From: Russ Combs (rucombs) Date: Tue, 10 Dec 2019 13:42:11 +0000 (+0000) Subject: Merge pull request #1877 in SNORT/snort3 from ~RUCOMBS/snort3:reincluder to master X-Git-Tag: 3.0.0-267~16 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c0d2ae50e458898e4563169280bd1478805cc255;p=thirdparty%2Fsnort3.git Merge pull request #1877 in SNORT/snort3 from ~RUCOMBS/snort3:reincluder to master Squashed commit of the following: commit 7499236c7f9a0d79228c56d96099acf939626daf Author: russ Date: Wed Dec 4 17:43:52 2019 -0500 ips: do not use includer for any rules file includes commit 2ce77f3186a19a723f97d9fbc34bc28bc3cd8053 Author: russ Date: Wed Dec 4 13:40:56 2019 -0500 ips: fix --show-file-codes for inclusion from -c file --- diff --git a/src/managers/module_manager.cc b/src/managers/module_manager.cc index 16e062734..73337d885 100644 --- a/src/managers/module_manager.cc +++ b/src/managers/module_manager.cc @@ -1342,7 +1342,7 @@ void ModuleManager::load_rules(SnortConfig* sc) // note: you can NOT do ss.str().c_str() here const string& rule = ss.str(); - ParseConfigString(sc, rule.c_str()); + parse_rules_string(sc, rule.c_str()); r++; } diff --git a/src/parser/parse_conf.cc b/src/parser/parse_conf.cc index 2fcdb49f5..9c54f609e 100644 --- a/src/parser/parse_conf.cc +++ b/src/parser/parse_conf.cc @@ -59,6 +59,7 @@ struct Location }; static std::stack files; +static int rules_file_depth = 0; const char* get_parse_file() { @@ -186,7 +187,7 @@ void parse_include(SnortConfig* sc, const char* arg) { assert(arg); arg = ExpandVars(sc, arg); - std::string file = get_ips_policy()->includer; + std::string file = !rules_file_depth ? get_ips_policy()->includer : get_parse_file(); const char* code = get_config_file(arg, file); @@ -196,7 +197,7 @@ void parse_include(SnortConfig* sc, const char* arg) return; } push_parse_location(code, file.c_str(), arg); - ParseConfigFile(sc, file.c_str()); + parse_rules_file(sc, file.c_str()); pop_parse_location(); } @@ -327,7 +328,7 @@ ListHead* get_rule_list(SnortConfig* sc, const char* s) return p ? p->RuleList : nullptr; } -void ParseConfigFile(SnortConfig* sc, const char* fname) +void parse_rules_file(SnortConfig* sc, const char* fname) { if ( !fname ) return; @@ -340,10 +341,12 @@ void ParseConfigFile(SnortConfig* sc, const char* fname) fname, get_error(errno)); return; } + ++rules_file_depth; parse_stream(fs, sc); + --rules_file_depth; } -void ParseConfigString(SnortConfig* sc, const char* s) +void parse_rules_string(SnortConfig* sc, const char* s) { std::string rules = s; std::stringstream ss(rules); diff --git a/src/parser/parse_conf.h b/src/parser/parse_conf.h index 8caa96987..0a404d4e4 100644 --- a/src/parser/parse_conf.h +++ b/src/parser/parse_conf.h @@ -38,8 +38,8 @@ const char* get_parse_file(); // file may hold original parse path on entry const char* get_config_file(const char* arg, std::string& file); -void ParseConfigFile(snort::SnortConfig*, const char* fname); -void ParseConfigString(snort::SnortConfig*, const char* str); +void parse_rules_file(snort::SnortConfig*, const char* fname); +void parse_rules_string(snort::SnortConfig*, const char* str); void ParseIpVar(snort::SnortConfig*, const char* name, const char* s); void parse_include(snort::SnortConfig*, const char*); diff --git a/src/parser/parse_rule.cc b/src/parser/parse_rule.cc index 35f0113ab..2cbfc37a7 100644 --- a/src/parser/parse_rule.cc +++ b/src/parser/parse_rule.cc @@ -1206,7 +1206,7 @@ void parse_rule_close(SnortConfig* sc, RuleTreeNode& rtn, OptTreeNode* otn) else { entered = true; - ParseConfigString(sc, rule); + parse_rules_string(sc, rule); } OtnFree(otn); return; diff --git a/src/parser/parser.cc b/src/parser/parser.cc index c5b06f85e..0efa08a42 100644 --- a/src/parser/parser.cc +++ b/src/parser/parser.cc @@ -189,7 +189,7 @@ static void OtnInit(SnortConfig* sc) /* Init sid-gid -> otn map */ sc->otn_map = OtnLookupNew(); if (sc->otn_map == nullptr) - ParseAbort("ParseRulesFile otn_map ghash_new failed."); + ParseAbort("otn_map ghash_new failed."); } static RuleListNode* addNodeToOrderedList(RuleListNode* ordered_list, @@ -352,28 +352,27 @@ void ParseRules(SnortConfig* sc) if ( p->enable_builtin_rules ) ModuleManager::load_rules(sc); - const char* fname = p->include.c_str(); - std::string file = p->includer; - - if ( fname && *fname ) + if ( !p->include.empty() ) { - const char* code = get_config_file(fname, file); - push_parse_location(code, file.c_str(), fname); - ParseConfigFile(sc, file.c_str()); + std::string path = p->includer; + const char* file = p->include.c_str(); + const char* code = get_config_file(file, path); + push_parse_location(code, path.c_str(), file); + parse_rules_file(sc, path.c_str()); pop_parse_location(); } if ( !p->rules.empty() ) { - push_parse_location("C", file.c_str(), "ips.rules"); - ParseConfigString(sc, p->rules.c_str()); + push_parse_location("C", p->includer.c_str(), "ips.rules"); + parse_rules_string(sc, p->rules.c_str()); pop_parse_location(); } if ( !p->states.empty() ) { - push_parse_location("C", file.c_str(), "ips.states"); - ParseConfigString(sc, p->states.c_str()); + push_parse_location("C", p->includer.c_str(), "ips.states"); + parse_rules_string(sc, p->states.c_str()); pop_parse_location(); } @@ -381,7 +380,7 @@ void ParseRules(SnortConfig* sc) { p->includer.clear(); push_parse_location("W", "./", "rule args"); - ParseConfigString(sc, s_aux_rules.c_str()); + parse_rules_string(sc, s_aux_rules.c_str()); pop_parse_location(); } diff --git a/src/ports/rule_port_tables.cc b/src/ports/rule_port_tables.cc index c276e4a22..d9311324c 100644 --- a/src/ports/rule_port_tables.cc +++ b/src/ports/rule_port_tables.cc @@ -72,7 +72,7 @@ RulePortTables* PortTablesNew() RulePortTables* rpt = new RulePortTables; if ( !(rpt->svc_any = PortObjectNew()) ) - ParseAbort("ParseRulesFile udp any-any PortObjectNew() failed"); + ParseAbort("udp any-any PortObjectNew() failed"); PortObjectAddPortAny(rpt->svc_any);