From: Michael Matirko (mmatirko) Date: Fri, 21 Jul 2023 15:34:27 +0000 (+0000) Subject: Pull request #3921: lua: change cip binder rule from 22222 to 2222 (thanks to animato... X-Git-Tag: 3.1.67.0~8 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c9d72f34a79f56706b8a87b9cc5a557257e83c3d;p=thirdparty%2Fsnort3.git Pull request #3921: lua: change cip binder rule from 22222 to 2222 (thanks to animator-ra on GitHub for this fix). Merge in SNORT/snort3 from ~MMATIRKO/snort3:lua_cip to master Squashed commit of the following: commit 2f5d3525d9018f15eee121701cbb4b22db652c8f Author: Michael Matirko Date: Wed Jul 19 15:45:23 2023 -0400 style: fix whitespace commit 4eb3ff2b5a0411da5f2c38b4f57c0e836c10880e Author: Michael Matirko Date: Wed Jul 19 14:35:16 2023 -0400 lua: change cip binder rule from 22222 to 2222 (thanks to animator-ra on GitHub for this fix). --- diff --git a/lua/snort.lua b/lua/snort.lua index efbd3f65e..462838645 100644 --- a/lua/snort.lua +++ b/lua/snort.lua @@ -127,7 +127,7 @@ binder = { when = { proto = 'tcp', ports = '502', role='server' }, use = { type = 'modbus' } }, { when = { proto = 'tcp', ports = '2123 2152 3386', role='server' }, use = { type = 'gtp_inspect' } }, { when = { proto = 'tcp', ports = '2404', role='server' }, use = { type = 'iec104' } }, - { when = { proto = 'udp', ports = '22222', role = 'server' }, use = { type = 'cip' } }, + { when = { proto = 'udp', ports = '2222', role = 'server' }, use = { type = 'cip' } }, { when = { proto = 'tcp', ports = '44818', role = 'server' }, use = { type = 'cip' } }, { when = { proto = 'tcp', service = 'dcerpc' }, use = { type = 'dce_tcp' } }, diff --git a/src/actions/act_replace.cc b/src/actions/act_replace.cc index 19262bb8c..d5d292e06 100644 --- a/src/actions/act_replace.cc +++ b/src/actions/act_replace.cc @@ -107,7 +107,7 @@ private: void ReplaceAction::exec(Packet* p, const OptTreeNode* otn) { p->active->rewrite_packet(p); - + Actions::alert(p, otn); } diff --git a/src/decompress/file_decomp.h b/src/decompress/file_decomp.h index 5ed73cf00..e58e2833a 100644 --- a/src/decompress/file_decomp.h +++ b/src/decompress/file_decomp.h @@ -141,7 +141,7 @@ struct fd_session_t uint8_t Sig_State; // Sig search state machine uint8_t State; // main state machine uint8_t* ole_data_ptr; // compressed ole file. - uint32_t ole_data_len; + uint32_t ole_data_len; bool vba_analysis; void get_ole_data(uint8_t*& ole_data_ptr, uint32_t& ole_data_len) @@ -154,7 +154,7 @@ struct fd_session_t { ole_data_ptr = nullptr; ole_data_len = 0; - } + } }; /* Macros */ diff --git a/src/detection/fp_detect.cc b/src/detection/fp_detect.cc index 6b4b00e8b..1ce83bf6e 100644 --- a/src/detection/fp_detect.cc +++ b/src/detection/fp_detect.cc @@ -144,8 +144,8 @@ static inline void fpLogOther( if ( PacketTracer::is_daq_activated() ) { std::string act = Actions::get_string(action); - tr_len += snprintf(tr_context+tr_len, sizeof(tr_context) - tr_len, - "gid:%u, sid:%u, rev:%u, action:%s, msg:%s\n", + tr_len += snprintf(tr_context+tr_len, sizeof(tr_context) - tr_len, + "gid:%u, sid:%u, rev:%u, action:%s, msg:%s\n", otn->sigInfo.gid, otn->sigInfo.sid, otn->sigInfo.rev, act.c_str(), otn->sigInfo.message.c_str()); diff --git a/src/file_api/file_segment.cc b/src/file_api/file_segment.cc index a26b0b1e6..9af6556e2 100644 --- a/src/file_api/file_segment.cc +++ b/src/file_api/file_segment.cc @@ -72,7 +72,7 @@ void FileSegments::add(const uint8_t* file_data, int64_t data_size, uint64_t off new_segment->offset = offset; new_segment->data = new std::string((const char*)file_data, data_size); FILE_DEBUG(file_trace , DEFAULT_TRACE_OPTION_ID, TRACE_DEBUG_LEVEL, - GET_CURRENT_PACKET , "Adding segment, offset : %u data_size : %lu\n", + GET_CURRENT_PACKET , "Adding segment, offset : %u data_size : %lu\n", new_segment->offset, data_size); head = new_segment; return; @@ -245,7 +245,7 @@ int FileSegments::process(Packet* p, const uint8_t* file_data, uint64_t data_siz else { FILE_DEBUG(file_trace , DEFAULT_TRACE_OPTION_ID, TRACE_DEBUG_LEVEL, - p, "not adding to file segment queue offset %lu , current_offset %lu\n", + p, "not adding to file segment queue offset %lu , current_offset %lu\n", offset , current_offset); return 1; } diff --git a/src/framework/module.h b/src/framework/module.h index c48e16811..8eb3b75b1 100644 --- a/src/framework/module.h +++ b/src/framework/module.h @@ -250,7 +250,7 @@ private: dump_stats_counts[index] += value; else counts[index] += value; - + } }; } diff --git a/src/framework/pdu_section.h b/src/framework/pdu_section.h index 83f39e3c5..ce6ac9d05 100644 --- a/src/framework/pdu_section.h +++ b/src/framework/pdu_section.h @@ -38,7 +38,7 @@ namespace snort // When updating this enum, also update section_to_str enum PduSection { PS_NONE = 0, PS_HEADER, PS_HEADER_BODY, PS_BODY, PS_TRAILER, PS_MAX = PS_TRAILER, PS_ERROR }; - + // Bitmask with all of supported sections using section_flags = uint16_t; diff --git a/src/helpers/buffer_data.cc b/src/helpers/buffer_data.cc index 03a11aa75..722cf9aa6 100644 --- a/src/helpers/buffer_data.cc +++ b/src/helpers/buffer_data.cc @@ -27,36 +27,36 @@ namespace snort BufferData::BufferData(int32_t length, const uint8_t* data_, bool own_the_buffer_ = false) : len(length), data(data_), own_the_buffer(own_the_buffer_){} -BufferData::~BufferData() -{ - if (own_the_buffer) - delete[] data; +BufferData::~BufferData() +{ + if (own_the_buffer) + delete[] data; } int32_t BufferData::length() const -{ +{ return len; } const uint8_t* BufferData::data_ptr() const -{ - return data; +{ + return data; } void BufferData::set(int32_t length, const uint8_t* data_, bool own_the_buffer_) { - len = length; - data = data_; - own_the_buffer = own_the_buffer_; + len = length; + data = data_; + own_the_buffer = own_the_buffer_; } void BufferData::reset() -{ - if (own_the_buffer) +{ + if (own_the_buffer) delete[] data; - len = 0; - data = nullptr; - own_the_buffer = false; + len = 0; + data = nullptr; + own_the_buffer = false; } } diff --git a/src/host_tracker/host_cache_module.cc b/src/host_tracker/host_cache_module.cc index ff9c5db61..1bcc2c216 100644 --- a/src/host_tracker/host_cache_module.cc +++ b/src/host_tracker/host_cache_module.cc @@ -366,7 +366,7 @@ bool HostCacheModule::end(const char* fqn, int, SnortConfig* sc) if ( Snort::is_reloading() ) sc->register_reload_handler(new HostCacheReloadTuner(memcap)); else - { + { host_cache.set_max_size(memcap); ControlConn::log_command("host_cache.delete_host",false); } diff --git a/src/ips_options/ips_byte_test.cc b/src/ips_options/ips_byte_test.cc index 19077dfc3..585d60e6a 100644 --- a/src/ips_options/ips_byte_test.cc +++ b/src/ips_options/ips_byte_test.cc @@ -199,7 +199,7 @@ public: EvalStatus eval(Cursor&, Packet*) override; CursorActionType get_cursor_type() const override - { return CAT_READ; } + { return CAT_READ; } private: ByteTestData config; diff --git a/src/ips_options/ips_isdataat.cc b/src/ips_options/ips_isdataat.cc index 8e83cdd54..da2ffdad9 100644 --- a/src/ips_options/ips_isdataat.cc +++ b/src/ips_options/ips_isdataat.cc @@ -84,7 +84,7 @@ public: { return (config.flags & ISDATAAT_RELATIVE_FLAG) != 0; } CursorActionType get_cursor_type() const override - { return CAT_READ; } + { return CAT_READ; } private: IsDataAtData config; diff --git a/src/ips_options/ips_vba_data.cc b/src/ips_options/ips_vba_data.cc index d536168b3..74b4f5040 100644 --- a/src/ips_options/ips_vba_data.cc +++ b/src/ips_options/ips_vba_data.cc @@ -43,7 +43,7 @@ IpsOption::EvalStatus VbaDataOption::eval(Cursor& c, Packet* p) return NO_MATCH; InspectionBuffer buf; - if (!p->flow->gadget->get_fp_buf(buf.IBT_VBA, p, buf)) + if (!p->flow->gadget->get_fp_buf(buf.IBT_VBA, p, buf)) return NO_MATCH; c.set(s_name, buf.data, buf.len); @@ -54,7 +54,7 @@ bool VbaDataModule::end(const char*, int, SnortConfig*) { if (!search_handle) search_handle = LiteralSearch::setup(); - + if (!searcher) searcher = snort::LiteralSearch::instantiate(search_handle, (const uint8_t*)"ATTRIBUT", 8, true); diff --git a/src/js_norm/test/js_dealias_test.cc b/src/js_norm/test/js_dealias_test.cc index 9ad351f44..47588d51a 100644 --- a/src/js_norm/test/js_dealias_test.cc +++ b/src/js_norm/test/js_dealias_test.cc @@ -814,7 +814,7 @@ TEST_CASE("De-aliasing - scopes", "[JSNormalizer]") TEST_CASE("De-aliasing - class", "[JSNormalizer]") { - + SECTION("basic case") test_normalization( "a = new String(); a.foo()", diff --git a/src/js_norm/test/js_normalizer_test.cc b/src/js_norm/test/js_normalizer_test.cc index 5690d3aa9..d9b2e1d28 100644 --- a/src/js_norm/test/js_normalizer_test.cc +++ b/src/js_norm/test/js_normalizer_test.cc @@ -6258,7 +6258,7 @@ TEST_CASE("Function call tracking - basic", "[JSNormalizer]") TEST_CASE("Function call tracking - nesting", "[JSNormalizer]") { - auto tester = default_config; + auto tester = default_config; SECTION("Opening") { diff --git a/src/main.cc b/src/main.cc index 850732bde..90b86d6fe 100644 --- a/src/main.cc +++ b/src/main.cc @@ -391,7 +391,7 @@ int main_log_command(lua_State* L) { if (!L) return 0; - + ControlConn* ctrlcon = ControlConn::query_from_lua(L); if (lua_gettop(L) >= 2) { @@ -402,7 +402,7 @@ int main_log_command(lua_State* L) } else LogRespond(ctrlcon, "Usage: log_command(,true|false)\n"); - + return 0; } diff --git a/src/main/analyzer.cc b/src/main/analyzer.cc index c7a259f1d..4942d67f7 100644 --- a/src/main/analyzer.cc +++ b/src/main/analyzer.cc @@ -21,7 +21,7 @@ #ifdef HAVE_CONFIG_H #include "config.h" #endif - + #include "analyzer.h" #include diff --git a/src/main/thread_config.cc b/src/main/thread_config.cc index 87975c2ae..fb4cab7c0 100644 --- a/src/main/thread_config.cc +++ b/src/main/thread_config.cc @@ -248,27 +248,27 @@ int ThreadConfig::get_numa_node(hwloc_topology_t topology, hwloc_cpuset_t cpuset return -1; } -bool ThreadConfig::set_preferred_mempolicy(int node) +bool ThreadConfig::set_preferred_mempolicy(int node) { - if (node < 0) + if (node < 0) return false; unsigned long nodemask = 1UL << (unsigned long)node; int result = numa->set_mem_policy(MPOL_PREFERRED, &nodemask, sizeof(nodemask)*8); - if (result != 0) + if (result != 0) return false; - - if(numa->preferred() != node) + + if(numa->preferred() != node) return false; - + return true; } bool ThreadConfig::implement_thread_mempolicy(SThreadType type, unsigned id) { - if (!topology_support->cpubind->set_thisthread_cpubind or + if (!topology_support->cpubind->set_thisthread_cpubind or numa->available() < 0 or numa->max_node() <= 0) - { + { return false; } @@ -286,7 +286,7 @@ bool ThreadConfig::implement_thread_mempolicy(SThreadType type, unsigned id) { return false; } - + return true; } @@ -616,7 +616,7 @@ TEST_CASE("set node for thread", "[ThreadConfig]") std::shared_ptr numa_mock = std::make_shared(); std::shared_ptr hwloc_mock = std::make_shared(); - hwloc_mock->node.os_index = 0; + hwloc_mock->node.os_index = 0; numa = numa_mock; hwloc = hwloc_mock; @@ -626,10 +626,10 @@ TEST_CASE("set node for thread", "[ThreadConfig]") CHECK(tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0)); - hwloc_mock->node.os_index = 1; + hwloc_mock->node.os_index = 1; numa_mock->pref = 1; CHECK(tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 1)); -} +} TEST_CASE("numa_available negative test", "[ThreadConfig]") { @@ -640,7 +640,7 @@ TEST_CASE("numa_available negative test", "[ThreadConfig]") std::shared_ptr numa_mock = std::make_shared(); std::shared_ptr hwloc_mock = std::make_shared(); - numa_mock->numa_avail = -1; + numa_mock->numa_avail = -1; numa = numa_mock; hwloc = hwloc_mock; CHECK(!tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0)); @@ -654,8 +654,8 @@ TEST_CASE("set node failure negative test", "[ThreadConfig]") std::shared_ptr numa_mock = std::make_shared(); std::shared_ptr hwloc_mock = std::make_shared(); - hwloc_mock->node.os_index = 0; - numa_mock->pref = -1; + hwloc_mock->node.os_index = 0; + numa_mock->pref = -1; numa = numa_mock; hwloc = hwloc_mock; CHECK(!tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0)); @@ -690,7 +690,7 @@ TEST_CASE("set memory policy failure negative test", "[ThreadConfig]") numa_mock->mem_policy = -1; numa = numa_mock; hwloc = hwloc_mock; - CHECK(!tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0)); + CHECK(!tc.implement_thread_mempolicy(STHREAD_TYPE_PACKET, 0)); } TEST_CASE("get_nbobjs_by_depth failure negative test", "[ThreadConfig]") diff --git a/src/main/thread_config.h b/src/main/thread_config.h index fb8ec2f25..bb1ad3335 100644 --- a/src/main/thread_config.h +++ b/src/main/thread_config.h @@ -51,7 +51,7 @@ public: void implement_thread_affinity(SThreadType, unsigned id); void implement_named_thread_affinity(const std::string& name); bool implement_thread_mempolicy(SThreadType type, unsigned id); - + static constexpr unsigned int DEFAULT_THREAD_ID = 0; private: diff --git a/src/mime/file_mime_decode.cc b/src/mime/file_mime_decode.cc index eadc47d9c..67f7a8692 100644 --- a/src/mime/file_mime_decode.cc +++ b/src/mime/file_mime_decode.cc @@ -53,7 +53,7 @@ void MimeDecode::clear_decode_state() decoder = nullptr; } -// Called if MIME_FLAG_FILE_ATTACH flag is set +// Called if MIME_FLAG_FILE_ATTACH flag is set void MimeDecode::finalize_decoder(MimeStats* mime_stats) { // If this isn't the first body section, the decoder is already set @@ -95,7 +95,7 @@ void MimeDecode::finalize_decoder(MimeStats* mime_stats) } } -// This may be called more than once due to folding. +// This may be called more than once due to folding. void MimeDecode::process_decode_type(const char* start, int length) { if (config->get_b64_depth() > -1) @@ -223,7 +223,7 @@ const BufferData& MimeDecode::get_decomp_vba_data() uint8_t* buf = nullptr; uint32_t buf_len = 0; - + VBA_DEBUG(vba_data_trace, DEFAULT_TRACE_OPTION_ID, TRACE_INFO_LEVEL, CURRENT_PACKET, "Found OLE file. Sending %d bytes for the processing.\n", ole_data.length()); diff --git a/src/mime/file_mime_log.h b/src/mime/file_mime_log.h index a68ea6dae..1dbdca2e7 100644 --- a/src/mime/file_mime_log.h +++ b/src/mime/file_mime_log.h @@ -48,7 +48,7 @@ struct MailLogConfig class Flow; -class SO_PUBLIC MailLogState : public snort::StashGenericObject +class SO_PUBLIC MailLogState : public snort::StashGenericObject { public: MailLogState(MailLogConfig* conf); diff --git a/src/mime/file_mime_process.cc b/src/mime/file_mime_process.cc index 84fc36180..31e4ba436 100644 --- a/src/mime/file_mime_process.cc +++ b/src/mime/file_mime_process.cc @@ -248,7 +248,7 @@ bool MimeSession::process_header_line(const uint8_t*& ptr, const uint8_t* eol, c const uint8_t* colon; const uint8_t* header_value_ptr = nullptr; int max_header_name_len = 0; - + int header_found; /* got a line with only end of line marker should signify end of header */ if (eolm == ptr) @@ -287,7 +287,7 @@ bool MimeSession::process_header_line(const uint8_t*& ptr, const uint8_t* eol, c colon++; } - + if (colon + 1 < eolm) header_value_ptr = colon + 1; diff --git a/src/mime/file_mime_process.h b/src/mime/file_mime_process.h index 2b539d9a2..ffc63eef5 100644 --- a/src/mime/file_mime_process.h +++ b/src/mime/file_mime_process.h @@ -51,7 +51,7 @@ namespace snort enum FilenameState { CONT_DISP_FILENAME_PARAM_NAME, - CONT_DISP_FILENAME_PARAM_EQUALS, + CONT_DISP_FILENAME_PARAM_EQUALS, CONT_DISP_FILENAME_PARAM_VALUE_QUOTE, CONT_DISP_FILENAME_PARAM_VALUE }; diff --git a/src/network_inspectors/appid/app_info_table.cc b/src/network_inspectors/appid/app_info_table.cc index d84bedb3a..a0f807a34 100644 --- a/src/network_inspectors/appid/app_info_table.cc +++ b/src/network_inspectors/appid/app_info_table.cc @@ -726,7 +726,7 @@ void AppInfoManager::init_appid_info_table(const AppIdConfig& config, if (!add_entry_to_app_info_name_table(entry->app_name_key, entry)) delete entry; - else + else { if ((app_id = get_static_app_info_entry(entry->appId))) { diff --git a/src/network_inspectors/appid/appid_cip_event_handler.cc b/src/network_inspectors/appid/appid_cip_event_handler.cc index 14b1509f6..f4d8a6336 100644 --- a/src/network_inspectors/appid/appid_cip_event_handler.cc +++ b/src/network_inspectors/appid/appid_cip_event_handler.cc @@ -57,7 +57,7 @@ void CipEventHandler::service_handler(const Packet& p, AppIdSession& asd) asd.set_server_info(*ip, port, group); asd.set_service_id(APP_ID_CIP, asd.get_odp_ctxt()); - asd.set_service_detected(); + asd.set_service_detected(); } void CipEventHandler::handle(DataEvent& event, Flow* flow) @@ -71,7 +71,7 @@ void CipEventHandler::handle(DataEvent& event, Flow* flow) return; if (!pkt_thread_odp_ctxt or (asd->get_odp_ctxt_version() != pkt_thread_odp_ctxt->get_version())) - return; + return; if (!asd->get_session_flags(APPID_SESSION_DISCOVER_APP | APPID_SESSION_SPECIAL_MONITORED)) return; diff --git a/src/network_inspectors/appid/appid_ha.h b/src/network_inspectors/appid/appid_ha.h index 94ac3bcc2..b6ff185a6 100644 --- a/src/network_inspectors/appid/appid_ha.h +++ b/src/network_inspectors/appid/appid_ha.h @@ -88,7 +88,7 @@ public: static void tinit() { if ( snort::HighAvailabilityManager::active() ) - { + { ha_apps_client = new AppIdHAAppsClient; ha_http_client = new AppIdHAHttpClient; ha_tls_host_client = new AppIdHATlsHostClient; @@ -97,7 +97,7 @@ public: static void tterm() { if ( snort::HighAvailabilityManager::active() ) - { + { delete ha_apps_client; delete ha_http_client; delete ha_tls_host_client; diff --git a/src/network_inspectors/appid/appid_http_event_handler.cc b/src/network_inspectors/appid/appid_http_event_handler.cc index e45022f5e..fe62128c4 100644 --- a/src/network_inspectors/appid/appid_http_event_handler.cc +++ b/src/network_inspectors/appid/appid_http_event_handler.cc @@ -70,7 +70,7 @@ void HttpEventHandler::handle(DataEvent& event, Flow* flow) if (!asd->get_session_flags(APPID_SESSION_DISCOVER_APP | APPID_SESSION_SPECIAL_MONITORED)) return; - if (asd->get_session_flags(APPID_SESSION_FIRST_PKT_CACHE_MATCHED) and !asd->get_odp_ctxt().need_reinspection) + if (asd->get_session_flags(APPID_SESSION_FIRST_PKT_CACHE_MATCHED) and !asd->get_odp_ctxt().need_reinspection) return; const uint8_t* header_start; diff --git a/src/network_inspectors/appid/appid_peg_counts.cc b/src/network_inspectors/appid/appid_peg_counts.cc index 937eaf650..52cd22b67 100644 --- a/src/network_inspectors/appid/appid_peg_counts.cc +++ b/src/network_inspectors/appid/appid_peg_counts.cc @@ -91,7 +91,7 @@ void AppIdPegCounts::cleanup_dynamic_sum() DetectorPegs::NUM_APPID_DETECTOR_PEGS); if (unknown_appids_peg) memset(&unknown_appids_peg->stats, 0, sizeof(PegCount) * DetectorPegs::NUM_APPID_DETECTOR_PEGS); - + } void AppIdPegCounts::add_app_peg_info(std::string app_name, AppId app_id) diff --git a/src/network_inspectors/appid/appid_session.h b/src/network_inspectors/appid/appid_session.h index b89aa8fc1..65051b9d9 100644 --- a/src/network_inspectors/appid/appid_session.h +++ b/src/network_inspectors/appid/appid_session.h @@ -702,12 +702,12 @@ public: { return client_info_unpublished; } - + void set_cip_msp(bool multipayload) { cip_msp = multipayload; } - + bool is_cip_msp() const { return cip_msp; @@ -717,7 +717,7 @@ public: { return get_session_flags(APPID_SESSION_OPPORTUNISTIC_TLS) and !flow->flags.data_decrypted; } - + private: uint16_t prev_httpx_raw_packet = 0; diff --git a/src/network_inspectors/appid/appid_ssh_event_handler.cc b/src/network_inspectors/appid/appid_ssh_event_handler.cc index a59930fd9..efd3e840b 100644 --- a/src/network_inspectors/appid/appid_ssh_event_handler.cc +++ b/src/network_inspectors/appid/appid_ssh_event_handler.cc @@ -202,7 +202,7 @@ void SshEventHandler::handle(DataEvent& event, Flow* flow) switch(ssh_event.get_event_type()) { case SSH_VERSION_STRING: - if (handle_protocol(ssh_event, fd)) + if (handle_protocol(ssh_event, fd)) { if (asd->get_session_flags(APPID_SESSION_EARLY_SSH_DETECTED)) { diff --git a/src/network_inspectors/appid/appid_ssh_event_handler.h b/src/network_inspectors/appid/appid_ssh_event_handler.h index 6e08c0df0..19cc29896 100644 --- a/src/network_inspectors/appid/appid_ssh_event_handler.h +++ b/src/network_inspectors/appid/appid_ssh_event_handler.h @@ -27,7 +27,7 @@ class SshEventHandler : public snort::DataHandler { public: - SshEventHandler() : snort::DataHandler(MOD_NAME) + SshEventHandler() : snort::DataHandler(MOD_NAME) { id = snort::FlowData::create_flow_data_id(); } void handle(snort::DataEvent &, snort::Flow *) override; diff --git a/src/network_inspectors/appid/detector_plugins/cip_patterns.cc b/src/network_inspectors/appid/detector_plugins/cip_patterns.cc index 26e9862a0..1a5c486b7 100644 --- a/src/network_inspectors/appid/detector_plugins/cip_patterns.cc +++ b/src/network_inspectors/appid/detector_plugins/cip_patterns.cc @@ -23,7 +23,7 @@ #endif #include "cip_patterns.h" -#include "service_inspectors/cip/cip.h" +#include "service_inspectors/cip/cip.h" #include "utils/util.h" using namespace snort; @@ -59,7 +59,7 @@ void CipPatternMatchers::cip_add_path(AppId app_id, uint32_t class_id, uint8_t s path_list = pattern; } -void CipPatternMatchers::cip_add_set_attribute(AppId app_id, uint32_t class_id, bool is_class_instance, +void CipPatternMatchers::cip_add_set_attribute(AppId app_id, uint32_t class_id, bool is_class_instance, uint32_t attribute_id) { CipSetAttributeList* pattern = (CipSetAttributeList*)snort_calloc(sizeof(CipSetAttributeList)); @@ -75,7 +75,7 @@ void CipPatternMatchers::cip_add_set_attribute(AppId app_id, uint32_t class_id, pattern->next = set_attribute_list; set_attribute_list = pattern; -} +} void CipPatternMatchers::cip_add_connection_class(AppId app_id, uint32_t class_id) { @@ -338,19 +338,19 @@ CipPatternMatchers::~CipPatternMatchers() { free_enip_command_list(enip_command_list); enip_command_list = nullptr; - + free_cip_path_list(path_list); path_list = nullptr; - + free_cip_set_attribute_list(set_attribute_list); set_attribute_list = nullptr; - + free_cip_connection_class_list(connection_list); connection_list = nullptr; - + free_cip_extended_symbol_service_list(symbol_list); symbol_list = nullptr; - + free_cip_service_list(service_list); service_list = nullptr; } diff --git a/src/network_inspectors/appid/detector_plugins/detector_smtp.cc b/src/network_inspectors/appid/detector_plugins/detector_smtp.cc index 869d3330a..c3da00d31 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_smtp.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_smtp.cc @@ -797,7 +797,7 @@ int SmtpServiceDetector::validate(AppIdDiscoveryArgs& args) { if (!(dd->client.flags & CLIENT_FLAG_STARTTLS_SUCCESS)) goto fail; - + goto inprocess; } if (!fd->code) diff --git a/src/network_inspectors/appid/detector_plugins/ssh_patterns.h b/src/network_inspectors/appid/detector_plugins/ssh_patterns.h index 3ada6cb7d..4cfea8bdf 100644 --- a/src/network_inspectors/appid/detector_plugins/ssh_patterns.h +++ b/src/network_inspectors/appid/detector_plugins/ssh_patterns.h @@ -36,7 +36,7 @@ typedef std::unordered_map SshPatternTable; -class SshPatternMatchers +class SshPatternMatchers { public: void add_ssh_pattern(const std::string& pattern, AppId id); diff --git a/src/network_inspectors/appid/detector_plugins/ssl_patterns.cc b/src/network_inspectors/appid/detector_plugins/ssl_patterns.cc index 468bae735..b8ae25dc1 100644 --- a/src/network_inspectors/appid/detector_plugins/ssl_patterns.cc +++ b/src/network_inspectors/appid/detector_plugins/ssl_patterns.cc @@ -60,7 +60,7 @@ static int cert_pattern_match(void* id, void*, int match_end_pos, void* data, vo cm->match_start_pos = match_end_pos - target->pattern_size; cm->next = *matches; *matches = cm; - + return 0; } @@ -89,7 +89,7 @@ static bool scan_patterns(SearchTool& matcher, const uint8_t* data, size_t size, SslPattern* best_match; if (is_cname_search) - matcher.find_all((const char*)data, size, cname_pattern_match, false, &mp); + matcher.find_all((const char*)data, size, cname_pattern_match, false, &mp); else matcher.find_all((const char*)data, size, cert_pattern_match, false, &mp); diff --git a/src/network_inspectors/appid/detector_plugins/ssl_patterns.h b/src/network_inspectors/appid/detector_plugins/ssl_patterns.h index 9988219aa..2590fede3 100644 --- a/src/network_inspectors/appid/detector_plugins/ssl_patterns.h +++ b/src/network_inspectors/appid/detector_plugins/ssl_patterns.h @@ -37,7 +37,7 @@ struct SslPattern bool operator==(const SslPattern& v) const { return this->type == v.type and pattern_size == v.pattern_size - and (memcmp(pattern, v.pattern, (size_t)pattern_size) == 0); + and (memcmp(pattern, v.pattern, (size_t)pattern_size) == 0); } }; diff --git a/src/network_inspectors/appid/host_port_app_cache.cc b/src/network_inspectors/appid/host_port_app_cache.cc index 1ec340bc2..b1cc7eaa9 100644 --- a/src/network_inspectors/appid/host_port_app_cache.cc +++ b/src/network_inspectors/appid/host_port_app_cache.cc @@ -167,7 +167,7 @@ HostAppIdsVal* HostPortCache::find_on_first_pkt(const SfIp* ip, uint16_t port, I return &iter->second; } } - + return nullptr; } @@ -194,7 +194,7 @@ bool HostPortCache::add_host(const SnortConfig* sc, const SfIp* ip, uint32_t* ne cache_first_ip[ hk ] = hv; } - else + else { FirstPktkey hk; HostAppIdsVal hv; @@ -205,7 +205,7 @@ bool HostPortCache::add_host(const SnortConfig* sc, const SfIp* ip, uint32_t* ne apply_max_ip_range(hk.max_network_range, netmask); memcpy(&hk.netmask[0], netmask, 16); - + AppIdInspector* inspector = (AppIdInspector*)InspectorManager::get_inspector(MOD_NAME, false, sc); assert(inspector); diff --git a/src/network_inspectors/appid/host_port_app_cache.h b/src/network_inspectors/appid/host_port_app_cache.h index 74db65522..ac7830bc3 100644 --- a/src/network_inspectors/appid/host_port_app_cache.h +++ b/src/network_inspectors/appid/host_port_app_cache.h @@ -72,9 +72,9 @@ struct FirstPktkey bool operator<(const FirstPktkey& right) const { - if ((htonl(right.netmask[0]) < htonl(this->netmask[0])) or - (htonl(right.netmask[1]) < htonl(this->netmask[1])) or - (htonl(right.netmask[2]) < htonl(this->netmask[2])) or + if ((htonl(right.netmask[0]) < htonl(this->netmask[0])) or + (htonl(right.netmask[1]) < htonl(this->netmask[1])) or + (htonl(right.netmask[2]) < htonl(this->netmask[2])) or (htonl(right.netmask[3]) < htonl(this->netmask[3]))) return true; else @@ -110,7 +110,7 @@ public: HostPortVal* find(const snort::SfIp*, uint16_t port, IpProtocol, const OdpContext&); bool add(const snort::SnortConfig*, const snort::SfIp*, uint16_t port, IpProtocol, unsigned type, AppId); - + HostAppIdsVal* find_on_first_pkt(const snort::SfIp*, uint16_t port, IpProtocol, const OdpContext&); bool add_host(const snort::SnortConfig*, const snort::SfIp*, uint32_t* netmask, uint16_t port, IpProtocol, AppId, AppId, AppId, unsigned reinspect); diff --git a/src/network_inspectors/appid/lua_detector_api.cc b/src/network_inspectors/appid/lua_detector_api.cc index 337336467..81288e145 100644 --- a/src/network_inspectors/appid/lua_detector_api.cc +++ b/src/network_inspectors/appid/lua_detector_api.cc @@ -1246,7 +1246,7 @@ static int detector_add_ssl_cert_pattern(lua_State* L) const char* tmp_string = lua_tolstring(L, ++index, &pattern_size); if (!tmp_string or !pattern_size) { - ErrorMessage("appid: Invalid SSL Host pattern string in %s.\n", + ErrorMessage("appid: Invalid SSL Host pattern string in %s.\n", ud->get_detector()->get_name().c_str()); return 0; } @@ -1333,19 +1333,19 @@ static int detector_add_host_first_pkt_application(lua_State* L) uint32_t client_appid = lua_tointeger(L, ++index); uint32_t web_appid = lua_tointeger(L, ++index); unsigned reinspect = lua_tointeger(L, ++index); - + /* Extract Network IP and netmask */ size_t ipaddr_size = 0; uint32_t netmask32[4] = { 0xFFFFFFFFu, 0xFFFFFFFFu, 0xFFFFFFFFu, 0xFFFFFFFFu }; bool netmask_parsed = false; const char* cidr_str = lua_tolstring(L, ++index, &ipaddr_size); - vector tokens; + vector tokens; if (!cidr_str or !ipaddr_size) { ErrorMessage("%s: No IP address provided\n", "First packet API"); return 0; - } + } if (strchr(cidr_str, '/') == nullptr) { @@ -1355,30 +1355,30 @@ static int detector_add_host_first_pkt_application(lua_State* L) return 0; } } - else + else { - stringstream ss(cidr_str); - string temp_str; - + stringstream ss(cidr_str); + string temp_str; + while (getline(ss, temp_str, '/')) - { - tokens.push_back(temp_str); - } + { + tokens.push_back(temp_str); + } const char* netip_str = tokens[0].c_str(); - + if (!netip_str or !convert_string_to_address(netip_str, &ip_address)) { ErrorMessage("%s: Invalid IP address: %s\n", "First packet API", netip_str); return 0; } - if (all_of(tokens[1].begin(), tokens[1].end(), ::isdigit)) + if (all_of(tokens[1].begin(), tokens[1].end(), ::isdigit)) { int bits = stoi(tokens[1].c_str()); if (strchr(netip_str, '.')) { - if (bits < 0 or bits > 32) + if (bits < 0 or bits > 32) { ErrorMessage("%s: Invalid IPv4 prefix range: %d\n","First packet API", bits); return 0; @@ -1399,7 +1399,7 @@ static int detector_add_host_first_pkt_application(lua_State* L) for (int i = 3; i >= 0; --i) { auto tmp_bits = 32 + (32 * i) - bits; - + if (tmp_bits > 0) netmask32[i] = tmp_bits >= 32 ? 0 : (0xFFFFFFFFu << tmp_bits); } @@ -1412,7 +1412,7 @@ static int detector_add_host_first_pkt_application(lua_State* L) netmask_parsed = true; } - else + else { ErrorMessage("%s: Invalid prefix bit: %s\n", "First packet API", tokens[1].c_str()); return 0; @@ -2947,7 +2947,7 @@ static int detector_add_cip_connection_class(lua_State *L) auto& ud = *UserData::check(L, DETECTOR, 1); // Verify detector user data and that we are NOT in packet context ud->validate_lua_state(false); - if (!init(L)) + if (!init(L)) return 0; uint32_t app_id = lua_tointeger(L, ++index); @@ -2967,7 +2967,7 @@ static int detector_add_cip_path(lua_State *L) auto& ud = *UserData::check(L, DETECTOR, 1); // Verify detector user data and that we are NOT in packet context ud->validate_lua_state(false); - if (!init(L)) + if (!init(L)) return 0; uint32_t app_id = lua_tointeger(L, ++index); @@ -2988,7 +2988,7 @@ static int detector_add_cip_set_attribute(lua_State *L) auto& ud = *UserData::check(L, DETECTOR, 1); // Verify detector user data and that we are NOT in packet context ud->validate_lua_state(false); - if (!init(L)) + if (!init(L)) return 0; uint32_t app_id = lua_tointeger(L, ++index); @@ -3010,7 +3010,7 @@ static int detector_add_cip_extended_symbol_service(lua_State *L) auto& ud = *UserData::check(L, DETECTOR, 1); // Verify detector user data and that we are NOT in packet context ud->validate_lua_state(false); - if (!init(L)) + if (!init(L)) return 0; uint32_t app_id = lua_tointeger(L, ++index); @@ -3030,7 +3030,7 @@ static int detector_add_cip_service(lua_State *L) auto& ud = *UserData::check(L, DETECTOR, 1); // Verify detector user data and that we are NOT in packet context ud->validate_lua_state(false); - if (!init(L)) + if (!init(L)) return 0; uint32_t app_id = lua_tointeger(L, ++index); @@ -3050,7 +3050,7 @@ static int detector_add_enip_command(lua_State *L) auto& ud = *UserData::check(L, DETECTOR, 1); // Verify detector user data and that we are NOT in packet context ud->validate_lua_state(false); - if (!init(L)) + if (!init(L)) return 0; uint32_t app_id = lua_tointeger(L, ++index); diff --git a/src/network_inspectors/appid/service_plugins/alpn_patterns.cc b/src/network_inspectors/appid/service_plugins/alpn_patterns.cc index 9945d0cc1..10e0e0882 100644 --- a/src/network_inspectors/appid/service_plugins/alpn_patterns.cc +++ b/src/network_inspectors/appid/service_plugins/alpn_patterns.cc @@ -105,7 +105,7 @@ void AlpnPatternMatchers::finalize_patterns() alpn_pattern_matcher.add(p->pattern.data(), p->pattern.size(), p, true); #ifdef REG_TEST - AppIdInspector* inspector = + AppIdInspector* inspector = (AppIdInspector*) InspectorManager::get_inspector(MOD_NAME, true); if (inspector and inspector->get_ctxt().config.log_alpn_service_mappings) LogMessage("Adding ALPN service App pattern %d %s\n", diff --git a/src/network_inspectors/appid/service_plugins/service_ftp.cc b/src/network_inspectors/appid/service_plugins/service_ftp.cc index cac14d9b6..3f05de2f7 100644 --- a/src/network_inspectors/appid/service_plugins/service_ftp.cc +++ b/src/network_inspectors/appid/service_plugins/service_ftp.cc @@ -353,7 +353,7 @@ static bool check_ret_digit_code(const uint8_t* code_raw, int start_digit_place, ret = false; break; case 2: - if (ret and fd.rstate == FTP_REPLY_BEGIN and code_raw[index] >='0' + if (ret and fd.rstate == FTP_REPLY_BEGIN and code_raw[index] >='0' and code_raw[index] <= '5') code += (code_raw[index] - '0') * 10; else if (ret and fd.rstate != FTP_REPLY_BEGIN and code_raw[index] >='1' diff --git a/src/network_inspectors/appid/service_plugins/service_ssl.cc b/src/network_inspectors/appid/service_plugins/service_ssl.cc index 8b04a8add..cbcd67c06 100644 --- a/src/network_inspectors/appid/service_plugins/service_ssl.cc +++ b/src/network_inspectors/appid/service_plugins/service_ssl.cc @@ -180,7 +180,7 @@ static void ssl_cache_free(uint8_t*& ssl_cache, uint16_t& len) snort_free(ssl_cache); ssl_cache = nullptr; } - + len = 0; } @@ -218,7 +218,7 @@ static void save_ssl_cache(ServiceSSLData* ss, uint16_t size, const uint8_t* dat { ss->cached_data = (uint8_t*)snort_calloc(size, sizeof(uint8_t)); memcpy(ss->cached_data, data, size); - ss->cached_len = size; + ss->cached_len = size; } int SslServiceDetector::validate(AppIdDiscoveryArgs& args) @@ -345,7 +345,7 @@ int SslServiceDetector::validate(AppIdDiscoveryArgs& args) save_ssl_cache(ss, size, data); goto inprocess; } - + hdr3 = (const ServiceSSLV3Hdr*)data; ver = ntohs(hdr3->version); if ((hdr3->type != SSL_HANDSHAKE && @@ -505,7 +505,7 @@ success: snort_free(reallocated_data); reallocated_data = nullptr; } - + if (ss->server_cert.certs_data && ss->server_cert.certs_len) { if (!(args.asd.scan_flags & SCAN_CERTVIZ_ENABLED_FLAG) and diff --git a/src/network_inspectors/appid/test/appid_session_api_test.cc b/src/network_inspectors/appid/test/appid_session_api_test.cc index d25de9927..750c0d637 100644 --- a/src/network_inspectors/appid/test/appid_session_api_test.cc +++ b/src/network_inspectors/appid/test/appid_session_api_test.cc @@ -350,7 +350,7 @@ TEST(appid_session_api, get_client_app_detect_type) mock_session->set_eve_client_app_id(638); AppId id = mock_session->pick_ss_client_app_id(); CHECK_EQUAL(id, 638); - detect_type = mock_session->get_api().get_client_app_detect_type(); + detect_type = mock_session->get_api().get_client_app_detect_type(); CHECK_EQUAL(detect_type, CLIENT_APP_DETECT_TLS_FP); /* Now set the normal client id to something. That is the appid that should be picked, diff --git a/src/network_inspectors/appid/tp_appid_utils.cc b/src/network_inspectors/appid/tp_appid_utils.cc index 42f64b9dd..0bec1c740 100644 --- a/src/network_inspectors/appid/tp_appid_utils.cc +++ b/src/network_inspectors/appid/tp_appid_utils.cc @@ -403,7 +403,7 @@ static inline void process_ftp_control(AppIdSession& asd, asd.set_user_logged_in(); asd.tpsession->set_attr(TP_ATTR_UNAME_KNOWN); } - // This is a safe bail out condition in case username is not known + // This is a safe bail out condition in case username is not known if ((asd.init_tpPackets + asd.resp_tpPackets) >= asd.get_odp_ctxt().max_tp_flow_depth) asd.tpsession->set_attr(TP_ATTR_UNAME_KNOWN); } @@ -601,7 +601,7 @@ bool do_tp_discovery(ThirdPartyAppIdContext& tp_appid_ctxt, AppIdSession& asd, I assert(hsession); } - if (tp_app_id == APP_ID_SSH) + if (tp_app_id == APP_ID_SSH) { if (appidDebug->is_active()) LogMessage("AppIdDbg %s Setting the ignore and early detection flag\n", diff --git a/src/network_inspectors/normalize/norm_module.cc b/src/network_inspectors/normalize/norm_module.cc index 8a44bf483..6cce7f9d2 100644 --- a/src/network_inspectors/normalize/norm_module.cc +++ b/src/network_inspectors/normalize/norm_module.cc @@ -375,7 +375,7 @@ const PegInfo* NormalizeModule::get_pegs() const p++; } test_pegs.emplace_back(*p); - + return &test_pegs[0]; } diff --git a/src/network_inspectors/normalize/norm_stats.cc b/src/network_inspectors/normalize/norm_stats.cc index b8f55f9a5..d4455ff00 100644 --- a/src/network_inspectors/normalize/norm_stats.cc +++ b/src/network_inspectors/normalize/norm_stats.cc @@ -58,7 +58,7 @@ const PegInfo norm_names[] = { CountType::SUM, "tcp_ts_nop", "timestamp options cleared" }, { CountType::SUM, "tcp_ips_data", "normalized segments" }, { CountType::SUM, "tcp_block", "blocked segments" }, - + { CountType::END, nullptr, nullptr } }; diff --git a/src/network_inspectors/rna/rna_fingerprint_udp.cc b/src/network_inspectors/rna/rna_fingerprint_udp.cc index 4eab609c8..d2ec4f89b 100644 --- a/src/network_inspectors/rna/rna_fingerprint_udp.cc +++ b/src/network_inspectors/rna/rna_fingerprint_udp.cc @@ -74,7 +74,7 @@ void UdpFpProcessor::push(const RawFingerprint& rfp) DHCPFingerprint dhcp_fp(rfp); if (dhcp_fp.dhcp55.size() > DHCP_OP55_MAX_SIZE) return; - push_dhcp_fp(dhcp_fp); + push_dhcp_fp(dhcp_fp); } } diff --git a/src/parser/vars.cc b/src/parser/vars.cc index 1146e3803..28075f7f2 100644 --- a/src/parser/vars.cc +++ b/src/parser/vars.cc @@ -449,7 +449,7 @@ const std::string ExpandVars(const std::string& input_str) } std::string var_name(begin, end); - std::string var_aux; + std::string var_aux; i = end; diff --git a/src/profiler/json_view.cc b/src/profiler/json_view.cc index ec3f62d58..b387b8acf 100644 --- a/src/profiler/json_view.cc +++ b/src/profiler/json_view.cc @@ -40,7 +40,7 @@ using namespace snort; static void print_single_entry(ControlConn* ctrlcon, const rule_stats::View& v, unsigned n, unsigned count, double total_time_usec) -{ +{ using std::chrono::duration_cast; using std::chrono::microseconds; diff --git a/src/protocols/ssl.cc b/src/protocols/ssl.cc index fba5edc3b..4e895fb50 100644 --- a/src/protocols/ssl.cc +++ b/src/protocols/ssl.cc @@ -209,7 +209,7 @@ static uint32_t SSL_decode_handshake_v3(const uint8_t* pkt, int size, snort::parse_server_certificates(server_cert_data); } - retval |= SSL_CERTIFICATE_FLAG; + retval |= SSL_CERTIFICATE_FLAG; break; /* The following types are not presently of interest */ diff --git a/src/pub_sub/cip_events.h b/src/pub_sub/cip_events.h index 7752917e7..32a546288 100644 --- a/src/pub_sub/cip_events.h +++ b/src/pub_sub/cip_events.h @@ -48,7 +48,7 @@ public: { return p; } const CipEventData* get_event_data() - { return event_data; } + { return event_data; } private: const snort::Packet* p; const CipEventData* event_data; diff --git a/src/pub_sub/eve_process_event.h b/src/pub_sub/eve_process_event.h index 871a36e5b..b1a18ba12 100644 --- a/src/pub_sub/eve_process_event.h +++ b/src/pub_sub/eve_process_event.h @@ -85,7 +85,7 @@ public: { return is_quic; } - + bool is_client_process_mapping() const { return client_process_mapping; diff --git a/src/pub_sub/ssl_events.h b/src/pub_sub/ssl_events.h index 602e7010f..906942cae 100644 --- a/src/pub_sub/ssl_events.h +++ b/src/pub_sub/ssl_events.h @@ -31,7 +31,7 @@ struct SslEventIds { CHELLO_SERVER_NAME, SERVER_COMMON_NAME, - + num_ids }; }; diff --git a/src/service_inspectors/dce_rpc/dce_smb_common.h b/src/service_inspectors/dce_rpc/dce_smb_common.h index 647de383e..b03adf89d 100644 --- a/src/service_inspectors/dce_rpc/dce_smb_common.h +++ b/src/service_inspectors/dce_rpc/dce_smb_common.h @@ -293,7 +293,7 @@ public: Dce2SmbSessionData* upgrade(const snort::Packet*); void update_smb_session_data(Dce2SmbSessionData* ssd_v) - { + { if (ssd) delete ssd; ssd = ssd_v; } diff --git a/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc b/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc index af7776e90..dfc9e9b33 100644 --- a/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc +++ b/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc @@ -93,7 +93,7 @@ StreamSplitter::Status FtpDataSplitter::scan(Packet* pkt, const uint8_t*, uint32 *fp = len; // avoid unnecessary signature calc by clearing the flag set by detained packet if (fdfd->session.packet_flags & FTPDATA_FLG_FLUSH) - fdfd->session.packet_flags &= ~FTPDATA_FLG_FLUSH; + fdfd->session.packet_flags &= ~FTPDATA_FLG_FLUSH; return FLUSH; } diff --git a/src/service_inspectors/ftp_telnet/ftpp_si.cc b/src/service_inspectors/ftp_telnet/ftpp_si.cc index b54d39c4c..32c9f5155 100644 --- a/src/service_inspectors/ftp_telnet/ftpp_si.cc +++ b/src/service_inspectors/ftp_telnet/ftpp_si.cc @@ -357,7 +357,7 @@ bool FTPDataDirection(Packet* p, FTP_DATA_SESSION* ftpdata) return true; // upload - if (p->is_from_application_client() && !p->is_from_client()) + if (p->is_from_application_client() && !p->is_from_client()) return true; } else @@ -367,7 +367,7 @@ bool FTPDataDirection(Packet* p, FTP_DATA_SESSION* ftpdata) return true; // upload - if (p->is_from_client() && p->is_from_application_client()) + if (p->is_from_client() && p->is_from_application_client()) return true; } diff --git a/src/service_inspectors/http2_inspect/http2_data_cutter.h b/src/service_inspectors/http2_inspect/http2_data_cutter.h index 8dbb05fb4..e7bc5f3c8 100644 --- a/src/service_inspectors/http2_inspect/http2_data_cutter.h +++ b/src/service_inspectors/http2_inspect/http2_data_cutter.h @@ -41,7 +41,7 @@ private: bool check_http_state(Http2Stream* const stream); snort::StreamSplitter::Status skip_over_frame(Http2Stream* const stream, uint32_t length, uint32_t* flush_offset, uint32_t data_offset, uint8_t frame_flags); - + Http2FlowData* const session_data; const HttpCommon::SourceId source_id; diff --git a/src/service_inspectors/http2_inspect/http2_tables.cc b/src/service_inspectors/http2_inspect/http2_tables.cc index 39d22a76e..674dd6e19 100644 --- a/src/service_inspectors/http2_inspect/http2_tables.cc +++ b/src/service_inspectors/http2_inspect/http2_tables.cc @@ -64,9 +64,9 @@ const RuleMap Http2Module::http2_events[] = { EVENT_INVALID_WINDOW_UPDATE_FRAME, "invalid HTTP/2 window update frame" }, { EVENT_WINDOW_UPDATE_FRAME_ZERO_INCREMENT, "HTTP/2 window update frame with zero increment" }, { EVENT_REQUEST_WITHOUT_METHOD, "HTTP/2 request without a method" }, - { EVENT_TABLE_SIZE_UPDATE_NOT_AT_HEADER_START, + { EVENT_TABLE_SIZE_UPDATE_NOT_AT_HEADER_START, "HTTP/2 HPACK table size update not at the start of a header block" }, - { EVENT_MORE_THAN_2_TABLE_SIZE_UPDATES, + { EVENT_MORE_THAN_2_TABLE_SIZE_UPDATES, "More than two HTTP/2 HPACK table size updates in a single header block" }, { EVENT_HPACK_TABLE_SIZE_UPDATE_EXCEEDS_MAX, "HTTP/2 HPACK table size update exceeds max value set by decoder in SETTINGS frame" }, diff --git a/src/service_inspectors/http_inspect/http_module.h b/src/service_inspectors/http_inspect/http_module.h index d2794d994..9401e9d3d 100755 --- a/src/service_inspectors/http_inspect/http_module.h +++ b/src/service_inspectors/http_inspect/http_module.h @@ -137,7 +137,7 @@ public: class ScriptFinder { public: - ScriptFinder(snort::LiteralSearch::Handle* h) : handle(h), + ScriptFinder(snort::LiteralSearch::Handle* h) : handle(h), finder(snort::LiteralSearch::instantiate(h, (const uint8_t*)"", 9, true, true)) {} diff --git a/src/service_inspectors/http_inspect/http_msg_body.cc b/src/service_inspectors/http_inspect/http_msg_body.cc index d77aad2e7..161f572df 100644 --- a/src/service_inspectors/http_inspect/http_msg_body.cc +++ b/src/service_inspectors/http_inspect/http_msg_body.cc @@ -567,7 +567,7 @@ static FilePosition find_range_file_pos(const std::string& hdr_content, bool fro size_t processed = 0; for (; processed < hdr_content.length() and hdr_content[processed] == ' '; ++processed); - + if (processed == hdr_content.length()) return SNORT_FILE_POSITION_UNKNOWN; @@ -576,9 +576,9 @@ static FilePosition find_range_file_pos(const std::string& hdr_content, bool fro return SNORT_FILE_POSITION_UNKNOWN; processed += sizeof(CONTENT_BYTES) - 1; - + for (; processed < hdr_content.length() and hdr_content[processed] == ' '; ++processed); - + if (processed == hdr_content.length() or !isdigit(hdr_content[processed])) return SNORT_FILE_POSITION_UNKNOWN; @@ -591,7 +591,7 @@ static FilePosition find_range_file_pos(const std::string& hdr_content, bool fro if (slash_pos == hdr_content.npos) return SNORT_FILE_POSITION_UNKNOWN; - + char *end_ptr = nullptr; unsigned long range_start = SnortStrtoul(hdr_content.c_str() + processed, &end_ptr, 10); @@ -620,7 +620,7 @@ static FilePosition find_range_file_pos(const std::string& hdr_content, bool fro if (range_end == file_size - 1) { - if (front && back) + if (front && back) return SNORT_FILE_FULL; else if (front) return SNORT_FILE_START; @@ -667,10 +667,10 @@ void HttpMsgBody::do_file_processing(const Field& file_data) else { const Field& range_hdr = get_header(SRC_SERVER)->get_header_value_raw(HEAD_CONTENT_RANGE); - + if (range_hdr.length() <= 0) return; - + file_position = find_range_file_pos(std::string((const char*)range_hdr.start(), range_hdr.length()), front, back); diff --git a/src/service_inspectors/http_inspect/http_msg_header.cc b/src/service_inspectors/http_inspect/http_msg_header.cc index 3c28372fb..c4c65e2b4 100755 --- a/src/service_inspectors/http_inspect/http_msg_header.cc +++ b/src/service_inspectors/http_inspect/http_msg_header.cc @@ -122,12 +122,12 @@ const Field& HttpMsgHeader::get_true_ip_addr() addr_str[true_ip.length()] = '\0'; SfIp tmp_sfip; - + /* remove port number from ip address */ char* colon_port = strrchr((char*)addr_str, ':'); if (colon_port && (strpbrk((char*)addr_str, "[."))) *colon_port = '\0'; - + const SfIpRet status = tmp_sfip.set((char*)addr_str); delete[] addr_str; if (status != SFIP_SUCCESS) diff --git a/src/service_inspectors/http_inspect/http_msg_section.h b/src/service_inspectors/http_inspect/http_msg_section.h index 5b1aed03d..38adf3035 100644 --- a/src/service_inspectors/http_inspect/http_msg_section.h +++ b/src/service_inspectors/http_inspect/http_msg_section.h @@ -22,7 +22,7 @@ #include "detection/detection_util.h" #include "framework/cursor.h" -#include "framework/pdu_section.h" +#include "framework/pdu_section.h" #include "protocols/packet.h" #include "http_buffer_info.h" diff --git a/src/service_inspectors/http_inspect/ips_http.h b/src/service_inspectors/http_inspect/ips_http.h index 80c4d2963..3162f10f0 100644 --- a/src/service_inspectors/http_inspect/ips_http.h +++ b/src/service_inspectors/http_inspect/ips_http.h @@ -76,7 +76,7 @@ public: EvalStatus eval(Cursor&, snort::Packet*) override = 0; uint32_t hash() const override; bool operator==(const snort::IpsOption& ips) const override; - + snort::section_flags get_pdu_section(bool) const override; protected: diff --git a/src/service_inspectors/http_inspect/ips_http_param.cc b/src/service_inspectors/http_inspect/ips_http_param.cc index 7972572e5..55c2f7185 100644 --- a/src/service_inspectors/http_inspect/ips_http_param.cc +++ b/src/service_inspectors/http_inspect/ips_http_param.cc @@ -109,7 +109,7 @@ IpsOption::EvalStatus HttpParamIpsOption::eval(Cursor& c, Packet* p) const HttpInspect* const hi = eval_helper(p); if (hi == nullptr) return NO_MATCH; - + const Field& http_buffer = hi->http_get_param_buf(c, p, http_param); if (http_buffer.length() <= 0) return NO_MATCH; diff --git a/src/service_inspectors/http_inspect/ips_http_param.h b/src/service_inspectors/http_inspect/ips_http_param.h index 2af11cfb1..a780d9e5e 100644 --- a/src/service_inspectors/http_inspect/ips_http_param.h +++ b/src/service_inspectors/http_inspect/ips_http_param.h @@ -51,7 +51,7 @@ public: private: friend class HttpParamIpsOption; static THREAD_LOCAL snort::ProfileStats http_param_ps; - + std::string param; // provide buffer containing specific parameter bool nocase; // case insensitive match snort::LiteralSearch::Handle* search_handle; @@ -72,12 +72,12 @@ public: static void opt_dtor(snort::IpsOption* p) { delete p; } bool retry(Cursor& , const Cursor&) override; - + snort::section_flags get_pdu_section(bool) const override; private: const char* const key; - const HttpParam http_param; + const HttpParam http_param; }; #endif diff --git a/src/service_inspectors/http_inspect/ips_http_test.cc b/src/service_inspectors/http_inspect/ips_http_test.cc index c812ebde9..f884d7606 100644 --- a/src/service_inspectors/http_inspect/ips_http_test.cc +++ b/src/service_inspectors/http_inspect/ips_http_test.cc @@ -163,7 +163,7 @@ IpsOption::EvalStatus HttpTestIpsOption::eval(Cursor&, Packet* p) const HttpInspect* const hi = eval_helper(p); if (hi == nullptr) return NO_MATCH; - + const Field& http_buffer = hi->http_get_buf(p, buffer_info); // Check if field is absent or section is not present diff --git a/src/service_inspectors/http_inspect/ips_http_test.h b/src/service_inspectors/http_inspect/ips_http_test.h index 85cff4acd..3b285e027 100644 --- a/src/service_inspectors/http_inspect/ips_http_test.h +++ b/src/service_inspectors/http_inspect/ips_http_test.h @@ -44,7 +44,7 @@ public: snort::ProfileStats* get_profile() const override { return &http_test_ps[idx]; } - + static void mod_dtor(snort::Module* m) { delete m; } bool begin(const char*, int, snort::SnortConfig*) override; bool set(const char*, snort::Value&, snort::SnortConfig*) override; diff --git a/src/service_inspectors/iec104/iec104_decode.cc b/src/service_inspectors/iec104/iec104_decode.cc index 6caf6224a..561789b9d 100644 --- a/src/service_inspectors/iec104/iec104_decode.cc +++ b/src/service_inspectors/iec104/iec104_decode.cc @@ -52,7 +52,7 @@ static uint32_t getApciType(Packet* p) const Iec104GenericApci* apci = (const Iec104GenericApci*) p->data; // default apci type to a non-used value - // if this somehow makes it through it errors out in the apci type switch + // if this somehow makes it through it errors out in the apci type switch uint32_t curApciType = IEC104_NO_APCI; // Check the APCI Major type flag @@ -89,12 +89,12 @@ bool Iec104Decode(Packet* p, Iec104FlowData* iec104fd) // build the correct APCI based on the returned type uint32_t apciType = getApciType(p); - if (apciType > 2) + if (apciType > 2) { // An APCI type cannot be determined. Message does not appear to be IEC104 return false; } - else + else { // apply the appropriate structure to the packet buffer based on the // earlier type determination diff --git a/src/service_inspectors/iec104/iec104_paf.h b/src/service_inspectors/iec104/iec104_paf.h index 38a272542..2b4f11bef 100644 --- a/src/service_inspectors/iec104/iec104_paf.h +++ b/src/service_inspectors/iec104/iec104_paf.h @@ -29,8 +29,8 @@ enum iec104_paf_state_t { - IEC104_PAF_STATE__START = 0, - IEC104_PAF_STATE__LEN = 1, + IEC104_PAF_STATE__START = 0, + IEC104_PAF_STATE__LEN = 1, IEC104_PAF_STATE__SET_FLUSH = 2, }; diff --git a/src/service_inspectors/iec104/iec104_parse_apdu.cc b/src/service_inspectors/iec104/iec104_parse_apdu.cc index 36fd2cf88..174f319ae 100644 --- a/src/service_inspectors/iec104/iec104_parse_apdu.cc +++ b/src/service_inspectors/iec104/iec104_parse_apdu.cc @@ -37,9 +37,9 @@ using namespace snort; // perform some checks on the ASDU static bool checkIec104Asdu(Iec104AsduCheck curAsduCheck) -{ +{ // keep a flag to indicate whether we should exit after executing - // taking this approach instead of returning directly as multiple of these + // taking this approach instead of returning directly as multiple of these // cases could exist and we want to alert on all of them bool continueProcessing = true; @@ -91,7 +91,7 @@ static bool checkIec104Asdu(Iec104AsduCheck curAsduCheck) } } - // Verify that the cause of transmission indicated by the sender is one that is + // Verify that the cause of transmission indicated by the sender is one that is // allowed for the message type switch (curAsduCheck.apci->asdu.causeOfTransmission.causeOfTransmission) { @@ -1345,7 +1345,7 @@ static void parseIec104GenericAsdu(uint32_t asduType, const Iec104ApciI* apci) for (uint32_t i = 0; i < verifiedNumberOfElements; i++) { - // + // // Handle Structure Qualifier == 1 // if (apci->asdu.variableStructureQualifier.sq) @@ -2535,7 +2535,7 @@ void parseIec104ApciU(const Iec104ApciU* apci) DetectionEngine::queue_event(GID_IEC104, IEC104_BAD_START); } // throw an alert if any length other than 0x04 is provided since this APCI can only have 4 bytes of data - // a similar length check is performed in `iec104.c` when determining packet size. It is possible for that check to pass and this one alert + // a similar length check is performed in `iec104.c` when determining packet size. It is possible for that check to pass and this one alert else if (apci->header.length != IEC104_APCI_TYPE_U_LEN) { DetectionEngine::queue_event(GID_IEC104, IEC104_BAD_LENGTH); @@ -2572,7 +2572,7 @@ void parseIec104ApciS(const Iec104ApciS* apci) DetectionEngine::queue_event(GID_IEC104, IEC104_BAD_START); } // throw an alert if any length other than 0x04 is provided since this APCI can only have 4 bytes of data - // a similar length check is performed in `iec104.c` when determining packet size. It is possible for that check to pass and this one alert + // a similar length check is performed in `iec104.c` when determining packet size. It is possible for that check to pass and this one alert else if (apci->header.length != IEC104_APCI_TYPE_S_LEN) { DetectionEngine::queue_event(GID_IEC104, IEC104_BAD_LENGTH); @@ -2596,7 +2596,7 @@ void parseIec104ApciI(const Iec104ApciI* apci) DetectionEngine::queue_event(GID_IEC104, IEC104_BAD_START); } // throw an alert if any length under 12 is detected as that is the smallest possible message according to the spec - // a similar length check is performed in `iec104.c` when determining packet size. It is possible for that check to pass and this one alert + // a similar length check is performed in `iec104.c` when determining packet size. It is possible for that check to pass and this one alert else if (apci->header.length < IEC104_APCI_TYPE_I_MIN_LEN) { DetectionEngine::queue_event(GID_IEC104, IEC104_BAD_LENGTH); diff --git a/src/service_inspectors/iec104/iec104_parse_apdu.h b/src/service_inspectors/iec104/iec104_parse_apdu.h index 68880ac06..1ffed87f4 100644 --- a/src/service_inspectors/iec104/iec104_parse_apdu.h +++ b/src/service_inspectors/iec104/iec104_parse_apdu.h @@ -47,16 +47,16 @@ void parseIec104ApciI(const struct Iec104ApciI* apci); // Definition for the different APCI headers // This allows us to make determinations on how to handle the fields following the first 1-2 bits -enum ApciTypeEnum +enum ApciTypeEnum { IEC104_NO_APCI = -1, - IEC104_APCI_TYPE_I = 0, - IEC104_APCI_TYPE_S = 1, - IEC104_APCI_TYPE_U = 2, + IEC104_APCI_TYPE_I = 0, + IEC104_APCI_TYPE_S = 1, + IEC104_APCI_TYPE_U = 2, }; -enum AsduTypeEnum -{ +enum AsduTypeEnum +{ IEC104_NO_ASDU = 0, // placeholder for an error case IEC104_ASDU_M_SP_NA_1 = 1, // Single-point information IEC104_ASDU_M_SP_TA_1 = 2, // Single-point information with time tag @@ -101,7 +101,7 @@ enum AsduTypeEnum IEC104_ASDU_C_BO_NA_1 = 51, // Bitstring 32 bit command // 52-57 reserved IEC104_ASDU_C_SC_TA_1 = 58, // Single command with time tag CP56Time2a - IEC104_ASDU_C_DC_TA_1 = 59, // Double command with time tag CP56Time2a + IEC104_ASDU_C_DC_TA_1 = 59, // Double command with time tag CP56Time2a IEC104_ASDU_C_RC_TA_1 = 60, // Regulating step command with time tag CP56Time2a IEC104_ASDU_C_SE_TA_1 = 61, // Set-point command with time tag CP56Time2a, normalized value IEC104_ASDU_C_SE_TB_1 = 62, // Set-point command with time tag CP56Time2a, scaled value @@ -136,7 +136,7 @@ enum AsduTypeEnum }; // Definition for the different transmission cause codes -enum CauseOfTransmissionEnum +enum CauseOfTransmissionEnum { IEC104_CAUSE_TX_NOT_USED = 0, // not used IEC104_CAUSE_TX_PER_CYC = 1, // periodic, cyclic @@ -204,7 +204,7 @@ enum CauseOfTransmissionEnum IEC104_CAUSE_TX_RES63 = 63, // 48-63 reserved }; -enum StructureQualifierEnum +enum StructureQualifierEnum { IEC104_SQ_FALSE = 0, IEC104_SQ_TRUE = 1, @@ -224,7 +224,7 @@ enum StructureQualifierEnum // // struct Iec104To help determine what type of APCI is in use -struct Iec104GenericApci +struct Iec104GenericApci { uint8_t start; uint8_t length; @@ -238,14 +238,14 @@ struct Iec104GenericApci // ASDU Information Object Structs // -struct Iec104VariableStructureQualifierType +struct Iec104VariableStructureQualifierType { uint8_t numberOfElements : 7; uint8_t sq : 1; }__attribute__((packed)); // This structure does not require the OA, but it seems to be used in all traffic seen so far -struct Iec104CauseOfTransmissionType +struct Iec104CauseOfTransmissionType { uint8_t causeOfTransmission : 6; uint8_t pn : 1; @@ -254,27 +254,27 @@ struct Iec104CauseOfTransmissionType }__attribute__((packed)); // COI: Cause of Initialization Structure -struct Iec104CoiType +struct Iec104CoiType { uint8_t ui : 7; uint8_t bs : 1; }__attribute__((packed)); // QOI: Qualifier of Interrogation Structure -struct Iec104QoiType +struct Iec104QoiType { uint8_t qoi; }__attribute__((packed)); // QCC: Qualifier of Counter Interrogation Command Structure -struct Iec104QccType +struct Iec104QccType { uint8_t rqt : 6; uint8_t frz : 2; }__attribute__((packed)); // QPM: Qualifier of Parameter of Measured Values Structure -struct Iec104QpmType +struct Iec104QpmType { uint8_t kpa : 6; uint8_t lpc : 1; @@ -282,55 +282,55 @@ struct Iec104QpmType }__attribute__((packed)); // QPA: Qualifier of Parameter Activation Structure -struct Iec104QpaType +struct Iec104QpaType { uint8_t qpa; }__attribute__((packed)); // QOC: Qualifier of Command Structure -// This doesn't add up to 8, but that is expected +// This doesn't add up to 8, but that is expected // This struct gets used in fields that have 2 preceding bits -struct Iec104QocType +struct Iec104QocType { uint8_t qu : 5; uint8_t se : 1; }__attribute__((packed)); // QRP: Qualifier of Reset Process Structure -struct Iec104QrpType +struct Iec104QrpType { uint8_t qrp; }__attribute__((packed)); // FRQ: File Ready Qualifier Structure -struct Iec104FrqType +struct Iec104FrqType { uint8_t ui : 7; uint8_t bs : 1; }__attribute__((packed)); // SRQ: Section Ready Qualifier Structure -struct Iec104SrqType +struct Iec104SrqType { uint8_t ui : 7; uint8_t bs : 1; }__attribute__((packed)); // SCQ: Select and Call Qualifier Structure -struct Iec104ScqType +struct Iec104ScqType { uint8_t ui1 : 4; uint8_t ui2 : 4; }__attribute__((packed)); // LSQ: Last Section or Segment Qualifier Structure -struct Iec104LsqType +struct Iec104LsqType { uint8_t lsq; }__attribute__((packed)); // AFQ: Acknowledge File or Section Qualifier Structure -struct Iec104AfqType +struct Iec104AfqType { uint8_t ui1 : 4; uint8_t ui2 : 4; @@ -339,31 +339,31 @@ struct Iec104AfqType // Common Address of ASDU Structure // This structure does not require the high octet, but it seems to be // used in all traffic seen so far -struct Iec104CommonAddressOfAsduType +struct Iec104CommonAddressOfAsduType { uint16_t commonAddress; }__attribute__((packed)); // Information Object Address One Octet Structure -struct Iec104InformationObjectAddressOneOctetType +struct Iec104InformationObjectAddressOneOctetType { uint8_t informationObjectAddress; }__attribute__((packed)); // Information Object Address Two Octet Structure -struct Iec104InformationObjectAddressTwoOctetType +struct Iec104InformationObjectAddressTwoOctetType { uint8_t informationObjectAddress[2]; }__attribute__((packed)); // Information Object Address Three Octet Structure -struct Iec104InformationObjectAddressThreeOctetType +struct Iec104InformationObjectAddressThreeOctetType { uint8_t informationObjectAddress[3]; }__attribute__((packed)); // SIQ: Single Point Information with Quality Descriptor Structure -struct Iec104SiqType +struct Iec104SiqType { uint8_t spi : 1; uint8_t reserved : 3; @@ -374,7 +374,7 @@ struct Iec104SiqType }__attribute__((packed)); // DIQ: Double Point Information with Quality Descriptor Structure -struct Iec104DiqType +struct Iec104DiqType { uint8_t dpi : 2; uint8_t reserved : 2; @@ -385,7 +385,7 @@ struct Iec104DiqType }__attribute__((packed)); // QDS: Quality Descriptor Structure -struct Iec104QdsType +struct Iec104QdsType { uint8_t ov : 1; uint8_t reserved : 3; @@ -396,7 +396,7 @@ struct Iec104QdsType }__attribute__((packed)); // QDP: Quality Descriptor for Events of Protection Equipment Structure -struct Iec104QdpType +struct Iec104QdpType { uint8_t reserved : 3; uint8_t ei : 1; @@ -407,32 +407,32 @@ struct Iec104QdpType }__attribute__((packed)); // VTI: Value with Transient State Indication Structure -struct Iec104VtiType +struct Iec104VtiType { uint8_t value : 7; uint8_t t : 1; }__attribute__((packed)); // NVA: Normalized Value Structure -struct Iec104NvaType +struct Iec104NvaType { uint16_t value; }__attribute__((packed)); // SVA: Scaled Value Structure -struct Iec104SvaType +struct Iec104SvaType { uint16_t value; }__attribute__((packed)); // IEEE_STD_754: Short Floating Point Number Structure -struct Iec104IeeeStd754Type +struct Iec104IeeeStd754Type { uint32_t ieeeStd754; }__attribute__((packed)); // BCR: Binary Counter Reading Structure -struct Iec104BcrType +struct Iec104BcrType { uint32_t value; uint8_t sequenceNumber : 5; @@ -442,7 +442,7 @@ struct Iec104BcrType }__attribute__((packed)); // SEP: Single Event of Protection Equipment Structure -struct Iec104SepType +struct Iec104SepType { uint8_t es : 2; uint8_t reserved : 1; @@ -454,7 +454,7 @@ struct Iec104SepType }__attribute__((packed)); // SPE: Start Event of Protection Equipment Structure -struct Iec104SpeType +struct Iec104SpeType { uint8_t gs : 1; uint8_t sl1 : 1; @@ -466,7 +466,7 @@ struct Iec104SpeType }__attribute__((packed)); // OCI: Output Circuit Information Structure -struct Iec104OciType +struct Iec104OciType { uint8_t gc : 1; uint8_t cl1 : 1; @@ -476,19 +476,19 @@ struct Iec104OciType }__attribute__((packed)); // BSI: Binary State Information Structure -struct Iec104BsiType +struct Iec104BsiType { uint32_t bitstring; }__attribute__((packed)); // FBP: Fixed Test Bit Pattern Structure -struct Iec104FbpType +struct Iec104FbpType { uint16_t fixedTestBitPattern; }__attribute__((packed)); // SCO: Single Command Structure -struct Iec104ScoType +struct Iec104ScoType { uint8_t scs : 1; uint8_t reserved : 1; @@ -497,7 +497,7 @@ struct Iec104ScoType }__attribute__((packed)); // DCO: Double Command Structure -struct Iec104DcoType +struct Iec104DcoType { uint8_t dcs : 2; uint8_t qu : 5; @@ -505,7 +505,7 @@ struct Iec104DcoType }__attribute__((packed)); // RCO: Regulating Step Command Structure -struct Iec104RcoType +struct Iec104RcoType { uint8_t rcs : 2; uint8_t qu : 5; @@ -513,13 +513,13 @@ struct Iec104RcoType }__attribute__((packed)); // Time2a Milliseconds Structure -struct Iec104Time2aMillisecondsType +struct Iec104Time2aMillisecondsType { uint16_t milliseconds; }__attribute__((packed)); // Time2a IVResMinute Structure -struct Iec104Time2aIvresminuteType +struct Iec104Time2aIvresminuteType { uint8_t minutes : 6; uint8_t res : 1; @@ -527,7 +527,7 @@ struct Iec104Time2aIvresminuteType }__attribute__((packed)); // Time2a SURes2Hour Structure -struct Iec104Time2aSures2hourType +struct Iec104Time2aSures2hourType { uint8_t hours : 5; uint8_t res2 : 2; @@ -535,28 +535,28 @@ struct Iec104Time2aSures2hourType }__attribute__((packed)); // Time2a DOWDay Structure -struct Iec104Time2aDowdayType +struct Iec104Time2aDowdayType { uint8_t dayOfMonth : 5; uint8_t dayOfWeek : 3; }__attribute__((packed)); // Time2a Res3Month Structure -struct Iec104Time2aRes3monthType +struct Iec104Time2aRes3monthType { uint8_t month : 4; uint8_t res3 : 4; }__attribute__((packed)); // Time2a Res4Year Structure -struct Iec104Time2aRes4yearType +struct Iec104Time2aRes4yearType { uint8_t year : 7; uint8_t res4 : 1; }__attribute__((packed)); // CP56Time2a Structure -struct Iec104Cp56Time2aType +struct Iec104Cp56Time2aType { Iec104Time2aMillisecondsType milliseconds; Iec104Time2aIvresminuteType ivresminute; @@ -567,44 +567,44 @@ struct Iec104Cp56Time2aType }__attribute__((packed)); // Cp24Time2a Structure -struct Iec104Cp24Time2aType +struct Iec104Cp24Time2aType { Iec104Time2aMillisecondsType milliseconds; Iec104Time2aIvresminuteType ivresminute; }__attribute__((packed)); // Cp16Time2a Structure -struct Iec104Cp16Time2aType +struct Iec104Cp16Time2aType { Iec104Time2aMillisecondsType milliseconds; }__attribute__((packed)); // NOF: Name of File Structure -struct Iec104NofType +struct Iec104NofType { uint16_t nameOfFile; }__attribute__((packed)); // NOS: Name of Section Structure -struct Iec104NosType +struct Iec104NosType { uint8_t nameOfSection; }__attribute__((packed)); // LOF: Length of File or Section Structure -struct Iec104LofType +struct Iec104LofType { uint8_t lengthOfFile[3]; }__attribute__((packed)); // LOS: Length of Segment Structure -struct Iec104LosType +struct Iec104LosType { uint8_t lengthOfSegment; }__attribute__((packed)); // CHS: Checksum Structure -struct Iec104ChsType +struct Iec104ChsType { uint8_t chs; }__attribute__((packed)); @@ -612,7 +612,7 @@ struct Iec104ChsType // SOF: Status of File Structure // need to prepend `sof` tag on here since `for` is a reserved word // doing it for the rest for consistency -struct Iec104SofType +struct Iec104SofType { uint8_t sofStatus : 5; uint8_t sofLfd : 1; @@ -621,33 +621,33 @@ struct Iec104SofType }__attribute__((packed)); // QOS: Qualifier of Set Point Command Structure -struct Iec104QosType +struct Iec104QosType { uint8_t ql : 7; uint8_t se : 1; }__attribute__((packed)); // SCD: Status + Status Change Detection Structure -struct Iec104ScdType +struct Iec104ScdType { uint16_t st; uint16_t cd; }__attribute__((packed)); // TSC: Test Sequence Counter -struct Iec104TscType +struct Iec104TscType { uint16_t tsc; }__attribute__((packed)); // Segment: Segment type -struct Iec104SegmentType +struct Iec104SegmentType { uint8_t segment; }__attribute__((packed)); // Information Element -struct Iec104InformationElementType +struct Iec104InformationElementType { Iec104NofType nameOfFileOrSubdirectory; Iec104LofType lengthOfFile; @@ -666,303 +666,303 @@ struct Iec104InformationElementType // ASDUs for process information in monitor direction // -// ASDU Type M_SP_NA_1 +// ASDU Type M_SP_NA_1 // Ident 1 // Single-point information -struct Iec104M_SP_NA_1_IO_Subgroup +struct Iec104M_SP_NA_1_IO_Subgroup { Iec104SiqType siq; }__attribute__((packed)); -struct Iec104M_SP_NA_1_IO_Group +struct Iec104M_SP_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_SP_NA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_SP_TA_1 +// ASDU Type M_SP_TA_1 // Ident 2 // Single-point information with time tag -struct Iec104M_SP_TA_1_IO_Subgroup +struct Iec104M_SP_TA_1_IO_Subgroup { Iec104SiqType siq; Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_SP_TA_1_IO_Group +struct Iec104M_SP_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_SP_TA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_DP_NA_1 +// ASDU Type M_DP_NA_1 // Ident 3 // Double-point information -struct Iec104M_DP_NA_1_IO_Subgroup +struct Iec104M_DP_NA_1_IO_Subgroup { Iec104DiqType diq; }__attribute__((packed)); -struct Iec104M_DP_NA_1_IO_Group +struct Iec104M_DP_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_DP_NA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_DP_TA_1 +// ASDU Type M_DP_TA_1 // Ident 4 // Double-point information with time tag -struct Iec104M_DP_TA_1_IO_Subgroup +struct Iec104M_DP_TA_1_IO_Subgroup { Iec104DiqType diq; Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_DP_TA_1_IO_Group +struct Iec104M_DP_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_DP_TA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_ST_NA_1 +// ASDU Type M_ST_NA_1 // Ident 5 // Step position information -struct Iec104M_ST_NA_1_IO_Subgroup +struct Iec104M_ST_NA_1_IO_Subgroup { Iec104VtiType vti; Iec104QdsType qds; }__attribute__((packed)); -struct Iec104M_ST_NA_1_IO_Group +struct Iec104M_ST_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ST_NA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_ST_TA_1 +// ASDU Type M_ST_TA_1 // Ident 6 // Step position information with time tag -struct Iec104M_ST_TA_1_IO_Subgroup +struct Iec104M_ST_TA_1_IO_Subgroup { Iec104VtiType vti; Iec104QdsType qds; Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_ST_TA_1_IO_Group +struct Iec104M_ST_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ST_TA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_BO_NA_1 +// ASDU Type M_BO_NA_1 // Ident 7 // Bitstring of 32 bit -struct Iec104M_BO_NA_1_IO_Subgroup +struct Iec104M_BO_NA_1_IO_Subgroup { Iec104BsiType bsi; Iec104QdsType qds; }__attribute__((packed)); -struct Iec104M_BO_NA_1_IO_Group +struct Iec104M_BO_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_BO_NA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_BO_TA_1 +// ASDU Type M_BO_TA_1 // Ident 8 // Bitstring of 32 bit with time tag -struct Iec104M_BO_TA_1_IO_Subgroup +struct Iec104M_BO_TA_1_IO_Subgroup { Iec104BsiType bsi; Iec104QdsType qds; Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_BO_TA_1_IO_Group +struct Iec104M_BO_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_BO_TA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_ME_NA_1 +// ASDU Type M_ME_NA_1 // Ident 9 // Measured value, normalized value -struct Iec104M_ME_NA_1_IO_Subgroup +struct Iec104M_ME_NA_1_IO_Subgroup { Iec104NvaType nva; Iec104QdsType qds; }__attribute__((packed)); -struct Iec104M_ME_NA_1_IO_Group +struct Iec104M_ME_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ME_NA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_ME_TA_1 +// ASDU Type M_ME_TA_1 // Ident 10 // Measured value, normalized value with time tag -struct Iec104M_ME_TA_1_IO_Subgroup +struct Iec104M_ME_TA_1_IO_Subgroup { Iec104NvaType nva; Iec104QdsType qds; Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_ME_TA_1_IO_Group +struct Iec104M_ME_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ME_TA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_ME_NB_1 +// ASDU Type M_ME_NB_1 // Ident 11 // Measured value, scaled value -struct Iec104M_ME_NB_1_IO_Subgroup +struct Iec104M_ME_NB_1_IO_Subgroup { Iec104SvaType sva; Iec104QdsType qds; }__attribute__((packed)); -struct Iec104M_ME_NB_1_IO_Group +struct Iec104M_ME_NB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ME_NB_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_ME_TB_1 +// ASDU Type M_ME_TB_1 // Ident 12 // Measured value, scaled value wit time tag -struct Iec104M_ME_TB_1_IO_Subgroup +struct Iec104M_ME_TB_1_IO_Subgroup { Iec104SvaType sva; Iec104QdsType qds; Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_ME_TB_1_IO_Group +struct Iec104M_ME_TB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ME_TB_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_ME_NC_1 +// ASDU Type M_ME_NC_1 // Ident 13 // Measured value, short floating point number -struct Iec104M_ME_NC_1_IO_Subgroup +struct Iec104M_ME_NC_1_IO_Subgroup { Iec104IeeeStd754Type ieeeStd754; Iec104QdsType qds; }__attribute__((packed)); -struct Iec104M_ME_NC_1_IO_Group +struct Iec104M_ME_NC_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ME_NC_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_ME_TC_1 +// ASDU Type M_ME_TC_1 // Ident 14 // Measured value, short floating point number with time tag -struct Iec104M_ME_TC_1_IO_Subgroup +struct Iec104M_ME_TC_1_IO_Subgroup { Iec104IeeeStd754Type ieeeStd754; Iec104QdsType qds; Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_ME_TC_1_IO_Group +struct Iec104M_ME_TC_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ME_TC_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_IT_NA_1 +// ASDU Type M_IT_NA_1 // Ident 15 // Integrated totals -struct Iec104M_IT_NA_1_IO_Subgroup +struct Iec104M_IT_NA_1_IO_Subgroup { Iec104BcrType bcr; }__attribute__((packed)); -struct Iec104M_IT_NA_1_IO_Group +struct Iec104M_IT_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_IT_NA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_IT_TA_1 +// ASDU Type M_IT_TA_1 // Ident 16 // Integrated totals with time tag -struct Iec104M_IT_TA_1_IO_Subgroup +struct Iec104M_IT_TA_1_IO_Subgroup { Iec104BcrType bcr; Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_IT_TA_1_IO_Group +struct Iec104M_IT_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_IT_TA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_EP_TA_1 +// ASDU Type M_EP_TA_1 // Ident 17 // Event of protection equipment with time tag -struct Iec104M_EP_TA_1_IO_Subgroup +struct Iec104M_EP_TA_1_IO_Subgroup { Iec104SepType sep; Iec104Cp16Time2aType elapsedTime; Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_EP_TA_1_IO_Group +struct Iec104M_EP_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_EP_TA_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_EP_TB_1 +// ASDU Type M_EP_TB_1 // Ident 18 // Packed start events of protection equipment with time tag -struct Iec104M_EP_TB_1_IO_Subgroup +struct Iec104M_EP_TB_1_IO_Subgroup { Iec104SpeType spe; Iec104QdpType qdp; @@ -970,18 +970,18 @@ struct Iec104M_EP_TB_1_IO_Subgroup Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_EP_TB_1_IO_Group +struct Iec104M_EP_TB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_EP_TB_1_IO_Subgroup subgroup; }__attribute__((packed)); -// ASDU Type M_EP_TC_1 +// ASDU Type M_EP_TC_1 // Ident 19 // Packed output circuit information of protection equipment with time tag -struct Iec104M_EP_TC_1_IO_Subgroup +struct Iec104M_EP_TC_1_IO_Subgroup { Iec104OciType oci; Iec104QdpType qdp; @@ -989,7 +989,7 @@ struct Iec104M_EP_TC_1_IO_Subgroup Iec104Cp24Time2aType threeOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_EP_TC_1_IO_Group +struct Iec104M_EP_TC_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_EP_TC_1_IO_Subgroup subgroup; @@ -1000,13 +1000,13 @@ struct Iec104M_EP_TC_1_IO_Group // Ident 20 // Packed single point information with status change detection -struct Iec104M_PS_NA_1_IO_Subgroup +struct Iec104M_PS_NA_1_IO_Subgroup { Iec104ScdType scd; Iec104QdsType qds; }__attribute__((packed)); -struct Iec104M_PS_NA_1_IO_Group +struct Iec104M_PS_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_PS_NA_1_IO_Subgroup subgroup; @@ -1017,12 +1017,12 @@ struct Iec104M_PS_NA_1_IO_Group // Ident 21 // Measured value, normalized value without quality descriptor -struct Iec104M_ME_ND_1_IO_Subgroup +struct Iec104M_ME_ND_1_IO_Subgroup { Iec104NvaType nva; }__attribute__((packed)); -struct Iec104M_ME_ND_1_IO_Group +struct Iec104M_ME_ND_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ME_ND_1_IO_Subgroup subgroup; @@ -1033,13 +1033,13 @@ struct Iec104M_ME_ND_1_IO_Group // Ident 30 // Single-point information with time tag CP56Time2a -struct Iec104M_SP_TB_1_IO_Subgroup +struct Iec104M_SP_TB_1_IO_Subgroup { Iec104SiqType siq; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_SP_TB_1_IO_Group +struct Iec104M_SP_TB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_SP_TB_1_IO_Subgroup subgroup; @@ -1050,13 +1050,13 @@ struct Iec104M_SP_TB_1_IO_Group // Ident 31 // Double-point information with time tag CP56Time2a -struct Iec104M_DP_TB_1_IO_Subgroup +struct Iec104M_DP_TB_1_IO_Subgroup { Iec104DiqType diq; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_DP_TB_1_IO_Group +struct Iec104M_DP_TB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_DP_TB_1_IO_Subgroup subgroup; @@ -1067,14 +1067,14 @@ struct Iec104M_DP_TB_1_IO_Group // Ident 32 // Step position information with time tag CP56Time2a -struct Iec104M_ST_TB_1_IO_Subgroup +struct Iec104M_ST_TB_1_IO_Subgroup { Iec104VtiType vti; Iec104QdsType qds; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_ST_TB_1_IO_Group +struct Iec104M_ST_TB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ST_TB_1_IO_Subgroup subgroup; @@ -1085,14 +1085,14 @@ struct Iec104M_ST_TB_1_IO_Group // Ident 33 // Bitstring of 32 bit with time tag CP56Time2a -struct Iec104M_BO_TB_1_IO_Subgroup +struct Iec104M_BO_TB_1_IO_Subgroup { Iec104BsiType bsi; Iec104QdsType qds; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_BO_TB_1_IO_Group +struct Iec104M_BO_TB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_BO_TB_1_IO_Subgroup subgroup; @@ -1103,14 +1103,14 @@ struct Iec104M_BO_TB_1_IO_Group // Ident 34 // Measured value, normalized value with time tag CP56Time2a -struct Iec104M_ME_TD_1_IO_Subgroup +struct Iec104M_ME_TD_1_IO_Subgroup { Iec104NvaType nva; Iec104QdsType qds; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_ME_TD_1_IO_Group +struct Iec104M_ME_TD_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ME_TD_1_IO_Subgroup subgroup; @@ -1121,14 +1121,14 @@ struct Iec104M_ME_TD_1_IO_Group // Ident 35 // Measured value, scaled value with time tag CP56Time2a -struct Iec104M_ME_TE_1_IO_Subgroup +struct Iec104M_ME_TE_1_IO_Subgroup { Iec104SvaType sva; Iec104QdsType qds; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_ME_TE_1_IO_Group +struct Iec104M_ME_TE_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ME_TE_1_IO_Subgroup subgroup; @@ -1139,14 +1139,14 @@ struct Iec104M_ME_TE_1_IO_Group // Ident 36 // Measured value, short floating point number with time tag CP56Time2a -struct Iec104M_ME_TF_1_IO_Subgroup +struct Iec104M_ME_TF_1_IO_Subgroup { Iec104IeeeStd754Type ieeeStd754; Iec104QdsType qds; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_ME_TF_1_IO_Group +struct Iec104M_ME_TF_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_ME_TF_1_IO_Subgroup subgroup; @@ -1157,13 +1157,13 @@ struct Iec104M_ME_TF_1_IO_Group // Ident 37 // Integrated totals with time tag CP56Time2a -struct Iec104M_IT_TB_1_IO_Subgroup +struct Iec104M_IT_TB_1_IO_Subgroup { Iec104BcrType bcr; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_IT_TB_1_IO_Group +struct Iec104M_IT_TB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_IT_TB_1_IO_Subgroup subgroup; @@ -1174,14 +1174,14 @@ struct Iec104M_IT_TB_1_IO_Group // Ident 38 // Event of protection equipment with time tag CP56Time2a -struct Iec104M_EP_TD_1_IO_Subgroup +struct Iec104M_EP_TD_1_IO_Subgroup { Iec104SepType sep; Iec104Cp16Time2aType elapsedTime; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_EP_TD_1_IO_Group +struct Iec104M_EP_TD_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_EP_TD_1_IO_Subgroup subgroup; @@ -1192,7 +1192,7 @@ struct Iec104M_EP_TD_1_IO_Group // Ident 39 // Packed start events of protection equipment with time tag CP56Time2a -struct Iec104M_EP_TE_1_IO_Subgroup +struct Iec104M_EP_TE_1_IO_Subgroup { Iec104SepType sep; Iec104QdpType qdp; @@ -1200,7 +1200,7 @@ struct Iec104M_EP_TE_1_IO_Subgroup Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_EP_TE_1_IO_Group +struct Iec104M_EP_TE_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_EP_TE_1_IO_Subgroup subgroup; @@ -1211,7 +1211,7 @@ struct Iec104M_EP_TE_1_IO_Group // Ident 40 // Packed output circuit information of protection equipment with time tag CP56Time2a -struct Iec104M_EP_TF_1_IO_Subgroup +struct Iec104M_EP_TF_1_IO_Subgroup { Iec104OciType oci; Iec104QdpType qdp; @@ -1219,7 +1219,7 @@ struct Iec104M_EP_TF_1_IO_Subgroup Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104M_EP_TF_1_IO_Group +struct Iec104M_EP_TF_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_EP_TF_1_IO_Subgroup subgroup; @@ -1233,12 +1233,12 @@ struct Iec104M_EP_TF_1_IO_Group // ASDU Type C_SC_NA_1 -struct Iec104C_SC_NA_1_IO_Subgroup +struct Iec104C_SC_NA_1_IO_Subgroup { Iec104ScoType sco; }__attribute__((packed)); -struct Iec104C_SC_NA_1_IO_Group +struct Iec104C_SC_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_SC_NA_1_IO_Subgroup subgroup; @@ -1247,12 +1247,12 @@ struct Iec104C_SC_NA_1_IO_Group // ASDU Type C_DC_NA_1 -struct Iec104C_DC_NA_1_IO_Subgroup +struct Iec104C_DC_NA_1_IO_Subgroup { Iec104DcoType dco; }__attribute__((packed)); -struct Iec104C_DC_NA_1_IO_Group +struct Iec104C_DC_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_DC_NA_1_IO_Subgroup subgroup; @@ -1261,12 +1261,12 @@ struct Iec104C_DC_NA_1_IO_Group // ASDU Type C_RC_NA_1 -struct Iec104C_RC_NA_1_IO_Subgroup +struct Iec104C_RC_NA_1_IO_Subgroup { Iec104RcoType rco; }__attribute__((packed)); -struct Iec104C_RC_NA_1_IO_Group +struct Iec104C_RC_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_RC_NA_1_IO_Subgroup subgroup; @@ -1275,13 +1275,13 @@ struct Iec104C_RC_NA_1_IO_Group // ASDU Type C_SE_NA_1 -struct Iec104C_SE_NA_1_IO_Subgroup +struct Iec104C_SE_NA_1_IO_Subgroup { Iec104NvaType nva; Iec104QosType qos; }__attribute__((packed)); -struct Iec104C_SE_NA_1_IO_Group +struct Iec104C_SE_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_SE_NA_1_IO_Subgroup subgroup; @@ -1290,13 +1290,13 @@ struct Iec104C_SE_NA_1_IO_Group // ASDU Type C_SE_NB_1 -struct Iec104C_SE_NB_1_IO_Subgroup +struct Iec104C_SE_NB_1_IO_Subgroup { Iec104SvaType sva; Iec104QosType qos; }__attribute__((packed)); -struct Iec104C_SE_NB_1_IO_Group +struct Iec104C_SE_NB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_SE_NB_1_IO_Subgroup subgroup; @@ -1305,13 +1305,13 @@ struct Iec104C_SE_NB_1_IO_Group // ASDU Type C_SE_NC_1 -struct Iec104C_SE_NC_1_IO_Subgroup +struct Iec104C_SE_NC_1_IO_Subgroup { Iec104IeeeStd754Type ieeeStd754; Iec104QosType qos; }__attribute__((packed)); -struct Iec104C_SE_NC_1_IO_Group +struct Iec104C_SE_NC_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_SE_NC_1_IO_Subgroup subgroup; @@ -1320,12 +1320,12 @@ struct Iec104C_SE_NC_1_IO_Group // ASDU Type C_BO_NA_1 -struct Iec104C_BO_NA_1_IO_Subgroup +struct Iec104C_BO_NA_1_IO_Subgroup { Iec104BsiType bsi; }__attribute__((packed)); -struct Iec104C_BO_NA_1_IO_Group +struct Iec104C_BO_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_BO_NA_1_IO_Subgroup subgroup; @@ -1337,13 +1337,13 @@ struct Iec104C_BO_NA_1_IO_Group // Single command with time tag CP56Time2a // IEC-60870-5-104 -struct Iec104C_SC_TA_1_IO_Subgroup +struct Iec104C_SC_TA_1_IO_Subgroup { Iec104ScoType sco; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104C_SC_TA_1_IO_Group +struct Iec104C_SC_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_SC_TA_1_IO_Subgroup subgroup; @@ -1352,16 +1352,16 @@ struct Iec104C_SC_TA_1_IO_Group // ASDU Type C_DC_TA_1 // Ident 59 -// Double command with time tag CP56Time2a +// Double command with time tag CP56Time2a // IEC-60870-5-104 -struct Iec104C_DC_TA_1_IO_Subgroup +struct Iec104C_DC_TA_1_IO_Subgroup { Iec104DcoType dco; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104C_DC_TA_1_IO_Group +struct Iec104C_DC_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_DC_TA_1_IO_Subgroup subgroup; @@ -1373,13 +1373,13 @@ struct Iec104C_DC_TA_1_IO_Group // Regulating step command with time tag CP56Time2a // IEC-60870-5-104 -struct Iec104C_RC_TA_1_IO_Subgroup +struct Iec104C_RC_TA_1_IO_Subgroup { Iec104RcoType rco; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104C_RC_TA_1_IO_Group +struct Iec104C_RC_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_RC_TA_1_IO_Subgroup subgroup; @@ -1391,14 +1391,14 @@ struct Iec104C_RC_TA_1_IO_Group // Set-point command with time tag CP56Time2a, normalized value // IEC-60870-5-104 -struct Iec104C_SE_TA_1_IO_Subgroup +struct Iec104C_SE_TA_1_IO_Subgroup { Iec104NvaType nva; Iec104QosType qos; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104C_SE_TA_1_IO_Group +struct Iec104C_SE_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_SE_TA_1_IO_Subgroup subgroup; @@ -1410,14 +1410,14 @@ struct Iec104C_SE_TA_1_IO_Group // Set-point command with time tag CP56Time2a, scaled value // IEC-60870-5-104 -struct Iec104C_SE_TB_1_IO_Subgroup +struct Iec104C_SE_TB_1_IO_Subgroup { Iec104SvaType sva; Iec104QosType qos; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104C_SE_TB_1_IO_Group +struct Iec104C_SE_TB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_SE_TB_1_IO_Subgroup subgroup; @@ -1429,14 +1429,14 @@ struct Iec104C_SE_TB_1_IO_Group // Set-point command with time tag CP56Time2a, short floating point number // IEC-60870-5-104 -struct Iec104C_SE_TC_1_IO_Subgroup +struct Iec104C_SE_TC_1_IO_Subgroup { Iec104IeeeStd754Type ieeeStd754; Iec104QosType qos; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104C_SE_TC_1_IO_Group +struct Iec104C_SE_TC_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_SE_TC_1_IO_Subgroup subgroup; @@ -1448,13 +1448,13 @@ struct Iec104C_SE_TC_1_IO_Group // Bitstring of 32 bit with time tag CP56Time2a // IEC-60870-5-104 -struct Iec104C_BO_TA_1_IO_Subgroup +struct Iec104C_BO_TA_1_IO_Subgroup { Iec104BsiType bsi; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104C_BO_TA_1_IO_Group +struct Iec104C_BO_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_BO_TA_1_IO_Subgroup subgroup; @@ -1470,12 +1470,12 @@ struct Iec104C_BO_TA_1_IO_Group // Ident 70 // End of initialization -struct Iec104M_EI_NA_1_IO_Subgroup +struct Iec104M_EI_NA_1_IO_Subgroup { Iec104CoiType coi; }__attribute__((packed)); -struct Iec104M_EI_NA_1_IO_Group +struct Iec104M_EI_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104M_EI_NA_1_IO_Subgroup subgroup; @@ -1491,12 +1491,12 @@ struct Iec104M_EI_NA_1_IO_Group // Ident 100 // Interrogation command -struct Iec104C_IC_NA_1_IO_Subgroup +struct Iec104C_IC_NA_1_IO_Subgroup { Iec104QoiType qoi; }__attribute__((packed)); -struct Iec104C_IC_NA_1_IO_Group +struct Iec104C_IC_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_IC_NA_1_IO_Subgroup subgroup; @@ -1507,12 +1507,12 @@ struct Iec104C_IC_NA_1_IO_Group // Ident 101 // Counter interrogation command -struct Iec104C_CI_NA_1_IO_Subgroup +struct Iec104C_CI_NA_1_IO_Subgroup { Iec104QccType qcc; }__attribute__((packed)); -struct Iec104C_CI_NA_1_IO_Group +struct Iec104C_CI_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_CI_NA_1_IO_Subgroup subgroup; @@ -1523,12 +1523,12 @@ struct Iec104C_CI_NA_1_IO_Group // Ident 102 // Read command -struct Iec104C_RD_NA_1_IO_Subgroup +struct Iec104C_RD_NA_1_IO_Subgroup { // No subgroup for this type }__attribute__((packed)); -struct Iec104C_RD_NA_1_IO_Group +struct Iec104C_RD_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_RD_NA_1_IO_Subgroup subgroup; @@ -1539,12 +1539,12 @@ struct Iec104C_RD_NA_1_IO_Group // Ident 103 // Clock synchronization command -struct Iec104C_CS_NA_1_IO_Subgroup +struct Iec104C_CS_NA_1_IO_Subgroup { Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104C_CS_NA_1_IO_Group +struct Iec104C_CS_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_CS_NA_1_IO_Subgroup subgroup; @@ -1555,12 +1555,12 @@ struct Iec104C_CS_NA_1_IO_Group // Ident 104 // Test command -struct Iec104C_TS_NA_1_IO_Subgroup +struct Iec104C_TS_NA_1_IO_Subgroup { Iec104FbpType fbp; }__attribute__((packed)); -struct Iec104C_TS_NA_1_IO_Group +struct Iec104C_TS_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_TS_NA_1_IO_Subgroup subgroup; @@ -1571,12 +1571,12 @@ struct Iec104C_TS_NA_1_IO_Group // Ident 105 // Reset process command -struct Iec104C_RP_NA_1_IO_Subgroup +struct Iec104C_RP_NA_1_IO_Subgroup { Iec104QrpType qrp; }__attribute__((packed)); -struct Iec104C_RP_NA_1_IO_Group +struct Iec104C_RP_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_RP_NA_1_IO_Subgroup subgroup; @@ -1587,12 +1587,12 @@ struct Iec104C_RP_NA_1_IO_Group // Ident 106 // Delay acquisition command -struct Iec104C_CD_NA_1_IO_Subgroup +struct Iec104C_CD_NA_1_IO_Subgroup { Iec104Cp16Time2aType msUpToSeconds; }__attribute__((packed)); -struct Iec104C_CD_NA_1_IO_Group +struct Iec104C_CD_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_CD_NA_1_IO_Subgroup subgroup; @@ -1604,13 +1604,13 @@ struct Iec104C_CD_NA_1_IO_Group // Test command with time tag CP56Time2a // IEC-60870-5-104 -struct Iec104C_TS_TA_1_IO_Subgroup +struct Iec104C_TS_TA_1_IO_Subgroup { Iec104TscType tsc; Iec104Cp56Time2aType sevenOctetBinaryTime; }__attribute__((packed)); -struct Iec104C_TS_TA_1_IO_Group +struct Iec104C_TS_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104C_TS_TA_1_IO_Subgroup subgroup; @@ -1626,13 +1626,13 @@ struct Iec104C_TS_TA_1_IO_Group // Ident 110 // Parameter of measured values, normalized value -struct Iec104P_ME_NA_1_IO_Subgroup +struct Iec104P_ME_NA_1_IO_Subgroup { Iec104NvaType nva; Iec104QpmType qpm; }__attribute__((packed)); -struct Iec104P_ME_NA_1_IO_Group +struct Iec104P_ME_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104P_ME_NA_1_IO_Subgroup subgroup; @@ -1643,13 +1643,13 @@ struct Iec104P_ME_NA_1_IO_Group // Ident 111 // Parameter of measured values, scaled value -struct Iec104P_ME_NB_1_IO_Subgroup +struct Iec104P_ME_NB_1_IO_Subgroup { Iec104SvaType sva; Iec104QpmType qpm; }__attribute__((packed)); -struct Iec104P_ME_NB_1_IO_Group +struct Iec104P_ME_NB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104P_ME_NB_1_IO_Subgroup subgroup; @@ -1660,13 +1660,13 @@ struct Iec104P_ME_NB_1_IO_Group // Ident 112 // Parameter of measured values, short floating point number -struct Iec104P_ME_NC_1_IO_Subgroup +struct Iec104P_ME_NC_1_IO_Subgroup { Iec104IeeeStd754Type ieeeStd754; Iec104QpmType qpm; }__attribute__((packed)); -struct Iec104P_ME_NC_1_IO_Group +struct Iec104P_ME_NC_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104P_ME_NC_1_IO_Subgroup subgroup; @@ -1677,12 +1677,12 @@ struct Iec104P_ME_NC_1_IO_Group // Ident 113 // Parameter activation -struct Iec104P_AC_NA_1_IO_Subgroup +struct Iec104P_AC_NA_1_IO_Subgroup { Iec104QpaType qpa; }__attribute__((packed)); -struct Iec104P_AC_NA_1_IO_Group +struct Iec104P_AC_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104P_AC_NA_1_IO_Subgroup subgroup; @@ -1698,14 +1698,14 @@ struct Iec104P_AC_NA_1_IO_Group // Ident 120 // File ready -struct Iec104F_FR_NA_1_IO_Subgroup +struct Iec104F_FR_NA_1_IO_Subgroup { Iec104NofType nameOfFile; Iec104LofType lengthOfFile; Iec104FrqType frq; }__attribute__((packed)); -struct Iec104F_FR_NA_1_IO_Group +struct Iec104F_FR_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104F_FR_NA_1_IO_Subgroup subgroup; @@ -1716,7 +1716,7 @@ struct Iec104F_FR_NA_1_IO_Group // Ident 121 // Section ready -struct Iec104F_SR_NA_1_IO_Subgroup +struct Iec104F_SR_NA_1_IO_Subgroup { Iec104NofType nameOfFile; Iec104NosType nameOfSection; @@ -1724,7 +1724,7 @@ struct Iec104F_SR_NA_1_IO_Subgroup Iec104SrqType srq; }__attribute__((packed)); -struct Iec104F_SR_NA_1_IO_Group +struct Iec104F_SR_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104F_SR_NA_1_IO_Subgroup subgroup; @@ -1735,14 +1735,14 @@ struct Iec104F_SR_NA_1_IO_Group // Ident 122 // Call directory, select file, call file, call section -struct Iec104F_SC_NA_1_IO_Subgroup +struct Iec104F_SC_NA_1_IO_Subgroup { Iec104NofType nameOfFile; Iec104NosType nameOfSection; Iec104ScqType scq; }__attribute__((packed)); -struct Iec104F_SC_NA_1_IO_Group +struct Iec104F_SC_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104F_SC_NA_1_IO_Subgroup subgroup; @@ -1753,7 +1753,7 @@ struct Iec104F_SC_NA_1_IO_Group // Ident 123 // Last section, last segment -struct Iec104F_LS_NA_1_IO_Subgroup +struct Iec104F_LS_NA_1_IO_Subgroup { Iec104NofType nameOfFile; Iec104NosType nameOfSection; @@ -1761,7 +1761,7 @@ struct Iec104F_LS_NA_1_IO_Subgroup Iec104ChsType chs; }__attribute__((packed)); -struct Iec104F_LS_NA_1_IO_Group +struct Iec104F_LS_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104F_LS_NA_1_IO_Subgroup subgroup; @@ -1772,14 +1772,14 @@ struct Iec104F_LS_NA_1_IO_Group // Ident 124 // ACK file, ACK section -struct Iec104F_AF_NA_1_IO_Subgroup +struct Iec104F_AF_NA_1_IO_Subgroup { Iec104NofType nameOfFile; Iec104NosType nameOfSection; Iec104AfqType afq; }__attribute__((packed)); -struct Iec104F_AF_NA_1_IO_Group +struct Iec104F_AF_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104F_AF_NA_1_IO_Subgroup subgroup; @@ -1790,7 +1790,7 @@ struct Iec104F_AF_NA_1_IO_Group // Ident 125 // Single information object -struct Iec104F_SG_NA_1_IO_Subgroup +struct Iec104F_SG_NA_1_IO_Subgroup { Iec104NofType nameOfFile; Iec104NosType nameOfSection; @@ -1798,7 +1798,7 @@ struct Iec104F_SG_NA_1_IO_Subgroup Iec104SegmentType segment; }__attribute__((packed)); -struct Iec104F_SG_NA_1_IO_Group +struct Iec104F_SG_NA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104F_SG_NA_1_IO_Subgroup subgroup; @@ -1809,7 +1809,7 @@ struct Iec104F_SG_NA_1_IO_Group // Ident 126 // Sequence of information elements in a single information object -struct Iec104F_DR_TA_1_IO_Subgroup +struct Iec104F_DR_TA_1_IO_Subgroup { Iec104NofType nameOfFileOrSubdirectory; Iec104LofType lengthOfFile; @@ -1817,7 +1817,7 @@ struct Iec104F_DR_TA_1_IO_Subgroup Iec104Cp56Time2aType creationTimeOfFile; }__attribute__((packed)); -struct Iec104F_DR_TA_1_IO_Group +struct Iec104F_DR_TA_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104F_DR_TA_1_IO_Subgroup subgroup; @@ -1828,14 +1828,14 @@ struct Iec104F_DR_TA_1_IO_Group // Ident 127 // QueryLog – Request archive file -struct Iec104F_SC_NB_1_IO_Subgroup +struct Iec104F_SC_NB_1_IO_Subgroup { Iec104NofType nameOfFile; Iec104Cp56Time2aType startTime; Iec104Cp56Time2aType stopTime; }__attribute__((packed)); -struct Iec104F_SC_NB_1_IO_Group +struct Iec104F_SC_NB_1_IO_Group { Iec104InformationObjectAddressThreeOctetType ioa; Iec104F_SC_NB_1_IO_Subgroup subgroup; @@ -1846,13 +1846,13 @@ struct Iec104F_SC_NB_1_IO_Group // Generic ASDU // -struct Iec104GenericAsdu +struct Iec104GenericAsdu { uint8_t typeId; Iec104VariableStructureQualifierType variableStructureQualifier; Iec104CauseOfTransmissionType causeOfTransmission; - Iec104CommonAddressOfAsduType commonAddressOfAsdu; - union + Iec104CommonAddressOfAsduType commonAddressOfAsdu; + union { Iec104M_SP_NA_1_IO_Group m_sp_na_1; Iec104M_SP_TA_1_IO_Group m_sp_ta_1; @@ -1937,7 +1937,7 @@ struct Iec104Header }__attribute__((packed)); // APCI Type U -struct Iec104ApciU +struct Iec104ApciU { Iec104Header header; uint8_t apciTypeMajor : 1; @@ -1954,7 +1954,7 @@ struct Iec104ApciU }__attribute__((packed)); // APCI Type S -struct Iec104ApciS +struct Iec104ApciS { Iec104Header header; uint16_t apciTypeMajor : 1; @@ -1965,7 +1965,7 @@ struct Iec104ApciS }__attribute__((packed)); // APCI Type I -struct Iec104ApciI +struct Iec104ApciI { Iec104Header header; uint16_t apciTypeMajor : 1; @@ -1976,7 +1976,7 @@ struct Iec104ApciI }__attribute__((packed)); // structs used to determine if there is an issue with the passed ASDU -struct Iec104AsduCheckCauseOfTx +struct Iec104AsduCheckCauseOfTx { uint64_t percyc : 1; uint64_t back : 1; @@ -2019,7 +2019,7 @@ struct Iec104AsduCheckCauseOfTx uint64_t unk_info_addr : 1; }; -struct Iec104AsduCheck +struct Iec104AsduCheck { const Iec104ApciI* apci; bool sq0Allowed; diff --git a/src/service_inspectors/iec104/ips_iec104_apci_type.cc b/src/service_inspectors/iec104/ips_iec104_apci_type.cc index 5f9fd26a5..6c706442c 100644 --- a/src/service_inspectors/iec104/ips_iec104_apci_type.cc +++ b/src/service_inspectors/iec104/ips_iec104_apci_type.cc @@ -47,8 +47,8 @@ struct Iec104ApciTypeMap }; /* Mapping of name -> apci type for 'iec104_apci_type' option. */ -static Iec104ApciTypeMap iec104_apci_type_map[] = -{ +static Iec104ApciTypeMap iec104_apci_type_map[] = +{ { "u", IEC104_APCI_TYPE_U }, // unnumbered control function { "U", IEC104_APCI_TYPE_U }, // unnumbered control function { "unnumbered_control_function", IEC104_APCI_TYPE_U }, // unnumbered control function @@ -222,30 +222,30 @@ static void opt_dtor(IpsOption* p) delete p; } -static const IpsApi ips_api = -{ - { - PT_IPS_OPTION, - sizeof(IpsApi), - IPSAPI_VERSION, - 0, +static const IpsApi ips_api = +{ + { + PT_IPS_OPTION, + sizeof(IpsApi), + IPSAPI_VERSION, + 0, API_RESERVED, - API_OPTIONS, + API_OPTIONS, s_name, - s_help, - mod_ctor, - mod_dtor - }, - OPT_TYPE_DETECTION, - 0, - PROTO_BIT__TCP, - nullptr, - nullptr, + s_help, + mod_ctor, + mod_dtor + }, + OPT_TYPE_DETECTION, + 0, + PROTO_BIT__TCP, + nullptr, + nullptr, + nullptr, nullptr, - nullptr, - opt_ctor, - opt_dtor, - nullptr + opt_ctor, + opt_dtor, + nullptr }; const BaseApi* ips_iec104_apci_type = &ips_api.base; diff --git a/src/service_inspectors/iec104/ips_iec104_asdu_func.cc b/src/service_inspectors/iec104/ips_iec104_asdu_func.cc index be1121ea2..5217823ba 100644 --- a/src/service_inspectors/iec104/ips_iec104_asdu_func.cc +++ b/src/service_inspectors/iec104/ips_iec104_asdu_func.cc @@ -47,8 +47,8 @@ struct Iec104AsduFuncMap }; /* Mapping of name -> function code for 'iec104_asdu_func' option. */ -static Iec104AsduFuncMap iec104_asdu_func_map[] = -{ +static Iec104AsduFuncMap iec104_asdu_func_map[] = +{ { "reserved", IEC104_NO_ASDU }, // 0 reserved { "M_SP_NA_1", IEC104_ASDU_M_SP_NA_1 }, { "m_sp_na_1", IEC104_ASDU_M_SP_NA_1 }, // Single-point information { "M_SP_TA_1", IEC104_ASDU_M_SP_TA_1 }, { "m_sp_ta_1", IEC104_ASDU_M_SP_TA_1 }, // Single-point information with time tag @@ -295,30 +295,30 @@ static void opt_dtor(IpsOption* p) delete p; } -static const IpsApi ips_api = -{ - { - PT_IPS_OPTION, - sizeof(IpsApi), - IPSAPI_VERSION, - 0, +static const IpsApi ips_api = +{ + { + PT_IPS_OPTION, + sizeof(IpsApi), + IPSAPI_VERSION, + 0, API_RESERVED, - API_OPTIONS, + API_OPTIONS, s_name, - s_help, - mod_ctor, - mod_dtor - }, - OPT_TYPE_DETECTION, - 0, - PROTO_BIT__TCP, - nullptr, - nullptr, + s_help, + mod_ctor, + mod_dtor + }, + OPT_TYPE_DETECTION, + 0, + PROTO_BIT__TCP, + nullptr, + nullptr, + nullptr, nullptr, - nullptr, - opt_ctor, - opt_dtor, - nullptr + opt_ctor, + opt_dtor, + nullptr }; const BaseApi* ips_iec104_asdu_func = &ips_api.base; diff --git a/src/service_inspectors/mms/ips_mms_func.cc b/src/service_inspectors/mms/ips_mms_func.cc index 65dea5a56..d0dde1aa9 100644 --- a/src/service_inspectors/mms/ips_mms_func.cc +++ b/src/service_inspectors/mms/ips_mms_func.cc @@ -148,7 +148,7 @@ static bool get_func(const char* s, long& n) for (size_t i = 0; i < max; ++i) { - // return true when the passed string matches a known function + // return true when the passed string matches a known function if (strcmp(s, mms_func_map[i].name) == 0) { n = mms_func_map[i].func; diff --git a/src/service_inspectors/smtp/smtp_module.cc b/src/service_inspectors/smtp/smtp_module.cc index 3bfaf1b8c..52b541af6 100644 --- a/src/service_inspectors/smtp/smtp_module.cc +++ b/src/service_inspectors/smtp/smtp_module.cc @@ -171,7 +171,7 @@ static const RuleMap smtp_rules[] = { SMTP_AUTH_COMMAND_OVERFLOW, "attempted authentication command buffer overflow" }, { SMTP_FILE_DECOMP_FAILED, "file decompression failed" }, { SMTP_STARTTLS_INJECTION_ATTEMPT, "STARTTLS command injection attempt"}, - + { 0, nullptr } }; diff --git a/src/service_inspectors/ssh/ssh.cc b/src/service_inspectors/ssh/ssh.cc index afba25f9c..a5bcfe55c 100644 --- a/src/service_inspectors/ssh/ssh.cc +++ b/src/service_inspectors/ssh/ssh.cc @@ -246,14 +246,14 @@ static bool process_ssh_version_string( { DetectionEngine::queue_event(GID_SSH, SSH_EVENT_SECURECRT); // SSH_MAX_BANNER_LEN is 255, the maximum specified by the SSH protocol. - // MaxServerVersionLen defaults to 80, + // MaxServerVersionLen defaults to 80, // but there may be valid version strings that are longer due to comments. if (p->dsize > SSH_MAX_BANNER_LEN) { return false; } } - if (p->dsize < SSH_MIN_BANNER_LEN + if (p->dsize < SSH_MIN_BANNER_LEN or memcmp(p->data, SSH_BANNER, sizeof(SSH_BANNER)-1) != 0) { // according to the SSH specification, @@ -269,7 +269,7 @@ static bool process_ssh_version_string( DetectionEngine::queue_event(GID_SSH, SSH_EVENT_VERSION); return false; } - + if (proto_ver[0] == '2' and proto_ver[1] == '.') { sessionp->version = SSH_VERSION_2; @@ -337,7 +337,7 @@ static bool process_ssh1_key_exchange(SSHData *sessionp, Packet *p, uint8_t dire sessionp->state_flags |= SSH_FLG_SERV_PKEY_SEEN; } else - { + { DetectionEngine::queue_event(GID_SSH, SSH_EVENT_WRONGDIR); return false; } @@ -431,7 +431,7 @@ static bool process_ssh2_key_exchange(SSHData *sessionp, Packet *p, uint8_t dire const SSH2Packet *ssh2p = (const SSH2Packet *)data; unsigned ssh_length = ntohl(ssh2p->packet_length) + sizeof(uint32_t); - if (ssh_length < sizeof(SSH2Packet) + if (ssh_length < sizeof(SSH2Packet) or ssh_length != dsize or ssh_length > SSH_PACKET_MAX_SIZE) { diff --git a/src/service_inspectors/ssh/ssh_splitter.cc b/src/service_inspectors/ssh/ssh_splitter.cc index 5d1b04d15..51e423eb2 100644 --- a/src/service_inspectors/ssh/ssh_splitter.cc +++ b/src/service_inspectors/ssh/ssh_splitter.cc @@ -102,7 +102,7 @@ StreamSplitter::Status SshSplitter::scan( { state = SSH_PAF_ENCRYPTED; } - else if (((flags & PKT_FROM_SERVER) + else if (((flags & PKT_FROM_SERVER) and (sessp->state_flags & SSH_FLG_SERV_IDSTRING_SEEN)) or ((flags & PKT_FROM_CLIENT) and (sessp->state_flags & SSH_FLG_CLIENT_IDSTRING_SEEN))) diff --git a/src/service_inspectors/wizard/curses.cc b/src/service_inspectors/wizard/curses.cc index 6db6b5d6e..e91708a86 100644 --- a/src/service_inspectors/wizard/curses.cc +++ b/src/service_inspectors/wizard/curses.cc @@ -288,7 +288,7 @@ static bool mms_curse(const uint8_t* data, unsigned len, CurseTracker* tracker) } // define all known MMS tags to check for - enum + enum { MMS_CONFIRMED_REQUEST_TAG = 0xA0, MMS_CONFIRMED_RESPONSE_TAG = 0xA1, @@ -368,7 +368,7 @@ static bool mms_curse(const uint8_t* data, unsigned len, CurseTracker* tracker) case MMS_STATE__OSI_SESSION_SPDU: { // define all known OSI Session layer SPDU tags to check - enum + enum { MMS_OSI_SESSION_SPDU_GT_DT = 0x01, MMS_OSI_SESSION_SPDU_CN = 0x0D, @@ -399,9 +399,9 @@ static bool mms_curse(const uint8_t* data, unsigned len, CurseTracker* tracker) break; } - // if mms isn't found, search for an OSI Session layer - case MMS_OSI_SESSION_SPDU_GT_DT: // fallthrough intentional - case MMS_OSI_SESSION_SPDU_CN: // fallthrough intentional + // if mms isn't found, search for an OSI Session layer + case MMS_OSI_SESSION_SPDU_GT_DT: // fallthrough intentional + case MMS_OSI_SESSION_SPDU_CN: // fallthrough intentional case MMS_OSI_SESSION_SPDU_AC: { mms.state = MMS_STATE__MMS; @@ -416,7 +416,7 @@ static bool mms_curse(const uint8_t* data, unsigned len, CurseTracker* tracker) } break; - } + } case MMS_STATE__MMS: { @@ -446,13 +446,13 @@ static bool mms_curse(const uint8_t* data, unsigned len, CurseTracker* tracker) mms.state = MMS_STATE__FOUND; break; } - // no default here as it we don't know when we would hit - // the first MMS tag without doing full parsing + // no default here as it we don't know when we would hit + // the first MMS tag without doing full parsing } // exit the loop when a state has been determined if ( mms.state == MMS_STATE__NOT_FOUND - or mms.state == MMS_STATE__SEARCH + or mms.state == MMS_STATE__SEARCH or mms.state == MMS_STATE__FOUND ) { break; @@ -570,7 +570,7 @@ static bool s7commplus_curse(const uint8_t* data, unsigned len, CurseTracker* tr { // there are two possible protocol identifiers - 0x32 and 0x72 // 0x32 indicates the original s7comm protocol - // * the original protocol is not supported within the inspector + // * the original protocol is not supported within the inspector // so just catching and considering it a no match for now // 0x72 indicates the s7commplus protocol // * this is the protocol on which the existing inspector focuses @@ -579,7 +579,7 @@ static bool s7commplus_curse(const uint8_t* data, unsigned len, CurseTracker* tr s7commplus.state = S7COMMPLUS_STATE__PDU_TYPE; } else - { + { s7commplus.state = S7COMMPLUS_STATE__NOT_FOUND; } break; diff --git a/src/service_inspectors/wizard/mms_curse.h b/src/service_inspectors/wizard/mms_curse.h index fb13ac5dc..61f56c210 100644 --- a/src/service_inspectors/wizard/mms_curse.h +++ b/src/service_inspectors/wizard/mms_curse.h @@ -21,7 +21,7 @@ #define MMS_CURSE_H // MMS curse provides the ability to determine if the traffic being processed -// conforms to the Manufacturing Message Specification (MMS) traffic defined +// conforms to the Manufacturing Message Specification (MMS) traffic defined // within the IEC-61850 family of protocols #include "curses.h" diff --git a/src/service_inspectors/wizard/wiz_module.cc b/src/service_inspectors/wizard/wiz_module.cc index ff0f2bca7..4b329ab7e 100644 --- a/src/service_inspectors/wizard/wiz_module.cc +++ b/src/service_inspectors/wizard/wiz_module.cc @@ -142,7 +142,7 @@ bool WizardModule::set(const char*, Value& v, SnortConfig*) proto = MagicBook::ArcaneType::TCP; else if ( !strcmp(v.get_string(), "udp") ) proto = MagicBook::ArcaneType::UDP; - else + else proto = MagicBook::ArcaneType::ANY; } diff --git a/src/service_inspectors/wizard/wizard.cc b/src/service_inspectors/wizard/wizard.cc index 1845dd1fb..3f173919a 100644 --- a/src/service_inspectors/wizard/wizard.cc +++ b/src/service_inspectors/wizard/wizard.cc @@ -170,9 +170,9 @@ MagicSplitter::MagicSplitter(bool c2s, class Wizard* w) : StreamSplitter(c2s), wizard_processed_bytes(0) { wizard = w; - // FIXIT-M: Handle inspector reference elsewhere such that all splitters + // FIXIT-M: Handle inspector reference elsewhere such that all splitters // are able to be deleted before their inspectors - w->add_ref(); + w->add_ref(); // Used only in case of TCP traffic w->reset(wand, c2s, MagicBook::ArcaneType::TCP); } diff --git a/src/sfip/sf_ip.cc b/src/sfip/sf_ip.cc index cf92b9ac9..610305555 100644 --- a/src/sfip/sf_ip.cc +++ b/src/sfip/sf_ip.cc @@ -204,7 +204,7 @@ SfIpRet SfIp::set(const char* src, uint16_t* srcBits) /* skip whitespace or opening bracket */ while (isspace((int)*ip) || ((*ip == '[') ? ob = 1 : 0)) ip++; - + if (ob && (cb = strrchr(ip, ']'))) *cb = '\0'; diff --git a/src/stream/base/stream_module.cc b/src/stream/base/stream_module.cc index d6b52622b..d0ff63ebd 100644 --- a/src/stream/base/stream_module.cc +++ b/src/stream/base/stream_module.cc @@ -244,7 +244,7 @@ void StreamModule::sum_stats(bool dump_stats) } void StreamModule::reset_stats() -{ +{ base_reset(); Module::reset_stats(); } diff --git a/src/stream/tcp/segment_overlap_editor.cc b/src/stream/tcp/segment_overlap_editor.cc index 0069c2828..c3cb1da87 100644 --- a/src/stream/tcp/segment_overlap_editor.cc +++ b/src/stream/tcp/segment_overlap_editor.cc @@ -180,7 +180,7 @@ void SegmentOverlapEditor::eval_right(TcpReassemblerState& trs) tcpStats.overlaps++; trs.sos.overlap_count++; insert_full_overlap(trs); - + if ( trs.sos.keep_segment == false ) return; } @@ -357,7 +357,7 @@ void SegmentOverlapEditor::full_right_overlap_truncate_new(TcpReassemblerState& trs.sos.keep_segment = false; return; } - + trs.sos.tsd->rewrite_payload(offset, trs.sos.right->data, trs.sos.right->i_len); } @@ -471,7 +471,7 @@ bool SegmentOverlapEditor::zwp_data_mismatch( { return tsd.is_nap_policy_inline(); } - + return false; } diff --git a/src/stream/tcp/tcp_reassembler.cc b/src/stream/tcp/tcp_reassembler.cc index 7d981e490..a5f413a06 100644 --- a/src/stream/tcp/tcp_reassembler.cc +++ b/src/stream/tcp/tcp_reassembler.cc @@ -552,7 +552,7 @@ Packet* TcpReassembler::initialize_pdu( pdu->ip_proto_next = (IpProtocol)p->flow->ip_proto; - if ( p->proto_bits & PROTO_BIT__VLAN ) + if ( p->proto_bits & PROTO_BIT__VLAN ) { memcpy( pdu->layers, p->layers, p->num_layers * sizeof(Layer)); pdu->num_layers = p->num_layers; diff --git a/src/stream/tcp/tcp_segment_descriptor.cc b/src/stream/tcp/tcp_segment_descriptor.cc index f11a673ad..e6efb0b4a 100644 --- a/src/stream/tcp/tcp_segment_descriptor.cc +++ b/src/stream/tcp/tcp_segment_descriptor.cc @@ -106,7 +106,7 @@ TcpSegmentDescriptor::TcpSegmentDescriptor } void TcpSegmentDescriptor::setup() -{ +{ ma_pseudo_packet = new Packet(false); } diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc index bb3061edd..75e4a3f1e 100644 --- a/src/stream/tcp/tcp_session.cc +++ b/src/stream/tcp/tcp_session.cc @@ -505,7 +505,7 @@ int TcpSession::process_tcp_data(TcpSegmentDescriptor& tsd) { if (tsd.get_len() == ZERO_WIN_PROBE_LEN) tcpStats.zero_win_probes++; - + listener->normalizer.trim_win_payload(tsd); return STREAM_UNALIGNED; } @@ -723,8 +723,8 @@ void TcpSession::update_paws_timestamps(TcpSegmentDescriptor& tsd) TcpStreamTracker* talker = tsd.get_talker(); if ( no_ack_mode_enabled() ) - { - talker->set_ts_last(0); + { + talker->set_ts_last(0); } else if ( listener->normalizer.handling_timestamps() && SEQ_EQ(listener->r_win_base, tsd.get_seq()) ) diff --git a/src/utils/test/streambuf_test.cc b/src/utils/test/streambuf_test.cc index 53eb4cf2f..6dfd93db0 100644 --- a/src/utils/test/streambuf_test.cc +++ b/src/utils/test/streambuf_test.cc @@ -1564,7 +1564,7 @@ TEST_CASE("output buffer - basic", "[Stream buffers]") int off_c = b.pubseekoff(-exp_len, ios_base::cur, ios_base::out); CHECK(off_c == 0); - + char* act_seq = new char[exp_len]; CHECK(b.sgetn(act_seq, exp_len) == exp_len); CHECK(!memcmp(exp, act_seq, exp_len)); @@ -1581,7 +1581,7 @@ TEST_CASE("output buffer - basic", "[Stream buffers]") char* buf = new char[exp_len]; memcpy(buf, exp, exp_len); b.pubsetbuf(buf, exp_len); - + int data_off = b.pubseekoff(exp_len, ios_base::beg, ios_base::out); CHECK(data_off == exp_len); @@ -1594,7 +1594,7 @@ TEST_CASE("output buffer - basic", "[Stream buffers]") int new_off = b.pubseekoff(0, ios_base::cur, ios_base::out); CHECK(new_off == exp_len); } - + SECTION("get char sequence more than available") { ostreambuf_infl b; @@ -1602,7 +1602,7 @@ TEST_CASE("output buffer - basic", "[Stream buffers]") char* buf = new char[exp_len]; memcpy(buf, exp, exp_len); b.pubsetbuf(buf, exp_len); - + char* act_seq = new char[exp_len + 1]; CHECK(b.sgetn(act_seq, exp_len + 1) == exp_len); CHECK(!memcmp(exp, act_seq, exp_len)); diff --git a/src/utils/util_numa.h b/src/utils/util_numa.h index 53010bac6..e341ae6bd 100644 --- a/src/utils/util_numa.h +++ b/src/utils/util_numa.h @@ -31,17 +31,17 @@ class NumaWrapper { public: virtual ~NumaWrapper() {} - virtual int available() - { - return numa_available(); + virtual int available() + { + return numa_available(); } - virtual int max_node() - { - return numa_max_node(); + virtual int max_node() + { + return numa_max_node(); } - virtual int preferred() - { - return numa_preferred(); + virtual int preferred() + { + return numa_preferred(); } virtual int set_mem_policy(int mode, const unsigned long *nodemask, unsigned long maxnode) diff --git a/tools/snort2lua/conversion_state.h b/tools/snort2lua/conversion_state.h index e955c77cd..29fe61b62 100644 --- a/tools/snort2lua/conversion_state.h +++ b/tools/snort2lua/conversion_state.h @@ -207,7 +207,7 @@ protected: order.insert(std::pair(dig, elem)); } else - { + { table_api.add_comment("Unable to add " + elem + ". Max precedence value is " + std::to_string(max)); } diff --git a/tools/snort2lua/data/data_types/dt_var.cc b/tools/snort2lua/data/data_types/dt_var.cc index 364fe2718..cf3a256b3 100644 --- a/tools/snort2lua/data/data_types/dt_var.cc +++ b/tools/snort2lua/data/data_types/dt_var.cc @@ -101,7 +101,7 @@ bool Variable::add_value(std::string elem) vars.back()->data.push_back('['); end.insert(0, 1, ']'); } - + // add a space between strings if (vars.back()->type == VarType::STRING) vars.back()->data.push_back(' '); diff --git a/tools/snort2lua/helpers/s2l_util.cc b/tools/snort2lua/helpers/s2l_util.cc index 2def96463..2cf60d760 100644 --- a/tools/snort2lua/helpers/s2l_util.cc +++ b/tools/snort2lua/helpers/s2l_util.cc @@ -139,7 +139,7 @@ std::string& trim_quotes(std::string& s) std::string& sanitize_lua_string(std::string& s) { - // FIXIT-L we shouldn't change the data, parts that use this function + // FIXIT-L we shouldn't change the data, parts that use this function // should be refactored and use Lua multilevel long brackets [=[...]=] std::size_t found = s.find("]]"); while (found != std::string::npos) @@ -250,7 +250,7 @@ static bool is_semicolon_escaped(const std::string& args) unsigned bs_count = 0; for (auto sym_it = args.rbegin(); - sym_it != args.rend() and *sym_it == '\\'; + sym_it != args.rend() and *sym_it == '\\'; ++sym_it, ++bs_count); return bs_count % 2; diff --git a/tools/snort2lua/helpers/s2l_util.h b/tools/snort2lua/helpers/s2l_util.h index 8fb592477..2c97d0b2a 100644 --- a/tools/snort2lua/helpers/s2l_util.h +++ b/tools/snort2lua/helpers/s2l_util.h @@ -82,14 +82,14 @@ bool get_string(std::istringstream& data_stream, * characters which can get removed by c++ libraries * * NO SIDE EFFECTS - * + * * PARAMS: * data_stream - the rule's data stream * trim - specifies whether to trim the result string * RETURN: - * a string containing all the data left in the rule's + * a string containing all the data left in the rule's * data stream - * + * */ std::string get_remain_data(std::istringstream& data_stream, bool trim = true); diff --git a/tools/snort2lua/rule_states/rule_gid_sid.cc b/tools/snort2lua/rule_states/rule_gid_sid.cc index d2aa3b552..c49d3d3ed 100644 --- a/tools/snort2lua/rule_states/rule_gid_sid.cc +++ b/tools/snort2lua/rule_states/rule_gid_sid.cc @@ -42,7 +42,7 @@ static const std::string removed_gids[] = { "146" , "147" }; constexpr uint8_t MAX_GIDS = (sizeof(removed_gids) / sizeof(removed_gids[0])); // first -> gid, second -> error message -static const std::unordered_map rejected_gids = +static const std::unordered_map rejected_gids = { {"138", "gid 138(sensitive data) rules should be written with Snort3 functionality in mind"} }; diff --git a/tools/snort2lua/rule_states/rule_sd_pattern.cc b/tools/snort2lua/rule_states/rule_sd_pattern.cc index 2967f9bf1..02d3c8e49 100644 --- a/tools/snort2lua/rule_states/rule_sd_pattern.cc +++ b/tools/snort2lua/rule_states/rule_sd_pattern.cc @@ -42,9 +42,9 @@ private: std::string SDPattern::convert_pattern(const std::string& pattern) { const std::string unused_pcre_tokens("()[].+*^$|"); - + std::string s3_pattern; - + for (unsigned i = 0; i < pattern.size(); ++i) { char sym = pattern[i]; @@ -64,7 +64,7 @@ std::string SDPattern::convert_pattern(const std::string& pattern) } switch (sym) - { + { case 'l': s3_pattern.append("\\p{L}"); break; @@ -72,7 +72,7 @@ std::string SDPattern::convert_pattern(const std::string& pattern) case 'L': s3_pattern.append("[^\\p{L}]"); break; - + case 'w': case 'W': case 'd': @@ -89,10 +89,10 @@ std::string SDPattern::convert_pattern(const std::string& pattern) // Snort2 ignores unknown escape sequences break; } - + break; } - + case '{': case '}': case '?': @@ -106,7 +106,7 @@ std::string SDPattern::convert_pattern(const std::string& pattern) break; } } - + return s3_pattern; } @@ -124,7 +124,7 @@ bool SDPattern::convert(std::istringstream& stream) } std::string pattern = util::get_remain_data(arg_stream, false); - + if ( pattern.empty() ) { rule_api.bad_rule(stream, "sd_pattern missing pattern argument");