From: Michael Altizer (mialtize) Date: Mon, 25 Nov 2019 23:47:26 +0000 (+0000) Subject: Merge pull request #1864 in SNORT/snort3 from ~MIALTIZE/snort3:sfip_copy to master X-Git-Tag: 3.0.0-266~14 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c62211ad9ed5e34ec0675fcd2d51dcff891ad5f5;p=thirdparty%2Fsnort3.git Merge pull request #1864 in SNORT/snort3 from ~MIALTIZE/snort3:sfip_copy to master Squashed commit of the following: commit 75e04dbd8822d123436d078ed6a8c9264e5fe780 Author: Michael Altizer Date: Mon Nov 25 12:51:01 2019 -0500 port_scan: Only update scanner for ICMP if we have one commit 79a2e35cf97761f748bd50070c82fb5cc40dd97a Author: Michael Altizer Date: Tue Nov 5 17:52:27 2019 -0500 flow: Clean up unit test compiler warnings commit 2c8c1f85b7c24d2c20edc803508018306362ca39 Author: Michael Altizer Date: Fri Sep 6 16:05:32 2019 -0400 sfip: Replace copy setter with implicit copy constructor Also, add some more padding guards and give SfCidr a default constructor. --- diff --git a/src/detection/tag.cc b/src/detection/tag.cc index bdca30db0..a2903fa70 100644 --- a/src/detection/tag.cc +++ b/src/detection/tag.cc @@ -367,8 +367,8 @@ static void AddTagNode(Packet* p, TagData* tag, int mode, uint32_t now, return; } - idx->key.sip.set(*p->ptrs.ip_api.get_src()); - idx->key.dip.set(*p->ptrs.ip_api.get_dst()); + idx->key.sip = *p->ptrs.ip_api.get_src(); + idx->key.dip = *p->ptrs.ip_api.get_dst(); idx->key.sp = p->ptrs.sp; idx->key.dp = p->ptrs.dp; idx->metric = tag->tag_metric; @@ -453,8 +453,8 @@ int CheckTagList(Packet* p, Event& event, void** log_list) return 0; } - idx.key.sip.set(*p->ptrs.ip_api.get_src()); - idx.key.dip.set(*p->ptrs.ip_api.get_dst()); + idx.key.sip = *p->ptrs.ip_api.get_src(); + idx.key.dip = *p->ptrs.ip_api.get_dst(); idx.key.sp = p->ptrs.sp; idx.key.dp = p->ptrs.dp; @@ -463,8 +463,8 @@ int CheckTagList(Packet* p, Event& event, void** log_list) if (returned == nullptr) { - idx.key.dip.set(*p->ptrs.ip_api.get_src()); - idx.key.sip.set(*p->ptrs.ip_api.get_dst()); + idx.key.dip = *p->ptrs.ip_api.get_src(); + idx.key.sip = *p->ptrs.ip_api.get_dst(); idx.key.dp = p->ptrs.sp; idx.key.sp = p->ptrs.dp; @@ -480,7 +480,7 @@ int CheckTagList(Packet* p, Event& event, void** log_list) ** Only switch sip, because that's all we check for ** the host tags. */ - idx.key.sip.set(*p->ptrs.ip_api.get_src()); + idx.key.sip = *p->ptrs.ip_api.get_src(); returned = (TagNode*)xhash_find(host_tag_cache_ptr, &idx); } diff --git a/src/file_api/file_cache.cc b/src/file_api/file_cache.cc index ea25c488f..8e94f8969 100644 --- a/src/file_api/file_cache.cc +++ b/src/file_api/file_cache.cc @@ -201,8 +201,8 @@ FileContext* FileCache::get_file(Flow* flow, uint64_t file_id, bool to_create, int64_t timeout) { FileHashKey hashKey; - hashKey.dip.set(flow->client_ip); - hashKey.sip.set(flow->server_ip); + hashKey.dip = flow->client_ip; + hashKey.sip = flow->server_ip; hashKey.padding = 0; hashKey.file_id = file_id; FileContext* file = find(hashKey, timeout); diff --git a/src/flow/flow_control.cc b/src/flow/flow_control.cc index f700326a7..53f3d22a1 100644 --- a/src/flow/flow_control.cc +++ b/src/flow/flow_control.cc @@ -200,8 +200,8 @@ static bool is_bidirectional(const Flow* flow) static void init_roles_ip(const Packet* p, Flow* flow) { flow->ssn_state.direction = FROM_CLIENT; - flow->client_ip.set(*p->ptrs.ip_api.get_src()); - flow->server_ip.set(*p->ptrs.ip_api.get_dst()); + flow->client_ip = *p->ptrs.ip_api.get_src(); + flow->server_ip = *p->ptrs.ip_api.get_dst(); } static void init_roles_tcp(const Packet* p, Flow* flow) @@ -209,33 +209,33 @@ static void init_roles_tcp(const Packet* p, Flow* flow) if ( p->ptrs.tcph->is_syn_only() ) { flow->ssn_state.direction = FROM_CLIENT; - flow->client_ip.set(*p->ptrs.ip_api.get_src()); + flow->client_ip = *p->ptrs.ip_api.get_src(); flow->client_port = p->ptrs.sp; - flow->server_ip.set(*p->ptrs.ip_api.get_dst()); + flow->server_ip = *p->ptrs.ip_api.get_dst(); flow->server_port = p->ptrs.dp; } else if ( p->ptrs.tcph->is_syn_ack() ) { flow->ssn_state.direction = FROM_SERVER; - flow->client_ip.set(*p->ptrs.ip_api.get_dst()); + flow->client_ip = *p->ptrs.ip_api.get_dst(); flow->client_port = p->ptrs.dp; - flow->server_ip.set(*p->ptrs.ip_api.get_src()); + flow->server_ip = *p->ptrs.ip_api.get_src(); flow->server_port = p->ptrs.sp; } else if (p->ptrs.sp > p->ptrs.dp) { flow->ssn_state.direction = FROM_CLIENT; - flow->client_ip.set(*p->ptrs.ip_api.get_src()); + flow->client_ip = *p->ptrs.ip_api.get_src(); flow->client_port = p->ptrs.sp; - flow->server_ip.set(*p->ptrs.ip_api.get_dst()); + flow->server_ip = *p->ptrs.ip_api.get_dst(); flow->server_port = p->ptrs.dp; } else { flow->ssn_state.direction = FROM_SERVER; - flow->client_ip.set(*p->ptrs.ip_api.get_dst()); + flow->client_ip = *p->ptrs.ip_api.get_dst(); flow->client_port = p->ptrs.dp; - flow->server_ip.set(*p->ptrs.ip_api.get_src()); + flow->server_ip = *p->ptrs.ip_api.get_src(); flow->server_port = p->ptrs.sp; } } @@ -243,9 +243,9 @@ static void init_roles_tcp(const Packet* p, Flow* flow) static void init_roles_udp(const Packet* p, Flow* flow) { flow->ssn_state.direction = FROM_CLIENT; - flow->client_ip.set(*p->ptrs.ip_api.get_src()); + flow->client_ip = *p->ptrs.ip_api.get_src(); flow->client_port = p->ptrs.sp; - flow->server_ip.set(*p->ptrs.ip_api.get_dst()); + flow->server_ip = *p->ptrs.ip_api.get_dst(); flow->server_port = p->ptrs.dp; } @@ -254,17 +254,17 @@ static void init_roles_user(const Packet* p, Flow* flow) if ( p->ptrs.decode_flags & DECODE_C2S ) { flow->ssn_state.direction = FROM_CLIENT; - flow->client_ip.set(*p->ptrs.ip_api.get_src()); + flow->client_ip = *p->ptrs.ip_api.get_src(); flow->client_port = p->ptrs.sp; - flow->server_ip.set(*p->ptrs.ip_api.get_dst()); + flow->server_ip = *p->ptrs.ip_api.get_dst(); flow->server_port = p->ptrs.dp; } else { flow->ssn_state.direction = FROM_SERVER; - flow->client_ip.set(*p->ptrs.ip_api.get_dst()); + flow->client_ip = *p->ptrs.ip_api.get_dst(); flow->client_port = p->ptrs.dp; - flow->server_ip.set(*p->ptrs.ip_api.get_src()); + flow->server_ip = *p->ptrs.ip_api.get_src(); flow->server_port = p->ptrs.sp; } } diff --git a/src/flow/test/flow_cache_test.cc b/src/flow/test/flow_cache_test.cc index 5ce730288..afcc5e548 100644 --- a/src/flow/test/flow_cache_test.cc +++ b/src/flow/test/flow_cache_test.cc @@ -16,7 +16,7 @@ // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. //-------------------------------------------------------------------------- -// flow_control_test.cc author Shivakrishna Mulka +// flow_cache_test.cc author davis mcpherson #ifdef HAVE_CONFIG_H #include "config.h" @@ -55,9 +55,9 @@ THREAD_LOCAL PacketTracer* snort::s_pkt_trace = nullptr; PacketTracer::PacketTracer() { } PacketTracer::~PacketTracer() { } -void PacketTracer::log(const char* format, ...) { } +void PacketTracer::log(const char*, ...) { } void PacketTracer::open_file() { } -void PacketTracer::dump_to_daq(Packet* p) { } +void PacketTracer::dump_to_daq(Packet*) { } void PacketTracer::reset() { } Packet::Packet(bool) { } Packet::~Packet() { } @@ -66,30 +66,30 @@ Flow::~Flow() { } DetectionEngine::DetectionEngine() { } ExpectCache::~ExpectCache() { } DetectionEngine::~DetectionEngine() { } -void Flow::init(PktType type) { } +void Flow::init(PktType) { } void Flow::term() { } void Flow::reset(bool) { } -void set_network_policy(SnortConfig* sc, unsigned i) { } -void DataBus::publish(const char* key, const uint8_t* buf, unsigned len, Flow* f) { } -void DataBus::publish(const char* key, Packet* p, Flow* f) { } +void set_network_policy(SnortConfig*, unsigned) { } +void DataBus::publish(const char*, const uint8_t*, unsigned, Flow*) { } +void DataBus::publish(const char*, Packet*, Flow*) { } SnortConfig* SnortConfig::get_conf() { return nullptr; } -void Flow::set_direction(Packet* p) { } -void set_inspection_policy(SnortConfig* sc, unsigned i) { } -void set_ips_policy(SnortConfig* sc, unsigned i) { } -void Flow::set_mpls_layer_per_dir(Packet* p) { } -void DetectionEngine::disable_all(Packet* p) { } -void Stream::drop_traffic(const Packet* p, char dir) { } -bool Stream::blocked_flow(Packet* p) { return true; } -ExpectCache::ExpectCache(uint32_t max) { } -bool ExpectCache::check(Packet* p, Flow* lws) { return true; } -bool ExpectCache::is_expected(Packet* p) { return true; } -Flow* HighAvailabilityManager::import(Packet& p, FlowKey& key) { return nullptr; } -bool HighAvailabilityManager::in_standby(Flow* flow) { return true; } -SfIpRet SfIp::set(void const*, int) { return SfIpRet::SFIP_SUCCESS; } +void Flow::set_direction(Packet*) { } +void set_inspection_policy(SnortConfig*, unsigned) { } +void set_ips_policy(SnortConfig*, unsigned) { } +void Flow::set_mpls_layer_per_dir(Packet*) { } +void DetectionEngine::disable_all(Packet*) { } +void Stream::drop_traffic(const Packet*, char) { } +bool Stream::blocked_flow(Packet*) { return true; } +ExpectCache::ExpectCache(uint32_t) { } +bool ExpectCache::check(Packet*, Flow*) { return true; } +bool ExpectCache::is_expected(Packet*) { return true; } +Flow* HighAvailabilityManager::import(Packet&, FlowKey&) { return nullptr; } +bool HighAvailabilityManager::in_standby(Flow*) { return true; } +SfIpRet SfIp::set(void const*, int) { return SFIP_SUCCESS; } namespace memory { -void MemoryCap::update_allocations(unsigned long m) { } -void MemoryCap::update_deallocations(unsigned long m) { } +void MemoryCap::update_allocations(unsigned long) { } +void MemoryCap::update_deallocations(unsigned long) { } bool MemoryCap::over_threshold() { return true; } } @@ -97,7 +97,7 @@ namespace snort { namespace layer { -const vlan::VlanTagHdr* get_vlan_layer(const Packet* const p) { return nullptr; } +const vlan::VlanTagHdr* get_vlan_layer(const Packet* const) { return nullptr; } } time_t packet_time() { return 0; } } @@ -110,16 +110,11 @@ uint32_t IpApi::id() const { return 0; } } } -void Stream::stop_inspection( - Flow* flow, Packet* p, char dir, - int32_t /*bytes*/, int /*response*/) { } +void Stream::stop_inspection(Flow*, Packet*, char, int32_t, int) { } -int ExpectCache::add_flow(const Packet *ctrlPkt, - PktType type, IpProtocol ip_proto, - const SfIp* cliIP, uint16_t cliPort, - const SfIp* srvIP, uint16_t srvPort, - char direction, FlowData* fd, SnortProtocolId snort_protocol_id) +int ExpectCache::add_flow(const Packet*, PktType, IpProtocol, const SfIp*, uint16_t, + const SfIp*, uint16_t, char, FlowData*, SnortProtocolId) { return 1; } @@ -146,7 +141,6 @@ TEST(flow_prune, blocked_flow_prune_flows) fcg.max_flows = 2; FlowCache *cache = new FlowCache(fcg); - Flow *list_flows[fcg.max_flows]; int first_port = 1; int second_port = 2; @@ -156,15 +150,15 @@ TEST(flow_prune, blocked_flow_prune_flows) flow_key.pkt_type = PktType::TCP; flow_key.port_l = first_port; - list_flows[0] = cache->allocate(&flow_key); + cache->allocate(&flow_key); flow_key.port_l = second_port; - list_flows[1] = cache->allocate(&flow_key); + Flow* flow = cache->allocate(&flow_key); CHECK(cache->get_count() == fcg.max_flows); // block the second flow - list_flows[1]->block(); + flow->block(); // Access the first flow // This will move it to the MRU @@ -191,13 +185,12 @@ TEST(flow_prune, prune_flows) FlowCache *cache = new FlowCache(fcg); int port = 1; - Flow *list_flows[fcg.max_flows]; - for ( int i = 0; i < fcg.max_flows; i++ ) + for ( unsigned i = 0; i < fcg.max_flows; i++ ) { FlowKey flow_key; flow_key.port_l = port++; flow_key.pkt_type = PktType::TCP; - list_flows[i] = cache->allocate(&flow_key); + cache->allocate(&flow_key); } CHECK(cache->get_count() == fcg.max_flows); @@ -217,13 +210,12 @@ TEST(flow_prune, prune_all_flows) FlowCache *cache = new FlowCache(fcg); int port = 1; - Flow *list_flows[fcg.max_flows]; - for ( int i = 0; i < fcg.max_flows; i++ ) + for ( unsigned i = 0; i < fcg.max_flows; i++ ) { FlowKey flow_key; flow_key.port_l = port++; flow_key.pkt_type = PktType::TCP; - list_flows[i] = cache->allocate(&flow_key); + cache->allocate(&flow_key); } CHECK(cache->get_count() == fcg.max_flows); @@ -242,14 +234,13 @@ TEST(flow_prune, prune_all_blocked_flows) FlowCache *cache = new FlowCache(fcg); int port = 1; - Flow *list_flows[fcg.max_flows]; - for ( int i = 0; i < fcg.max_flows; i++ ) + for ( unsigned i = 0; i < fcg.max_flows; i++ ) { FlowKey flow_key; flow_key.port_l = port++; flow_key.pkt_type = PktType::TCP; - list_flows[i] = cache->allocate(&flow_key); - list_flows[i]->block(); + Flow* flow = cache->allocate(&flow_key); + flow->block(); } CHECK(cache->get_count() == fcg.max_flows); diff --git a/src/flow/test/flow_control_test.cc b/src/flow/test/flow_control_test.cc index 5db1996f1..0a9bf5a8e 100644 --- a/src/flow/test/flow_control_test.cc +++ b/src/flow/test/flow_control_test.cc @@ -69,16 +69,16 @@ DetectionEngine::DetectionEngine() = default; DetectionEngine::~DetectionEngine() = default; ExpectCache::~ExpectCache() = default; unsigned FlowCache::purge() { return 1; } -Flow* FlowCache::find(const FlowKey* key) { return nullptr; } +Flow* FlowCache::find(const FlowKey*) { return nullptr; } Flow* FlowCache::allocate(const FlowKey*) { return nullptr; } -void FlowCache::push(Flow* flow) { } +void FlowCache::push(Flow*) { } bool FlowCache::prune_one(PruneReason, bool) { return true; } unsigned FlowCache::delete_flows(unsigned) { return 0; } -unsigned FlowCache::timeout(unsigned num_flows, time_t thetime) { return 1; } -void Flow::init(PktType type) { } -void set_network_policy(SnortConfig* sc, unsigned i) { } -void DataBus::publish(const char* key, const uint8_t* buf, unsigned len, Flow* f) { } -void DataBus::publish(const char* key, Packet* p, Flow* f) { } +unsigned FlowCache::timeout(unsigned, time_t) { return 1; } +void Flow::init(PktType) { } +void set_network_policy(SnortConfig*, unsigned) { } +void DataBus::publish(const char*, const uint8_t*, unsigned, Flow*) { } +void DataBus::publish(const char*, Packet*, Flow*) { } SnortConfig* SnortConfig::get_conf() { return nullptr; } void FlowCache::unlink_uni(Flow*) { } void Flow::set_direction(Packet*) { } diff --git a/src/network_inspectors/appid/app_forecast.h b/src/network_inspectors/appid/app_forecast.h index 9da1d4e21..c1a524ca8 100644 --- a/src/network_inspectors/appid/app_forecast.h +++ b/src/network_inspectors/appid/app_forecast.h @@ -23,8 +23,11 @@ #define APP_FORECAST_H #include + #include "flow/flow.h" #include "protocols/packet.h" +#include "utils/cpp_macros.h" + #include "appid_types.h" #include "application_ids.h" @@ -48,6 +51,7 @@ struct AFElement AppId target; }; +PADDING_GUARD_BEGIN class AFActKey { public: @@ -68,6 +72,7 @@ class AFActKey uint32_t ip[4]; AppId forecast; }; +PADDING_GUARD_END struct AFActVal { diff --git a/src/network_inspectors/appid/appid_debug.h b/src/network_inspectors/appid/appid_debug.h index c33c9a86b..907c7c211 100644 --- a/src/network_inspectors/appid/appid_debug.h +++ b/src/network_inspectors/appid/appid_debug.h @@ -68,9 +68,9 @@ struct AppIdDebugSessionConstraints inline void AppIdDebugSessionConstraints::set(const AppIdDebugSessionConstraints& src) { if ((sip_flag = src.sip_flag)) - sip.set(src.sip); + sip = src.sip; if ((dip_flag = src.dip_flag)) - dip.set(src.dip); + dip = src.dip; sport = src.sport; dport = src.dport; protocol = src.protocol; diff --git a/src/network_inspectors/appid/host_port_app_cache.cc b/src/network_inspectors/appid/host_port_app_cache.cc index b3fdde38e..d7568b4b8 100644 --- a/src/network_inspectors/appid/host_port_app_cache.cc +++ b/src/network_inspectors/appid/host_port_app_cache.cc @@ -79,7 +79,7 @@ HostPortVal* HostPortCache::find(const SfIp* ip, uint16_t port, IpProtocol proto { HostPortKey hk; - hk.ip.set(*ip); + hk.ip = *ip; hk.port = port; hk.proto = protocol; @@ -97,7 +97,7 @@ bool HostPortCache::add(const SfIp* ip, uint16_t port, IpProtocol proto, unsigne HostPortKey hk; HostPortVal hv; - hk.ip.set(*ip); + hk.ip = *ip; hk.port = port; hk.proto = proto; diff --git a/src/network_inspectors/appid/service_state.h b/src/network_inspectors/appid/service_state.h index eeb01dd8a..5fd1a6f1b 100644 --- a/src/network_inspectors/appid/service_state.h +++ b/src/network_inspectors/appid/service_state.h @@ -27,9 +27,10 @@ #include "protocols/protocol_ids.h" #include "sfip/sf_ip.h" +#include "utils/cpp_macros.h" +#include "utils/util.h" #include "service_plugins/service_discovery.h" -#include "utils/util.h" class ServiceDetector; @@ -159,6 +160,7 @@ public: }; +PADDING_GUARD_BEGIN class AppIdServiceStateKey { public: @@ -174,7 +176,7 @@ public: AppIdServiceStateKey(const snort::SfIp* ip_in, IpProtocol proto_in, uint16_t port_in, bool decrypted) { - ip.set(*ip_in); + ip = *ip_in; port = port_in; level = decrypted != 0; proto = proto_in; @@ -191,8 +193,9 @@ private: uint16_t port; uint32_t level; IpProtocol proto; - char padding[3]; + uint8_t padding[3]; }; +PADDING_GUARD_END class MapList diff --git a/src/network_inspectors/appid/test/appid_discovery_test.cc b/src/network_inspectors/appid/test/appid_discovery_test.cc index 356a6af41..f2a02f2ce 100644 --- a/src/network_inspectors/appid/test/appid_discovery_test.cc +++ b/src/network_inspectors/appid/test/appid_discovery_test.cc @@ -94,8 +94,8 @@ namespace ip void IpApi::set(const SfIp& sip, const SfIp& dip) { type = IAT_DATA; - src.set(sip); - dst.set(dip); + src = sip; + dst = dip; iph = nullptr; } } // namespace ip diff --git a/src/network_inspectors/appid/test/appid_http_session_test.cc b/src/network_inspectors/appid/test/appid_http_session_test.cc index 96fb2489a..910119285 100644 --- a/src/network_inspectors/appid/test/appid_http_session_test.cc +++ b/src/network_inspectors/appid/test/appid_http_session_test.cc @@ -269,7 +269,7 @@ TEST(appid_http_session, http_field_ids_enum_order) TEST(appid_http_session, set_tun_dest) { const TunnelDest* tun_dest = nullptr; - SfIp tun_des, ipv6; + SfIp ipv6; ipv6.set("2001:db8:85a3::8a2e:370:7334"); AppidChangeBits change_bits; hsession.set_field(REQ_URI_FID, new std::string("[2001:db8:85a3::8a2e:370:7334]:51413"), change_bits); diff --git a/src/network_inspectors/packet_tracer/packet_tracer.h b/src/network_inspectors/packet_tracer/packet_tracer.h index a5247a40e..d70e04df1 100644 --- a/src/network_inspectors/packet_tracer/packet_tracer.h +++ b/src/network_inspectors/packet_tracer/packet_tracer.h @@ -67,9 +67,9 @@ struct PTSessionConstraints inline void PTSessionConstraints::set(const PTSessionConstraints& src) { if ((sip_flag = src.sip_flag)) - sip.set(src.sip); + sip = src.sip; if ((dip_flag = src.dip_flag)) - dip.set(src.dip); + dip = src.dip; sport = src.sport; dport = src.dport; protocol = src.protocol; diff --git a/src/network_inspectors/packet_tracer/packet_tracer_module.cc b/src/network_inspectors/packet_tracer/packet_tracer_module.cc index 47cfaa404..9f7ab449f 100644 --- a/src/network_inspectors/packet_tracer/packet_tracer_module.cc +++ b/src/network_inspectors/packet_tracer/packet_tracer_module.cc @@ -129,13 +129,13 @@ static int enable(lua_State* L) if (sip.is_set()) { - constraints.sip.set(sip); + constraints.sip = sip; constraints.sip_flag = true; } if (dip.is_set()) { - constraints.dip.set(dip); + constraints.dip = dip; constraints.dip_flag = true; } diff --git a/src/network_inspectors/perf_monitor/flow_ip_tracker.cc b/src/network_inspectors/perf_monitor/flow_ip_tracker.cc index a35e09ab8..8f074a209 100644 --- a/src/network_inspectors/perf_monitor/flow_ip_tracker.cc +++ b/src/network_inspectors/perf_monitor/flow_ip_tracker.cc @@ -45,14 +45,14 @@ FlowStateValue* FlowIPTracker::find_stats(const SfIp* src_addr, const SfIp* dst_ if (src_addr->less_than(*dst_addr)) { - key.ipA.set(*src_addr); - key.ipB.set(*dst_addr); + key.ipA = *src_addr; + key.ipB = *dst_addr; *swapped = 0; } else { - key.ipA.set(*dst_addr); - key.ipB.set(*src_addr); + key.ipA = *dst_addr; + key.ipB = *src_addr; *swapped = 1; } diff --git a/src/network_inspectors/port_scan/ps_detect.cc b/src/network_inspectors/port_scan/ps_detect.cc index 0cb3bfd92..e2f48a073 100644 --- a/src/network_inspectors/port_scan/ps_detect.cc +++ b/src/network_inspectors/port_scan/ps_detect.cc @@ -314,9 +314,9 @@ bool PortScan::ps_tracker_lookup( key.scanner.clear(); if (ps_pkt->reverse_pkt) - key.scanned.set(*p->ptrs.ip_api.get_src()); + key.scanned = *p->ptrs.ip_api.get_src(); else - key.scanned.set(*p->ptrs.ip_api.get_dst()); + key.scanned = *p->ptrs.ip_api.get_dst(); *scanned = ps_tracker_get(&key); } @@ -327,9 +327,9 @@ bool PortScan::ps_tracker_lookup( key.scanned.clear(); if (ps_pkt->reverse_pkt) - key.scanner.set(*p->ptrs.ip_api.get_dst()); + key.scanner = *p->ptrs.ip_api.get_dst(); else - key.scanner.set(*p->ptrs.ip_api.get_src()); + key.scanner = *p->ptrs.ip_api.get_src(); *scanner = ps_tracker_get(&key); } @@ -470,7 +470,7 @@ int PortScan::ps_proto_update(PS_PROTO* proto, int ps_cnt, int pri_cnt, if (!proto->u_ips.equals(*ip, false)) { proto->u_ip_count++; - proto->u_ips.set(*ip); + proto->u_ips = *ip; } /* we need to do the IP comparisons in host order */ @@ -478,21 +478,21 @@ int PortScan::ps_proto_update(PS_PROTO* proto, int ps_cnt, int pri_cnt, if (proto->low_ip.is_set()) { if (proto->low_ip.greater_than(*ip)) - proto->low_ip.set(*ip); + proto->low_ip = *ip; } else { - proto->low_ip.set(*ip); + proto->low_ip = *ip; } if (proto->high_ip.is_set()) { if (proto->high_ip.less_than(*ip)) - proto->high_ip.set(*ip); + proto->high_ip = *ip; } else { - proto->high_ip.set(*ip); + proto->high_ip = *ip; } if (proto->u_ports != port) @@ -803,9 +803,6 @@ void PortScan::ps_tracker_update_icmp( Packet* p = (Packet*)ps_pkt->pkt; unsigned win = config->icmp_window; - SfIp cleared; - cleared.clear(); - if (p->ptrs.icmph) { switch (p->ptrs.icmph->type) @@ -814,13 +811,22 @@ void PortScan::ps_tracker_update_icmp( case ICMP_TIMESTAMP: case ICMP_ADDRESS: case ICMP_INFO_REQUEST: - ps_proto_update(&scanner->proto, 1, 0, win, - p->ptrs.ip_api.get_dst(), 0, packet_time()); + if (scanner) + { + ps_proto_update(&scanner->proto, 1, 0, win, + p->ptrs.ip_api.get_dst(), 0, packet_time()); + } break; case ICMP_DEST_UNREACH: - ps_proto_update(&scanner->proto, 0, 1, win, &cleared, 0, 0); - scanner->priority_node = 1; + if (scanner) + { + SfIp cleared; + cleared.clear(); + + ps_proto_update(&scanner->proto, 0, 1, win, &cleared, 0, 0); + scanner->priority_node = 1; + } break; default: diff --git a/src/protocols/ip.cc b/src/protocols/ip.cc index 3ce7fbc61..b7e37061f 100644 --- a/src/protocols/ip.cc +++ b/src/protocols/ip.cc @@ -58,8 +58,8 @@ void IpApi::set(const ip::IP6Hdr* h6) void IpApi::set(const SfIp& sip, const SfIp& dip) { type = IAT_DATA; - src.set(sip); - dst.set(dip); + src = sip; + dst = dip; iph = nullptr; } @@ -85,8 +85,8 @@ bool IpApi::set(const uint8_t* raw_ip_data) void IpApi::update(const SfIp& sip, const SfIp& dip) { - src.set(sip); - dst.set(dip); + src = sip; + dst = dip; } uint16_t IpApi::tos() const diff --git a/src/service_inspectors/ftp_telnet/ftpp_si.cc b/src/service_inspectors/ftp_telnet/ftpp_si.cc index 7d7ba57cb..414bef68a 100644 --- a/src/service_inspectors/ftp_telnet/ftpp_si.cc +++ b/src/service_inspectors/ftp_telnet/ftpp_si.cc @@ -519,8 +519,8 @@ int FTPsessionInspection( */ int SetSiInput(FTPP_SI_INPUT* SiInput, Packet* p) { - SiInput->sip.set(*p->ptrs.ip_api.get_src()); - SiInput->dip.set(*p->ptrs.ip_api.get_dst()); + SiInput->sip = *p->ptrs.ip_api.get_src(); + SiInput->dip = *p->ptrs.ip_api.get_dst(); SiInput->sport = p->ptrs.sp; SiInput->dport = p->ptrs.dp; diff --git a/src/service_inspectors/ftp_telnet/pp_ftp.cc b/src/service_inspectors/ftp_telnet/pp_ftp.cc index bf36435e4..2a9aff09c 100644 --- a/src/service_inspectors/ftp_telnet/pp_ftp.cc +++ b/src/service_inspectors/ftp_telnet/pp_ftp.cc @@ -1059,13 +1059,13 @@ static int do_stateful_checks(FTP_SESSION* session, Packet* p, if (iRet == FTPP_SUCCESS) { if (!ipAddr.is_set()) - session->serverIP.set(*p->ptrs.ip_api.get_src()); + session->serverIP = *p->ptrs.ip_api.get_src(); else { session->serverIP = ipAddr; } session->serverPort = port; - session->clientIP.set(*p->ptrs.ip_api.get_dst()); + session->clientIP = *p->ptrs.ip_api.get_dst(); session->clientPort = 0; if ((FileService::get_max_file_depth() > 0) || @@ -1136,7 +1136,7 @@ static int do_stateful_checks(FTP_SESSION* session, Packet* p, /* Server is listening/sending from its own IP, * FTP Port -1 */ /* Client IP, Port specified via PORT command */ - session->serverIP.set(*p->ptrs.ip_api.get_src()); + session->serverIP = *p->ptrs.ip_api.get_src(); /* Can't necessarily guarantee this, especially * in the case of a proxy'd connection where the diff --git a/src/sfip/sf_cidr.h b/src/sfip/sf_cidr.h index 283812219..26129dbb8 100644 --- a/src/sfip/sf_cidr.h +++ b/src/sfip/sf_cidr.h @@ -32,6 +32,11 @@ namespace snort struct SO_PUBLIC SfCidr { + /* + * Constructors + */ + SfCidr() = default; + /* * Modifiers (incl. convenience ones that delegate to addr) */ @@ -74,13 +79,13 @@ inline void SfCidr::clear() inline void SfCidr::set(const SfCidr& src) { - addr.set(src.addr); + addr = src.addr; bits = src.bits; } inline void SfCidr::set(const SfIp& src) { - addr.set(src); + addr = src; bits = 128; } diff --git a/src/sfip/sf_ip.h b/src/sfip/sf_ip.h index 6eef4fa21..15caec61f 100644 --- a/src/sfip/sf_ip.h +++ b/src/sfip/sf_ip.h @@ -35,6 +35,7 @@ namespace snort using SfIpString = char[INET6_ADDRSTRLEN]; struct SfCidr; + struct SO_PUBLIC SfIp { /* @@ -47,7 +48,6 @@ struct SO_PUBLIC SfIp * Modifiers */ void clear(); - void set(const SfIp& src); SfIpRet set(const char* src, uint16_t* srcBits = nullptr); /* Sets to a raw source IP (4 or 16 bytes, according to family) */ SfIpRet set(const void* src, int fam); @@ -122,17 +122,6 @@ inline void SfIp::clear() ip32[0] = ip32[1] = ip32[2] = ip32[3] = 0; } -inline void SfIp::set(const SfIp& src) -{ - /* This is a simple structure, so is this really better than - *this = src?. */ - family = src.family; - ip32[0] = src.ip32[0]; - ip32[1] = src.ip32[1]; - ip32[2] = src.ip32[2]; - ip32[3] = src.ip32[3]; -} - inline uint16_t SfIp::get_family() const { return family; diff --git a/src/sfip/sfip_test.cc b/src/sfip/sfip_test.cc index 56a085faa..b95e6d932 100644 --- a/src/sfip/sfip_test.cc +++ b/src/sfip/sfip_test.cc @@ -373,7 +373,7 @@ static int CopyCheck(int i) SfIp ip1, ip2; ip1.set(f->arg1); - ip2.set(ip1); + ip2 = ip1; return !memcmp(&ip1, &ip2, sizeof(ip1)); } diff --git a/src/utils/util_net.cc b/src/utils/util_net.cc index cf5a9eca2..b5ce3b700 100644 --- a/src/utils/util_net.cc +++ b/src/utils/util_net.cc @@ -44,12 +44,11 @@ char* ObfuscateIpToText(const SfIp* ip, const SfCidr& homenet, SfCidr& obfunet, } else { - SfIp tmp; - tmp.set(*ip); + SfIp tmp(*ip); if ( homenet.is_set() ) { - if ( homenet.contains(&tmp) == SFIP_CONTAINS ) + if ( homenet.contains(ip) == SFIP_CONTAINS ) tmp.obfuscate(&obfunet); } else