECTION))); + FAIL_IF(!(SCAppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_NO_INSPECTION))); UTHFreePacket(p); StreamTcpUTClearSession(&ssn); diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c index 3b3a91ba06..9f8e3b5619 100644 --- a/src/app-layer-ssl.c +++ b/src/app-layer-ssl.c @@ -2669,9 +2669,9 @@ static AppLayerResult SSLDecode(Flow *f, uint8_t direction, void *alstate, int32_t input_len = (int32_t)StreamSliceGetDataLen(&stream_slice); if ((input == NULL || input_len == 0) && - ((direction == 0 && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) || + ((direction == 0 && SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) || (direction == 1 && - AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)))) { + SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)))) { /* flag session as finished if APP_LAYER_PARSER_EOF is set */ if (direction == 0) UpdateClientState(ssl_state, TLS_STATE_CLIENT_FINISHED); @@ -2795,8 +2795,8 @@ static AppLayerResult SSLDecode(Flow *f, uint8_t direction, void *alstate, } /* flag session as finished if APP_LAYER_PARSER_EOF is set */ - if (AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) && - AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)) { + if (SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) && + SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)) { /* update both sides to keep existing behavior */ UpdateClientState(ssl_state, TLS_STATE_CLIENT_FINISHED); UpdateServerState(ssl_state, TLS_STATE_SERVER_FINISHED); diff --git a/src/app-layer-tftp.c b/src/app-layer-tftp.c index 5f2c540d59..9f65a32912 100644 --- a/src/app-layer-tftp.c +++ b/src/app-layer-tftp.c @@ -98,7 +98,7 @@ static AppLayerResult TFTPParseRequest(Flow *f, void *state, AppLayerParserState /* Likely connection closed, we can just return here. */ if ((input == NULL || input_len == 0) && - AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) { + SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) { SCReturnStruct(APP_LAYER_OK); } diff --git a/src/detect.c b/src/detect.c index 71eff19bef..d363686262 100644 --- a/src/detect.c +++ b/src/detect.c @@ -164,7 +164,7 @@ static void DetectRun(ThreadVars *th_v, } const TcpSession *ssn = p->flow->protoctx; bool setting_nopayload = p->flow->alparser && - AppLayerParserStateIssetFlag( + SCAppLayerParserStateIssetFlag( p->flow->alparser, APP_LAYER_PARSER_NO_INSPECTION) && !(p->flags & PKT_NOPAYLOAD_INSPECTION); // we may be right after disabling app-layer (ssh) diff --git a/src/flow-worker.c b/src/flow-worker.c index 92b21b0ba2..92ea75f432 100644 --- a/src/flow-worker.c +++ b/src/flow-worker.c @@ -381,7 +381,7 @@ static inline void FlowWorkerStreamTCPUpdate(ThreadVars *tv, FlowWorkerThreadDat // this is the first packet that sets no payload inspection bool setting_nopayload = p->flow->alparser && - AppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_NO_INSPECTION) && + SCAppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_NO_INSPECTION) && !(p->flags & PKT_NOPAYLOAD_INSPECTION); if (FlowChangeProto(p->flow) || setting_nopayload) { StreamTcpDetectLogFlush(tv, fw->stream_thread, p->flow, p, &fw->pq); diff --git a/src/output-json-frame.c b/src/output-json-frame.c index d4f34219fd..35482e1199 100644 --- a/src/output-json-frame.c +++ b/src/output-json-frame.c @@ -351,11 +351,11 @@ static int FrameJson(ThreadVars *tv, JsonFrameLogThread *aft, const Packet *p) frames = &frames_container->toserver; SCLogDebug("TOSERVER base %" PRIu64 ", app %" PRIu64, STREAM_BASE_OFFSET(stream), STREAM_APP_PROGRESS(stream)); - eof |= AppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_EOF_TS) != 0; + eof |= SCAppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_EOF_TS) != 0; } else { stream = &ssn->server; frames = &frames_container->toclient; - eof |= AppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_EOF_TC) != 0; + eof |= SCAppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_EOF_TC) != 0; } eof |= last_pseudo; SCLogDebug("eof %s", eof ? "true" : "false"); diff --git a/src/output-tx.c b/src/output-tx.c index 996febf057..34ca6ee6bb 100644 --- a/src/output-tx.c +++ b/src/output-tx.c @@ -380,8 +380,8 @@ static TmEcode OutputTxLog(ThreadVars *tv, Packet *p, void *thread_data) SCLogDebug("pcap_cnt %" PRIu64, p->pcap_cnt); const bool last_pseudo = (p->flowflags & FLOW_PKT_LAST_PSEUDO) != 0; - const bool ts_eof = AppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TS) != 0; - const bool tc_eof = AppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TC) != 0; + const bool ts_eof = SCAppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TS) != 0; + const bool tc_eof = SCAppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TC) != 0; const bool eof = last_pseudo || (ts_eof && tc_eof); SCLogDebug("eof %d last_pseudo %d ts_eof %d tc_eof %d", eof, last_pseudo, ts_eof, tc_eof); diff --git a/src/tests/fuzz/fuzz_applayerparserparse.c b/src/tests/fuzz/fuzz_applayerparserparse.c index 4e4c7cfe48..95a7d58969 100644 --- a/src/tests/fuzz/fuzz_applayerparserparse.c +++ b/src/tests/fuzz/fuzz_applayerparserparse.c @@ -159,10 +159,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) } flags &= ~(STREAM_START); if (f->alparser && - (((flags & STREAM_TOSERVER) != 0 && - AppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TS)) || - ((flags & STREAM_TOCLIENT) != 0 && - AppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TC)))) { + (((flags & STREAM_TOSERVER) != 0 && SCAppLayerParserStateIssetFlag(f->alparser, + APP_LAYER_PARSER_EOF_TS)) || + ((flags & STREAM_TOCLIENT) != 0 && + SCAppLayerParserStateIssetFlag( + f->alparser, APP_LAYER_PARSER_EOF_TC)))) { //no final chunk alsize = 0; break;