From: Michael Altizer (mialtize) Date: Tue, 30 Jun 2020 02:00:48 +0000 (+0000) Subject: Merge pull request #2300 in SNORT/snort3 from ~MIALTIZE/snort3:32bit to master X-Git-Tag: 3.0.2-1~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c225faac06bccfeaa92927c2bf7d93403f80e9ba;p=thirdparty%2Fsnort3.git Merge pull request #2300 in SNORT/snort3 from ~MIALTIZE/snort3:32bit to master Squashed commit of the following: commit 892e1b978f4e4f73e8fa30d1279ea09b7db2fe32 Author: Michael Altizer Date: Mon Jun 29 18:17:40 2020 -0400 http2_inspect: Make print_flow_issues() regtest-only commit 63fce83f2b8689c0eb81053c643a5af9123f94a0 Author: Michael Altizer Date: Mon Jun 29 18:09:40 2020 -0400 build: Eradicate u_int usage As a bonus, this fixes the Alpine Linux build. commit 7a1733662671c9e178d7f00e9ce1252df5e8a56a Author: Michael Altizer Date: Mon Jun 29 11:35:41 2020 -0400 build: Miscellaneous 32-bit build fixes --- diff --git a/daqs/daq_hext.c b/daqs/daq_hext.c index 59cceeda7..88633d405 100644 --- a/daqs/daq_hext.c +++ b/daqs/daq_hext.c @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -240,19 +241,44 @@ static void IpAddr(uint32_t* addr, char const* ip) static bool parse_flowstats(DAQ_MsgType type, const char* line, HextMsgDesc *desc) { -#define FLOWSTATS_FORMAT "%d %d %d %d %s %hu %s %hu %u %lu %lu %lu %lu %lu %lu %hhu %ld %ld %hu %hu %hhu" +#define FLOWSTATS_FORMAT \ + "%" SCNi32 " " /* ingressZone */ \ + "%" SCNi32 " " /* egressZone */ \ + "%" SCNi32 " " /* ingressIntf */ \ + "%" SCNi32 " " /* egressIntf */ \ + "%s " /* srcAddr */ \ + "%" SCNu16 " " /* initiatorPort */ \ + "%s " /* dstAddr */ \ + "%" SCNu16 " " /* responderPort */ \ + "%" SCNu32 " " /* opaque */ \ + "%" SCNu64 " " /* initiatorPkts */ \ + "%" SCNu64 " " /* responderPkts */ \ + "%" SCNu64 " " /* initiatorPktsDropped */ \ + "%" SCNu64 " " /* responderPktsDropped */ \ + "%" SCNu64 " " /* initiatorBytesDropped */ \ + "%" SCNu64 " " /* responderBytesDropped */ \ + "%" SCNu8 " " /* isQoSAppliedOnSrcIntf */ \ + "%" SCNu32 " " /* sof_timestamp.tv_sec */ \ + "%" SCNu32 " " /* eof_timestamp.tv_sec */ \ + "%" SCNu16 " " /* vlan_tag */ \ + "%" SCNu16 " " /* address_space_id */ \ + "%" SCNu8 /* protocol */ #define FLOWSTATS_ITEMS 21 Flow_Stats_t* f = &desc->flowstats; char srcaddr[INET6_ADDRSTRLEN], dstaddr[INET6_ADDRSTRLEN]; + uint32_t sof_sec, eof_sec; int rval = sscanf(line, FLOWSTATS_FORMAT, &f->ingressZone, &f->egressZone, &f->ingressIntf, &f->egressIntf, srcaddr, &f->initiatorPort, dstaddr, &f->responderPort, &f->opaque, &f->initiatorPkts, &f->responderPkts, &f->initiatorPktsDropped, &f->responderPktsDropped, &f->initiatorBytesDropped, &f->responderBytesDropped, &f->isQoSAppliedOnSrcIntf, - &f->sof_timestamp.tv_sec, &f->eof_timestamp.tv_sec, &f->vlan_tag, &f->address_space_id, + &sof_sec, &eof_sec, &f->vlan_tag, &f->address_space_id, &f->protocol); if (rval != FLOWSTATS_ITEMS) return false; + f->sof_timestamp.tv_sec = sof_sec; + f->eof_timestamp.tv_sec = eof_sec; + desc->msg.type = type; desc->msg.hdr_len = sizeof(desc->flowstats); desc->msg.hdr = &desc->flowstats; diff --git a/src/actions/act_react.cc b/src/actions/act_react.cc index 74910cc04..c0befba6e 100644 --- a/src/actions/act_react.cc +++ b/src/actions/act_react.cc @@ -218,8 +218,6 @@ bool ReactModule::set(const char*, Value& v, SnortConfig*) { if ( v.is("page") ) return getpage(v.get_string()); - else - return false; return true; } diff --git a/src/codecs/ip/cd_icmp4.cc b/src/codecs/ip/cd_icmp4.cc index 684de2cdb..9f31bb111 100644 --- a/src/codecs/ip/cd_icmp4.cc +++ b/src/codecs/ip/cd_icmp4.cc @@ -548,7 +548,7 @@ void Icmp4Codec::log(TextLog* const log, const uint8_t* raw_pkt, case icmp::IcmpType::ADDRESSREPLY: TextLog_Print(log, "ID: %u Seq: %u ADDRESS REPLY: 0x%08X", ntohs(icmph->s_icmp_id), ntohs(icmph->s_icmp_seq), - (u_int)ntohl(icmph->s_icmp_mask)); + ntohl(icmph->s_icmp_mask)); break; default: diff --git a/src/detection/tag.cc b/src/detection/tag.cc index b7c2c213a..6364511b0 100644 --- a/src/detection/tag.cc +++ b/src/detection/tag.cc @@ -562,7 +562,7 @@ int CheckTagList(Packet* p, Event& event, void** log_list) } } - if ( (u_int)(p->pkth->ts.tv_sec) > last_prune_time + TAG_PRUNE_QUANTUM ) + if ( (unsigned)(p->pkth->ts.tv_sec) > last_prune_time + TAG_PRUNE_QUANTUM ) { PruneTagCache(p->pkth->ts.tv_sec, 0); last_prune_time = p->pkth->ts.tv_sec; diff --git a/src/file_api/file_cache.cc b/src/file_api/file_cache.cc index b90f6b778..fd5815365 100644 --- a/src/file_api/file_cache.cc +++ b/src/file_api/file_cache.cc @@ -133,7 +133,7 @@ FileContext* FileCache::add(const FileHashKey& hashKey, int64_t timeout) struct timeval now; packet_gettimeofday(&now); - struct timeval time_to_add = { timeout, 0 }; + struct timeval time_to_add = { static_cast(timeout), 0 }; timeradd(&now, &time_to_add, &new_node.cache_expire_time); new_node.file = new FileContext; @@ -183,7 +183,7 @@ FileContext* FileCache::find(const FileHashKey& hashKey, int64_t timeout) } struct timeval next_expire_time; - struct timeval time_to_add = { timeout, 0 }; + struct timeval time_to_add = { static_cast(timeout), 0 }; timeradd(&now, &time_to_add, &next_expire_time); // Refresh the timer on the cache. @@ -311,7 +311,7 @@ bool FileCache::apply_verdict(Packet* p, FileContext* file_ctx, FileVerdict verd if (!timerisset(&file_ctx->pending_expire_time)) { - add_time = { lookup_timeout, 0 }; + add_time = { static_cast(lookup_timeout), 0 }; timeradd(&now, &add_time, &file_ctx->pending_expire_time); if (PacketTracer::is_active()) diff --git a/src/helpers/sigsafe.cc b/src/helpers/sigsafe.cc index 332b9dd51..2d273bee3 100644 --- a/src/helpers/sigsafe.cc +++ b/src/helpers/sigsafe.cc @@ -213,7 +213,7 @@ void SigSafePrinter::write_string(const char* str) { size_t len = strlen(str); if (fd >= 0) - write(fd, str, len); + (void) write(fd, str, len); else if (buf) { if (len > buf_size - buf_idx - 1) diff --git a/src/ips_options/asn1_util.cc b/src/ips_options/asn1_util.cc index caa87fa91..012eebbc7 100644 --- a/src/ips_options/asn1_util.cc +++ b/src/ips_options/asn1_util.cc @@ -152,7 +152,7 @@ void asn1_free_mem() ** tag numbers, etc. ** ** @param ASN1_DATA ptr to data -** @param u_int ptr to tag num +** @param unsigned ptr to tag num ** ** @return integer ** @@ -161,10 +161,10 @@ void asn1_free_mem() ** @retval ASN1_ERR_OOB encoding goes out of bounds ** @retval ASN1_ERR_NULL_MEM function arguments are NULL */ -static int asn1_decode_tag_num_ext(ASN1_DATA* asn1_data, u_int* tag_num) +static int asn1_decode_tag_num_ext(ASN1_DATA* asn1_data, unsigned* tag_num) { int iExtension = 0; - u_int new_tag_num; + unsigned new_tag_num; if (!asn1_data || !tag_num) return ASN1_ERR_NULL_MEM; @@ -305,11 +305,11 @@ static int asn1_decode_len_type(const uint8_t* data) ** @retval ASN1_ERR_OOB out of bounds condition ** @retval ASN1_OK function successful */ -static int asn1_decode_len_ext(ASN1_DATA* asn1_data, u_int* size) +static int asn1_decode_len_ext(ASN1_DATA* asn1_data, unsigned* size) { int iBytes; int iCtr; - u_int new_size; + unsigned new_size; if (!asn1_data || !size) return ASN1_ERR_NULL_MEM; @@ -487,10 +487,10 @@ static int asn1_is_eoc(ASN1_TYPE* asn1) ** @retval ASN1_ERR_INVALID_ARG invalid argument ** @retval ASN1_ERR_OOB out of bounds */ -static int asn1_decode_type(const uint8_t** data, u_int* len, ASN1_TYPE** asn1_type) +static int asn1_decode_type(const uint8_t** data, unsigned* len, ASN1_TYPE** asn1_type) { ASN1_DATA asn1data; - u_int uiRawLen; + unsigned uiRawLen; int iRet; if (!*data) @@ -638,7 +638,7 @@ valid: ** @retval ASN1_OK function successful ** @retval !ASN1_OK lots of error conditions, figure it out */ -int asn1_decode(const uint8_t* data, u_int len, ASN1_TYPE** asn1_type) +int asn1_decode(const uint8_t* data, unsigned len, ASN1_TYPE** asn1_type) { ASN1_TYPE* cur; ASN1_TYPE* child = nullptr; @@ -646,7 +646,7 @@ int asn1_decode(const uint8_t* data, u_int len, ASN1_TYPE** asn1_type) ASN1_TYPE* asnstack[ASN1_MAX_STACK]; const uint8_t* end; - u_int con_len; + unsigned con_len; int index = 0; int iRet; diff --git a/src/log/log_text.cc b/src/log/log_text.cc index 4fc942c0d..6dfc9bbe6 100644 --- a/src/log/log_text.cc +++ b/src/log/log_text.cc @@ -1005,7 +1005,7 @@ void LogICMPHeader(TextLog* log, Packet* p) case ICMP_ADDRESSREPLY: TextLog_Print(log, "ID: %u Seq: %u ADDRESS REPLY: 0x%08X", ntohs(p->ptrs.icmph->s_icmp_id), ntohs(p->ptrs.icmph->s_icmp_seq), - (u_int)ntohl(p->ptrs.icmph->s_icmp_mask)); + ntohl(p->ptrs.icmph->s_icmp_mask)); break; default: diff --git a/src/main/analyzer.cc b/src/main/analyzer.cc index 98c193b01..152736503 100644 --- a/src/main/analyzer.cc +++ b/src/main/analyzer.cc @@ -96,7 +96,7 @@ public: RetryQueue(unsigned interval_ms) { assert(interval_ms > 0); - interval = { interval_ms / 1000, static_cast((interval_ms % 1000) * 1000) }; + interval = { static_cast(interval_ms / 1000), static_cast((interval_ms % 1000) * 1000) }; } ~RetryQueue() @@ -575,7 +575,7 @@ void Analyzer::idle() struct timeval now, increment; unsigned int timeout = SnortConfig::get_conf()->daq_config->timeout; packet_gettimeofday(&now); - increment = { timeout / 1000, static_cast((timeout % 1000) * 1000) }; + increment = { static_cast(timeout / 1000), static_cast((timeout % 1000) * 1000) }; timeradd(&now, &increment, &now); packet_time_update(&now); diff --git a/src/network_inspectors/appid/appid_config.h b/src/network_inspectors/appid/appid_config.h index 8b06d9f3c..e9d56104c 100644 --- a/src/network_inspectors/appid/appid_config.h +++ b/src/network_inspectors/appid/appid_config.h @@ -61,8 +61,8 @@ public: uint32_t first_decrypted_packet_debug = 0; #endif bool log_stats = false; - unsigned long app_stats_period = 300; - unsigned long app_stats_rollover_size = 0; + uint32_t app_stats_period = 300; + uint32_t app_stats_rollover_size = 0; const char* app_detector_dir = nullptr; std::string tp_appid_path = ""; std::string tp_appid_config = ""; diff --git a/src/network_inspectors/packet_tracer/packet_tracer.cc b/src/network_inspectors/packet_tracer/packet_tracer.cc index 59e51dc97..cf16d8163 100644 --- a/src/network_inspectors/packet_tracer/packet_tracer.cc +++ b/src/network_inspectors/packet_tracer/packet_tracer.cc @@ -129,7 +129,7 @@ void PacketTracer::log(const char* format, ...) va_list ap; va_start(ap, format); - s_pkt_trace->log(format, ap); + s_pkt_trace->log_va(format, ap); va_end(ap); } @@ -140,7 +140,7 @@ void PacketTracer::log(TracerMute mute, const char* format, ...) va_list ap; va_start(ap, format); - s_pkt_trace->log(format, ap); + s_pkt_trace->log_va(format, ap); va_end(ap); s_pkt_trace->mutes[mute] = true; @@ -240,7 +240,7 @@ PacketTracer::~PacketTracer() } } -void PacketTracer::log(const char* format, va_list ap) +void PacketTracer::log_va(const char* format, va_list ap) { // FIXIT-L Need to find way to add 'PktTracerDbg' string as part of format string. std::string dbg_str; diff --git a/src/network_inspectors/packet_tracer/packet_tracer.h b/src/network_inspectors/packet_tracer/packet_tracer.h index 413cb3514..8aae7a041 100644 --- a/src/network_inspectors/packet_tracer/packet_tracer.h +++ b/src/network_inspectors/packet_tracer/packet_tracer.h @@ -94,7 +94,7 @@ protected: template static void _thread_init(); // non-static functions - void log(const char*, va_list); + void log_va(const char*, va_list); void add_ip_header_info(const snort::Packet&); void add_eth_header_info(const snort::Packet&); void add_packet_type_info(const snort::Packet&); diff --git a/src/service_inspectors/http2_inspect/http2_inspect.cc b/src/service_inspectors/http2_inspect/http2_inspect.cc index cfc889052..27e304f7b 100644 --- a/src/service_inspectors/http2_inspect/http2_inspect.cc +++ b/src/service_inspectors/http2_inspect/http2_inspect.cc @@ -38,7 +38,9 @@ using namespace snort; using namespace HttpCommon; using namespace Http2Enums; +#ifdef REG_TEST static void print_flow_issues(FILE*, Http2Infractions* const, Http2EventGen* const); +#endif Http2Inspect::Http2Inspect(const Http2ParaList* params_) : params(params_) { @@ -177,9 +179,11 @@ void Http2Inspect::clear(Packet* p) stream->clear_frame(); } +#ifdef REG_TEST static void print_flow_issues(FILE* output, Http2Infractions* const infractions, Http2EventGen* const events) { fprintf(output, "Infractions: %016" PRIx64 ", Events: %016" PRIx64 "\n\n", infractions->get_raw(), events->get_raw()); } +#endif diff --git a/src/utils/util.cc b/src/utils/util.cc index 0694efbb1..d7e0f527f 100644 --- a/src/utils/util.cc +++ b/src/utils/util.cc @@ -187,14 +187,14 @@ void ts_print(const struct timeval* tvp, char* timebuf) "%02d/%02d/%02d-%02d:%02d:%02d.%06u", year, lt->tm_mon + 1, lt->tm_mday, s / 3600, (s % 3600) / 60, s % 60, - (u_int)tvp->tv_usec); + (unsigned)tvp->tv_usec); } else { (void)SnortSnprintf(timebuf, TIMEBUF_SIZE, "%02d/%02d-%02d:%02d:%02d.%06u", lt->tm_mon + 1, lt->tm_mday, s / 3600, (s % 3600) / 60, s % 60, - (u_int)tvp->tv_usec); + (unsigned)tvp->tv_usec); } }