From: Victor Julien Date: Tue, 27 Oct 2020 07:16:25 +0000 (+0100) Subject: detect/mpm: fix id confusion in mpm_ctx sharing X-Git-Tag: suricata-6.0.1~82 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ba2a9be11a029f8ab2e8213ab0e730b788ba2aea;p=thirdparty%2Fsuricata.git detect/mpm: fix id confusion in mpm_ctx sharing Mixing of dynamic id's and hardcoded config values could possibly lead to the settings not getting applied properly. --- diff --git a/src/detect.h b/src/detect.h index 9e9547512c..c1fc715ca0 100644 --- a/src/detect.h +++ b/src/detect.h @@ -967,9 +967,10 @@ enum { /* Siggroup mpm context profile */ enum { - ENGINE_SGH_MPM_FACTORY_CONTEXT_FULL, + ENGINE_SGH_MPM_FACTORY_CONTEXT_FULL = 0, ENGINE_SGH_MPM_FACTORY_CONTEXT_SINGLE, - ENGINE_SGH_MPM_FACTORY_CONTEXT_AUTO + ENGINE_SGH_MPM_FACTORY_CONTEXT_AUTO, +#define ENGINE_SGH_MPM_FACTORY_CONTEXT_START_ID_RANGE (ENGINE_SGH_MPM_FACTORY_CONTEXT_AUTO + 1) }; typedef struct HttpReassembledBody_ { diff --git a/src/util-mpm.c b/src/util-mpm.c index 61f3c1899f..09aecee99f 100644 --- a/src/util-mpm.c +++ b/src/util-mpm.c @@ -67,6 +67,7 @@ int32_t MpmFactoryRegisterMpmCtxProfile( FatalError(SC_ERR_FATAL, "Error allocating memory"); } memset(de_ctx->mpm_ctx_factory_container, 0, sizeof(MpmCtxFactoryContainer)); + de_ctx->mpm_ctx_factory_container->max_id = ENGINE_SGH_MPM_FACTORY_CONTEXT_START_ID_RANGE; MpmCtxFactoryItem *item = SCMalloc(sizeof(MpmCtxFactoryItem)); if (unlikely(item == NULL)) { @@ -91,10 +92,7 @@ int32_t MpmFactoryRegisterMpmCtxProfile( } memset(item[0].mpm_ctx_tc, 0, sizeof(MpmCtx)); item[0].mpm_ctx_tc->flags |= MPMCTX_FLAGS_GLOBAL; - - /* our id starts from 0 always. Helps us with the ctx retrieval from - * the array */ - item[0].id = 0; + item[0].id = de_ctx->mpm_ctx_factory_container->max_id++; /* store the newly created item */ de_ctx->mpm_ctx_factory_container->items = item; @@ -161,7 +159,7 @@ int32_t MpmFactoryRegisterMpmCtxProfile( memset(new_item[0].mpm_ctx_tc, 0, sizeof(MpmCtx)); new_item[0].mpm_ctx_tc->flags |= MPMCTX_FLAGS_GLOBAL; - new_item[0].id = de_ctx->mpm_ctx_factory_container->no_of_items; + new_item[0].id = de_ctx->mpm_ctx_factory_container->max_id++; de_ctx->mpm_ctx_factory_container->no_of_items++; /* the newly created id */ @@ -200,13 +198,17 @@ MpmCtx *MpmFactoryGetMpmCtxForProfile(const DetectEngineCtx *de_ctx, int32_t id, } else if (id < -1) { SCLogError(SC_ERR_INVALID_ARGUMENTS, "Invalid argument - %d\n", id); return NULL; - } else if (id >= de_ctx->mpm_ctx_factory_container->no_of_items) { + } else if (id >= de_ctx->mpm_ctx_factory_container->max_id) { /* this id does not exist */ return NULL; } else { - return (direction == 0) ? - de_ctx->mpm_ctx_factory_container->items[id].mpm_ctx_ts : - de_ctx->mpm_ctx_factory_container->items[id].mpm_ctx_tc; + for (int i = 0; i < de_ctx->mpm_ctx_factory_container->no_of_items; i++) { + if (id == de_ctx->mpm_ctx_factory_container->items[i].id) { + return (direction == 0) ? de_ctx->mpm_ctx_factory_container->items[i].mpm_ctx_ts + : de_ctx->mpm_ctx_factory_container->items[i].mpm_ctx_tc; + } + } + return NULL; } } diff --git a/src/util-mpm.h b/src/util-mpm.h index 0e5311293a..ac7d2f98ca 100644 --- a/src/util-mpm.h +++ b/src/util-mpm.h @@ -123,6 +123,7 @@ typedef struct MpmCtxFactoryItem_ { typedef struct MpmCtxFactoryContainer_ { MpmCtxFactoryItem *items; int32_t no_of_items; + int32_t max_id; } MpmCtxFactoryContainer; /** pattern is case insensitive */