From: Philippe Antoine Date: Thu, 11 Apr 2024 12:49:10 +0000 (+0200) Subject: ci: fix and test with Wunused-macros X-Git-Tag: suricata-8.0.0-beta1~1276 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ce9bfba76a785e6a02cbbe796a23be6c4e5bc553;p=thirdparty%2Fsuricata.git ci: fix and test with Wunused-macros Ticket: 6937 --- diff --git a/.github/workflows/build-centos-7.yml b/.github/workflows/build-centos-7.yml index 49744252de..9ee0d16cbf 100644 --- a/.github/workflows/build-centos-7.yml +++ b/.github/workflows/build-centos-7.yml @@ -169,7 +169,7 @@ jobs: git -c advice.detachedHead=false checkout FETCH_HEAD - run: ./autogen.sh - - run: ./configure + - run: ./configure --enable-warnings - run: make -j ${{ env.CPUS }} - run: python3 ./suricata-verify/run.py -q --debug-failed - run: make install-full diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml index 9aec8ff51b..916fb70feb 100644 --- a/.github/workflows/builds.yml +++ b/.github/workflows/builds.yml @@ -263,7 +263,7 @@ jobs: - name: Configuring run: | ./autogen.sh - CFLAGS="${DEFAULT_CFLAGS}" ./configure + CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings - run: make -j ${{ env.CPUS }} distcheck env: DISTCHECK_CONFIGURE_FLAGS: "--enable-unittests --enable-debug --enable-lua --enable-geoip --enable-profiling --enable-profiling-locks --enable-dpdk" @@ -778,7 +778,7 @@ jobs: - run: tar xf prep/libhtp.tar.gz - run: tar xf prep/suricata-update.tar.gz - run: ./autogen.sh - - run: ./configure --disable-shared + - run: ./configure --enable-warnings --disable-shared env: CC: "clang" RUSTFLAGS: "-C instrument-coverage" @@ -877,7 +877,7 @@ jobs: - run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow" ./configure --disable-shared - run: make check - run: make distclean - - run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue --enable-lua + - run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer" ./configure --enable-warnings --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue --enable-lua env: LDFLAGS: "-fsanitize=address" ac_cv_func_realloc_0_nonnull: "yes" @@ -968,7 +968,7 @@ jobs: - run: tar xf prep/libhtp.tar.gz - run: tar xf prep/suricata-update.tar.gz - run: ./autogen.sh - - run: ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue + - run: ./configure --enable-warnings --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue env: CFLAGS: "${{ env.DEFAULT_CFLAGS }} -Wshadow -fsanitize=address -fno-omit-frame-pointer" LDFLAGS: "-fsanitize=address" @@ -1252,7 +1252,7 @@ jobs: - run: sudo -u suricata -s ./autogen.sh working-directory: /home/suricata/suricata - - run: sudo -u suricata -s env PATH="/home/suricata/.cargo/bin:$PATH" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue + - run: sudo -u suricata -s env PATH="/home/suricata/.cargo/bin:$PATH" ./configure --enable-warnings --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue working-directory: /home/suricata/suricata env: ac_cv_func_realloc_0_nonnull: "yes" @@ -1497,7 +1497,7 @@ jobs: chmod 755 $HOME/.cargo/bin/cbindgen echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: ./autogen.sh - - run: ./configure --disable-shared --enable-unittests + - run: ./configure --enable-warnings --disable-shared --enable-unittests env: CC: "clang-14" CXX: "clang++-14" @@ -2086,7 +2086,7 @@ jobs: # using leading to random crashes: https://github.com/actions/runner-images/issues/9491 run: sudo sysctl vm.mmap_rnd_bits=28 - run: ./autogen.sh - - run: ./configure --with-gnu-ld --enable-fuzztargets --disable-shared --enable-gccprotect + - run: ./configure --enable-warnings --with-gnu-ld --enable-fuzztargets --disable-shared --enable-gccprotect env: LIB_FUZZING_ENGINE: "fail_to_onefile_driver" CC: "clang-14" @@ -2182,7 +2182,7 @@ jobs: chmod 755 $HOME/.cargo/bin/cbindgen echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: ./autogen.sh - - run: CFLAGS="$DEFAULT_CFLAGS -DNDEBUG" ./configure --enable-unittests + - run: CFLAGS="$DEFAULT_CFLAGS -DNDEBUG" ./configure --enable-warnings --enable-unittests - run: make -j ${{ env.CPUS }} - run: make check - run: make dist @@ -2345,7 +2345,7 @@ jobs: # using leading to random crashes: https://github.com/actions/runner-images/issues/9491 run: sudo sysctl vm.mmap_rnd_bits=28 - run: ./autogen.sh - - run: ./configure --enable-debug-validation + - run: ./configure --enable-warnings --enable-debug-validation env: CFLAGS: "${{ env.DEFAULT_CFLAGS }} -Wshadow -fsanitize=address -fno-omit-frame-pointer" LDFLAGS: "-fsanitize=address" @@ -2427,7 +2427,7 @@ jobs: chmod 755 $HOME/.cargo/bin/cbindgen echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: ./autogen.sh - - run: AFL_HARDEN=1 ac_cv_func_realloc_0_nonnull=yes ac_cv_func_malloc_0_nonnull=yes CFLAGS="-fsanitize=address -fno-omit-frame-pointer" CXXFLAGS=$CFLAGS CC=afl-clang-fast CXX=afl-clang-fast++ LDFLAGS="-fsanitize=address" ./configure --enable-fuzztargets --disable-shared + - run: AFL_HARDEN=1 ac_cv_func_realloc_0_nonnull=yes ac_cv_func_malloc_0_nonnull=yes CFLAGS="-fsanitize=address -fno-omit-frame-pointer" CXXFLAGS=$CFLAGS CC=afl-clang-fast CXX=afl-clang-fast++ LDFLAGS="-fsanitize=address" ./configure --enable-warnings --enable-fuzztargets --disable-shared - run: AFL_HARDEN=1 make -j ${{ env.CPUS }} ubuntu-22-04-netmap-build: @@ -2521,7 +2521,7 @@ jobs: chmod 755 $HOME/.cargo/bin/cbindgen echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: ./autogen.sh - - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-netmap + - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-netmap - run: make -j ${{ env.CPUS }} - run: ./src/suricata --build-info | grep -E "Netmap support:\s+yes" @@ -2626,7 +2626,7 @@ jobs: chmod 755 $HOME/.cargo/bin/cbindgen echo "$HOME/.cargo/bin" >> $GITHUB_PATH - run: ./autogen.sh - - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-dpdk + - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-dpdk - run: make -j ${{ env.CPUS }} - run: make check # IDS config @@ -2708,7 +2708,7 @@ jobs: - run: tar xf prep/suricata-update.tar.gz - run: tar xf prep/suricata-verify.tar.gz - run: ./autogen.sh - - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests + - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-unittests - run: make -j ${{ env.CPUS }} - run: make check # -j2 caused random failures during cargo vendor @@ -2888,7 +2888,7 @@ jobs: - run: tar xf prep/suricata-update.tar.gz - run: tar xf prep/suricata-verify.tar.gz - run: ./autogen.sh - - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-debug --enable-lua --enable-geoip --enable-profiling --enable-profiling-locks --enable-dpdk + - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-unittests --enable-debug --enable-lua --enable-geoip --enable-profiling --enable-profiling-locks --enable-dpdk - run: make -j ${{ env.CPUS }} - run: make check - name: Building Rust documentation @@ -2974,7 +2974,7 @@ jobs: cp prep/cbindgen $HOME/.cargo/bin chmod 755 $HOME/.cargo/bin/cbindgen - run: ./autogen.sh - - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-fuzztargets --enable-ebpf --enable-ebpf-build + - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-unittests --enable-fuzztargets --enable-ebpf --enable-ebpf-build - run: make -j ${{ env.CPUS }} - run: make check - run: tar xf prep/suricata-verify.tar.gz @@ -3055,7 +3055,7 @@ jobs: cp prep/cbindgen $HOME/.cargo/bin chmod 755 $HOME/.cargo/bin/cbindgen - run: ./autogen.sh - - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-fuzztargets + - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-unittests --enable-fuzztargets - run: make -j ${{ env.CPUS }} - run: make check - run: tar xf prep/suricata-verify.tar.gz @@ -3108,7 +3108,7 @@ jobs: - run: tar xvf prep/libhtp.tar.gz - run: tar xvf prep/suricata-update.tar.gz - run: ./autogen.sh - - run: CPATH="$HOMEBREW_PREFIX/include:$CPATH" LIBRARY_PATH="$HOMEBREW_PREFIX/lib:$LIBRARY_PATH" PATH="/opt/homebrew/opt/libtool/libexec/gnubin:$PATH" CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --prefix="$HOME/.local/" + - run: CPATH="$HOMEBREW_PREFIX/include:$CPATH" LIBRARY_PATH="$HOMEBREW_PREFIX/lib:$LIBRARY_PATH" PATH="/opt/homebrew/opt/libtool/libexec/gnubin:$PATH" CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-unittests --prefix="$HOME/.local/" - run: CPATH="$HOMEBREW_PREFIX/include:$CPATH" LIBRARY_PATH="$HOMEBREW_PREFIX/lib:$LIBRARY_PATH" PATH="/opt/homebrew/opt/libtool/libexec/gnubin:$PATH" CFLAGS="${DEFAULT_CFLAGS}" make -j2 # somehow it gets included by some C++ stdlib header (case unsensitive) - run: rm libhtp/VERSION && make check @@ -3164,7 +3164,7 @@ jobs: - name: Build run: | ./autogen.sh - CFLAGS="-ggdb -Werror" ./configure --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64 + CFLAGS="-ggdb -Werror" ./configure --enable-warnings --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64 make -j3 - name: Run run: | @@ -3209,7 +3209,7 @@ jobs: - name: Build run: | ./autogen.sh - CFLAGS="-ggdb -Werror" ./configure --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64 + CFLAGS="-ggdb -Werror" ./configure --enable-warnings --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64 make -j3 - name: Run run: | @@ -3258,7 +3258,7 @@ jobs: - name: Build run: | ./autogen.sh - CFLAGS="-ggdb -Werror" ./configure --enable-gccprotect --disable-gccmarch-native --disable-shared --enable-windivert --with-windivert-include=/windivert/WinDivert-1.4.3-A/include --with-windivert-libraries=/windivert/WinDivert-1.4.3-A/x86_64 + CFLAGS="-ggdb -Werror" ./configure --enable-warnings --enable-gccprotect --disable-gccmarch-native --disable-shared --enable-windivert --with-windivert-include=/windivert/WinDivert-1.4.3-A/include --with-windivert-libraries=/windivert/WinDivert-1.4.3-A/x86_64 make -j3 - name: Run run: | diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 693cea9972..b7db5b86dd 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -59,7 +59,7 @@ jobs: export PATH=/opt/work/.cargo/bin:$PATH chmod +x autogen.sh ./autogen.sh - ./configure + ./configure --enable-warnings make - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3.25.3 diff --git a/.github/workflows/commits.yml b/.github/workflows/commits.yml index 036bd3adce..6ef42507e3 100644 --- a/.github/workflows/commits.yml +++ b/.github/workflows/commits.yml @@ -88,7 +88,7 @@ jobs: git checkout $rev echo "Building rev ${rev}" | tee -a build_log.txt ./autogen.sh >> build_log.txt 2>&1 - CC="sccache gcc" ./configure --enable-unittests >> build_log.txt 2>&1 + CC="sccache gcc" ./configure --enable-warnings --enable-unittests >> build_log.txt 2>&1 if ! make -j2 >> build_log.txt 2>&1; then echo "::error ::Failed to build rev ${rev}" tail -n 50 build_log.txt diff --git a/.github/workflows/formatting.yml b/.github/workflows/formatting.yml index 5adf1dd86f..4758b1af44 100644 --- a/.github/workflows/formatting.yml +++ b/.github/workflows/formatting.yml @@ -130,7 +130,7 @@ jobs: shell: bash {0} - run: git clone https://github.com/OISF/libhtp -b 0.5.x - run: ./autogen.sh - - run: ./configure --enable-unittests + - run: ./configure --enable-warnings --enable-unittests - name: Check formatting run: | ./scripts/clang-format.sh check-branch --diffstat --show-commits >> check_formatting_log.txt 2>&1 diff --git a/.github/workflows/rust-checks.yml b/.github/workflows/rust-checks.yml index 5ac2739bf3..56c74273b3 100644 --- a/.github/workflows/rust-checks.yml +++ b/.github/workflows/rust-checks.yml @@ -88,7 +88,7 @@ jobs: run: | ./scripts/bundle.sh libhtp ./autogen.sh - ./configure + ./configure --enable-warnings - name: Run Cargo Audit working-directory: rust run: | @@ -171,7 +171,7 @@ jobs: run: | ./scripts/bundle.sh libhtp ./autogen.sh - ./configure + ./configure --enable-warnings - name: Cargo Update and Build working-directory: rust run: | diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index eebf43c13e..e3bd82d12d 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -76,7 +76,7 @@ jobs: - run: git config --global --add safe.directory /__w/suricata/suricata - run: ./scripts/bundle.sh - run: ./autogen.sh - - run: ./configure + - run: ./configure --enable-warnings - run: cargo clippy --all-features --fix --allow-no-vcs working-directory: rust - run: | diff --git a/.github/workflows/scan-build.yml b/.github/workflows/scan-build.yml index 6910f508af..69ccc48f32 100644 --- a/.github/workflows/scan-build.yml +++ b/.github/workflows/scan-build.yml @@ -72,7 +72,7 @@ jobs: - run: git config --global --add safe.directory /__w/suricata/suricata - run: ./scripts/bundle.sh - run: ./autogen.sh - - run: scan-build-16 ./configure --enable-dpdk --enable-nfqueue --enable-nflog + - run: scan-build-16 ./configure --enable-warnings --enable-dpdk --enable-nfqueue --enable-nflog env: CC: clang-16 # exclude libhtp from the analysis diff --git a/configure.ac b/configure.ac index de8fd2687d..ea8d5c88b8 100644 --- a/configure.ac +++ b/configure.ac @@ -2460,6 +2460,20 @@ fi ]) AC_SUBST(RUST_FEATURES) + AC_ARG_ENABLE(enable_warnings, + AS_HELP_STRING([--enable-warnings], [Enable supported C compiler warnings]),[enable_warnings=$enableval],[enable_warnings=no]) + AS_IF([test "x$enable_warnings" = "xyes"], [ + # check if our compiler supports -Wunused-macros + AC_MSG_CHECKING(for -Wunused-macros support) + OCFLAGS=$CFLAGS + CFLAGS="$CFLAGS -Wunused-macros" + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], + [[]])], + AC_MSG_RESULT([yes]), + [AC_MSG_RESULT([no]) + CFLAGS="$OCFLAGS"]) + ]) + AC_CHECK_LIB(fuzzpcap, FPC_IsFuzzPacketCapture, HAS_FUZZPCAP="yes") AM_CONDITIONAL([HAS_FUZZPCAP], [test "x$HAS_FUZZPCAP" = "xyes"]) AC_ARG_ENABLE(fuzztargets, diff --git a/src/app-layer-dnp3.c b/src/app-layer-dnp3.c index 9501b9f5ea..0e18a4fc5f 100644 --- a/src/app-layer-dnp3.c +++ b/src/app-layer-dnp3.c @@ -63,7 +63,7 @@ #define DNP3_MAX_TRAN_SEQNO 64 /* Maximum application layer sequence number. */ -#define DNP3_MAX_APP_SEQNO 16 +// unused #define DNP3_MAX_APP_SEQNO 16 /* The number of bytes in the header that are counted as part of the * header length field. */ @@ -76,16 +76,11 @@ enum { }; /* Reserved addresses. */ -#define DNP3_RESERVED_ADDR_MIN 0xfff0 -#define DNP3_RESERVED_ADDR_MAX 0xfffb +// unused #define DNP3_RESERVED_ADDR_MIN 0xfff0 +// unused #define DNP3_RESERVED_ADDR_MAX 0xfffb /* Source addresses must be < 0xfff0. */ -#define DNP3_SRC_ADDR_MAX 0xfff0 - -#define DNP3_OBJ_TIME_SIZE 6 /* AKA UINT48. */ -#define DNP3_OBJ_G12_V1_SIZE 11 -#define DNP3_OBJ_G12_V2_SIZE 11 -#define DNP3_OBJ_G12_V3_SIZE 1 +// unused #define DNP3_SRC_ADDR_MAX 0xfff0 /* Extract the prefix code from the object qualifier. */ #define DNP3_OBJ_PREFIX(x) ((x >> 4) & 0x7) @@ -107,9 +102,6 @@ SCEnumCharMap dnp3_decoder_event_table[] = { /* Calculate the next transport sequence number. */ #define NEXT_TH_SEQNO(current) ((current + 1) % DNP3_MAX_TRAN_SEQNO) -/* Calculate the next application sequence number. */ -#define NEXT_APP_SEQNO(current) ((current + 1) % DNP3_MAX_APP_SEQNO) - /* CRC table generated by pycrc - http://github.com/tpircher/pycrc. * - Polynomial: 0x3d65. */ static const uint16_t crc_table[256] = { diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c index 90923d0c9d..a1f000f90c 100644 --- a/src/app-layer-parser.c +++ b/src/app-layer-parser.c @@ -1660,7 +1660,6 @@ static void ValidateParserProtoDump(AppProto alproto, uint8_t ipproto) #define BOTH_SET(a, b) ((a) != NULL && (b) != NULL) #define BOTH_SET_OR_BOTH_UNSET(a, b) (((a) == NULL && (b) == NULL) || ((a) != NULL && (b) != NULL)) -#define THREE_SET_OR_THREE_UNSET(a, b, c) (((a) == NULL && (b) == NULL && (c) == NULL) || ((a) != NULL && (b) != NULL && (c) != NULL)) #define THREE_SET(a, b, c) ((a) != NULL && (b) != NULL && (c) != NULL) static void ValidateParserProto(AppProto alproto, uint8_t ipproto) diff --git a/src/app-layer-smtp.c b/src/app-layer-smtp.c index 5a4fc0c7a2..944187aa4d 100644 --- a/src/app-layer-smtp.c +++ b/src/app-layer-smtp.c @@ -67,21 +67,16 @@ #define FILEDATA_CONTENT_INSPECT_WINDOW 4096 /* raw extraction default value */ -#define SMTP_RAW_EXTRACTION_DEFAULT_VALUE false -#define SMTP_MAX_REQUEST_AND_REPLY_LINE_LENGTH 510 +#define SMTP_RAW_EXTRACTION_DEFAULT_VALUE false #define SMTP_COMMAND_BUFFER_STEPS 5 /* we are in process of parsing a fresh command. Just a placeholder. If we * are not in STATE_COMMAND_DATA_MODE, we have to be in this mode */ -#define SMTP_PARSER_STATE_COMMAND_MODE 0x00 +// unused #define SMTP_PARSER_STATE_COMMAND_MODE 0x00 /* we are in mode of parsing a command's data. Used when we are parsing tls * or accepting the rfc 2822 mail after DATA command */ -#define SMTP_PARSER_STATE_COMMAND_DATA_MODE 0x01 -/* Used when we are still in the process of parsing a server command. Used - * with multi-line replies and the stream is fragmented before all the lines - * for a response is seen */ -#define SMTP_PARSER_STATE_PARSING_SERVER_RESPONSE 0x02 +#define SMTP_PARSER_STATE_COMMAND_DATA_MODE 0x01 /* Used to indicate that the parser has seen the first reply */ #define SMTP_PARSER_STATE_FIRST_REPLY_SEEN 0x04 /* Used to indicate that the parser is parsing a multiline reply */ @@ -105,13 +100,6 @@ #define SMTP_COMMAND_OTHER_CMD 5 #define SMTP_COMMAND_RSET 6 -/* Different EHLO extensions. Not used now. */ -#define SMTP_EHLO_EXTENSION_PIPELINING -#define SMTP_EHLO_EXTENSION_SIZE -#define SMTP_EHLO_EXTENSION_DSN -#define SMTP_EHLO_EXTENSION_STARTTLS -#define SMTP_EHLO_EXTENSION_8BITMIME - #define SMTP_DEFAULT_MAX_TX 256 typedef struct SMTPInput_ { diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c index 139c8c3beb..1cf81b8a52 100644 --- a/src/app-layer-ssl.c +++ b/src/app-layer-ssl.c @@ -200,8 +200,7 @@ SslConfig ssl_config; #define SSLV2_MT_REQUEST_CERTIFICATE 7 #define SSLV2_MT_CLIENT_CERTIFICATE 8 -#define SSLV3_RECORD_HDR_LEN 5 -#define SSLV3_MESSAGE_HDR_LEN 4 +#define SSLV3_RECORD_HDR_LEN 5 /** max length according to RFC 5246 6.2.2 is 2^14 + 1024 */ #define SSLV3_RECORD_MAX_LEN ((1 << 14) + 1024) diff --git a/src/detect-bytemath.c b/src/detect-bytemath.c index 49c2989f7d..a1dfc7e985 100644 --- a/src/detect-bytemath.c +++ b/src/detect-bytemath.c @@ -58,12 +58,13 @@ static int DetectByteMathSetup(DetectEngineCtx *, Signature *, const char *); #ifdef UNITTESTS +#define DETECT_BYTEMATH_ENDIAN_DEFAULT (uint8_t) BigEndian +#define DETECT_BYTEMATH_BASE_DEFAULT (uint8_t) BaseDec + static void DetectByteMathRegisterTests(void); #endif static void DetectByteMathFree(DetectEngineCtx *, void *); -#define DETECT_BYTEMATH_ENDIAN_DEFAULT (uint8_t) BigEndian -#define DETECT_BYTEMATH_BASE_DEFAULT (uint8_t) BaseDec /** * \brief Registers the keyword handlers for the "byte_math" keyword. */ diff --git a/src/detect-dce-stub-data.c b/src/detect-dce-stub-data.c index 5d919e084e..b0ee045905 100644 --- a/src/detect-dce-stub-data.c +++ b/src/detect-dce-stub-data.c @@ -58,7 +58,6 @@ #include "rust.h" #define BUFFER_NAME "dce_stub_data" -#define KEYWORD_NAME "dce_stub_data" static int DetectDceStubDataSetup(DetectEngineCtx *, Signature *, const char *); #ifdef UNITTESTS diff --git a/src/detect-engine-state.c b/src/detect-engine-state.c index 74f87ff938..aead3547e8 100644 --- a/src/detect-engine-state.c +++ b/src/detect-engine-state.c @@ -64,9 +64,6 @@ #include "flow-util.h" -/** convert enum to string */ -#define CASE_CODE(E) case E: return #E - static inline int StateIsValid(uint16_t alproto, void *alstate) { if (alstate != NULL) { diff --git a/src/detect-parse.c b/src/detect-parse.c index 0289439200..fc5e4f6579 100644 --- a/src/detect-parse.c +++ b/src/detect-parse.c @@ -145,17 +145,6 @@ typedef struct SigDuplWrapper_ { Signature *s_prev; } SigDuplWrapper; -#define CONFIG_PARTS 8 - -#define CONFIG_ACTION 0 -#define CONFIG_PROTO 1 -#define CONFIG_SRC 2 -#define CONFIG_SP 3 -#define CONFIG_DIREC 4 -#define CONFIG_DST 5 -#define CONFIG_DP 6 -#define CONFIG_OPTS 7 - /** helper structure for sig parsing */ typedef struct SignatureParser_ { char action[DETECT_MAX_RULE_SIZE]; diff --git a/src/detect-quic-sni.c b/src/detect-quic-sni.c index 4515baa6a7..0e4bf2d091 100644 --- a/src/detect-quic-sni.c +++ b/src/detect-quic-sni.c @@ -40,7 +40,6 @@ static void DetectQuicSniRegisterTests(void); #define BUFFER_NAME "quic_sni" #define KEYWORD_NAME "quic.sni" -#define KEYWORD_ID DETECT_AL_QUIC_SNI static int quic_sni_id = 0; diff --git a/src/detect-quic-ua.c b/src/detect-quic-ua.c index 4f4e9fd7d2..0e72770cb0 100644 --- a/src/detect-quic-ua.c +++ b/src/detect-quic-ua.c @@ -40,7 +40,6 @@ static void DetectQuicUaRegisterTests(void); #define BUFFER_NAME "quic_ua" #define KEYWORD_NAME "quic.ua" -#define KEYWORD_ID DETECT_AL_QUIC_UA static int quic_ua_id = 0; diff --git a/src/detect-quic-version.c b/src/detect-quic-version.c index 58257d143b..08bf80c002 100644 --- a/src/detect-quic-version.c +++ b/src/detect-quic-version.c @@ -40,7 +40,6 @@ static void DetectQuicVersionRegisterTests(void); #define BUFFER_NAME "quic_version" #define KEYWORD_NAME "quic.version" -#define KEYWORD_ID DETECT_AL_QUIC_VERSION static int quic_version_id = 0; diff --git a/src/detect-smb-version.c b/src/detect-smb-version.c index c8a4230386..0284566ff3 100644 --- a/src/detect-smb-version.c +++ b/src/detect-smb-version.c @@ -40,7 +40,6 @@ #define BUFFER_NAME "smb_version" #define KEYWORD_NAME "smb.version" -#define KEYWORD_ID DETECT_SMB_VERSION static int g_smb_version_list_id = 0; @@ -152,4 +151,4 @@ void DetectSmbVersionRegister(void) g_smb_version_list_id = DetectBufferTypeRegister(BUFFER_NAME); SCLogDebug("registering " BUFFER_NAME " rule option"); -} \ No newline at end of file +} diff --git a/src/flow-manager.c b/src/flow-manager.c index 1568dc708a..b1d073029c 100644 --- a/src/flow-manager.c +++ b/src/flow-manager.c @@ -101,14 +101,6 @@ void FlowTimeoutsEmergency(void) SC_ATOMIC_SET(flow_timeouts, flow_timeouts_emerg); } -/* 1 seconds */ -#define FLOW_NORMAL_MODE_UPDATE_DELAY_SEC 1 -#define FLOW_NORMAL_MODE_UPDATE_DELAY_NSEC 0 -/* 0.3 seconds */ -#define FLOW_EMERG_MODE_UPDATE_DELAY_SEC 0 -#define FLOW_EMERG_MODE_UPDATE_DELAY_NSEC 300000 -#define NEW_FLOW_COUNT_COND 10 - typedef struct FlowTimeoutCounters_ { uint32_t rows_checked; uint32_t rows_skipped; diff --git a/src/log-httplog.c b/src/log-httplog.c index 17a01442da..93b6e0da91 100644 --- a/src/log-httplog.c +++ b/src/log-httplog.c @@ -71,8 +71,7 @@ void LogHttpLogRegister (void) #define LOG_HTTP_CF_REQUEST_HOST 'h' #define LOG_HTTP_CF_REQUEST_PROTOCOL 'H' #define LOG_HTTP_CF_REQUEST_METHOD 'm' -#define LOG_HTTP_CF_REQUEST_URI 'u' -#define LOG_HTTP_CF_REQUEST_TIME 't' +#define LOG_HTTP_CF_REQUEST_URI 'u' #define LOG_HTTP_CF_REQUEST_HEADER 'i' #define LOG_HTTP_CF_REQUEST_COOKIE 'C' #define LOG_HTTP_CF_REQUEST_LEN 'b' diff --git a/src/log-tlslog.c b/src/log-tlslog.c index 2c0c862756..db886f7b13 100644 --- a/src/log-tlslog.c +++ b/src/log-tlslog.c @@ -58,8 +58,7 @@ #define PRINT_BUF_LEN 46 -#define OUTPUT_BUFFER_SIZE 65535 -#define CERT_ENC_BUFFER_SIZE 2048 +#define OUTPUT_BUFFER_SIZE 65535 #define LOG_TLS_DEFAULT 0 #define LOG_TLS_EXTENDED 1 diff --git a/src/output-eve-stream.c b/src/output-eve-stream.c index a9fe09ce90..f05aa6b38c 100644 --- a/src/output-eve-stream.c +++ b/src/output-eve-stream.c @@ -57,8 +57,6 @@ #define MODULE_NAME "EveStreamLog" -#define LOG_DROP_ALERTS 1 - typedef struct EveStreamOutputCtx_ { uint16_t trigger_flags; /**< presence of flags in packet trigger logging. 0xffff for all. */ OutputJsonCtx *eve_ctx; diff --git a/src/output-json-alert.c b/src/output-json-alert.c index 40a6c17011..ae2a7fc620 100644 --- a/src/output-json-alert.c +++ b/src/output-json-alert.c @@ -860,8 +860,6 @@ static void SetFlag(const ConfNode *conf, const char *name, uint16_t flag, uint1 } } -#define DEFAULT_LOG_FILENAME "alert.json" - static void JsonAlertLogSetupMetadata(AlertJsonOutputCtx *json_output_ctx, ConfNode *conf) { diff --git a/src/output-json-anomaly.c b/src/output-json-anomaly.c index ffe931a73e..c1d9cc65c0 100644 --- a/src/output-json-anomaly.c +++ b/src/output-json-anomaly.c @@ -350,7 +350,6 @@ static void JsonAnomalyLogDeInitCtxSub(OutputCtx *output_ctx) JsonAnomalyLogDeInitCtxSubHelper(output_ctx); } -#define DEFAULT_LOG_FILENAME "anomaly.json" static void SetFlag(const ConfNode *conf, const char *name, uint16_t flag, uint16_t *out_flags) { DEBUG_VALIDATE_BUG_ON(conf == NULL); diff --git a/src/output-json-dnp3.c b/src/output-json-dnp3.c index 1387d62136..7bf4ecc860 100644 --- a/src/output-json-dnp3.c +++ b/src/output-json-dnp3.c @@ -294,8 +294,6 @@ static void OutputDNP3LogDeInitCtxSub(OutputCtx *output_ctx) SCFree(output_ctx); } -#define DEFAULT_LOG_FILENAME "dnp3.json" - static OutputInitResult OutputDNP3LogInitSub(ConfNode *conf, OutputCtx *parent_ctx) { OutputInitResult result = { NULL, false }; diff --git a/src/output-json-dns.c b/src/output-json-dns.c index 973c777fdd..be3767e2ea 100644 --- a/src/output-json-dns.c +++ b/src/output-json-dns.c @@ -37,10 +37,6 @@ #include "output-json-dns.h" #include "rust.h" -/* we can do query logging as well, but it's disabled for now as the - * TX id handling doesn't expect it */ -#define QUERY 0 - #define LOG_QUERIES BIT_U64(0) #define LOG_ANSWERS BIT_U64(1) diff --git a/src/output-json-frame.c b/src/output-json-frame.c index 9c051c15d6..4e0ec5b2b2 100644 --- a/src/output-json-frame.c +++ b/src/output-json-frame.c @@ -67,8 +67,6 @@ #define MODULE_NAME "JsonFrameLog" -#define JSON_STREAM_BUFFER_SIZE 4096 - typedef struct FrameJsonOutputCtx_ { LogFileCtx *file_ctx; uint16_t flags; diff --git a/src/output-json-tls.c b/src/output-json-tls.c index 53ceda6ff5..821e765539 100644 --- a/src/output-json-tls.c +++ b/src/output-json-tls.c @@ -53,9 +53,6 @@ SC_ATOMIC_EXTERN(unsigned int, cert_id); -#define MODULE_NAME "LogTlsLog" -#define DEFAULT_LOG_FILENAME "tls.json" - #define LOG_TLS_DEFAULT 0 #define LOG_TLS_EXTENDED (1 << 0) #define LOG_TLS_CUSTOM (1 << 1) diff --git a/src/runmode-af-xdp.c b/src/runmode-af-xdp.c index 33a47d167a..75f098eadb 100644 --- a/src/runmode-af-xdp.c +++ b/src/runmode-af-xdp.c @@ -29,7 +29,6 @@ * AF_XDP socket runmode * */ -#define PCAP_DONT_INCLUDE_PCAP_BPF_H 1 #define SC_PCAP_DONT_INCLUDE_PCAP_H 1 #include "suricata-common.h" #include "tm-threads.h" diff --git a/src/runmode-napatech.c b/src/runmode-napatech.c index 9b02b8748f..9c5f65c1b6 100644 --- a/src/runmode-napatech.c +++ b/src/runmode-napatech.c @@ -38,13 +38,13 @@ #include "runmode-napatech.h" #include "source-napatech.h" // need NapatechStreamDevConf structure -#define NT_RUNMODE_AUTOFP 1 -#define NT_RUNMODE_WORKERS 2 - static const char *default_mode = "workers"; #ifdef HAVE_NAPATECH +#define NT_RUNMODE_AUTOFP 1 +#define NT_RUNMODE_WORKERS 2 + #define MAX_STREAMS 256 static uint16_t num_configured_streams = 0; static uint16_t first_stream = 0xffff; diff --git a/src/runmode-pfring.c b/src/runmode-pfring.c index 7f1f74f40f..584a409e85 100644 --- a/src/runmode-pfring.c +++ b/src/runmode-pfring.c @@ -34,10 +34,10 @@ #ifdef HAVE_PFRING #include -#endif #define PFRING_CONF_V1 1 #define PFRING_CONF_V2 2 +#endif const char *RunModeIdsPfringGetDefaultMode(void) { diff --git a/src/source-af-packet.c b/src/source-af-packet.c index 3a32c5818f..09cb554e10 100644 --- a/src/source-af-packet.c +++ b/src/source-af-packet.c @@ -30,7 +30,6 @@ * */ -#define PCAP_DONT_INCLUDE_PCAP_BPF_H 1 #define SC_PCAP_DONT_INCLUDE_PCAP_H 1 #include "suricata-common.h" #include "suricata.h" @@ -73,14 +72,15 @@ #endif #ifdef HAVE_PACKET_EBPF +#define PCAP_DONT_INCLUDE_PCAP_BPF_H 1 #include #include -#endif struct bpf_program { unsigned int bf_len; struct bpf_insn *bf_insns; }; +#endif #ifdef HAVE_PCAP_H #include diff --git a/src/source-af-xdp.c b/src/source-af-xdp.c index 013769a06d..0f6c9b39bf 100644 --- a/src/source-af-xdp.c +++ b/src/source-af-xdp.c @@ -29,7 +29,6 @@ * AF_XDP socket acquisition support * */ -#define PCAP_DONT_INCLUDE_PCAP_BPF_H 1 #define SC_PCAP_DONT_INCLUDE_PCAP_H 1 #include "suricata-common.h" #include "suricata.h" @@ -968,4 +967,4 @@ static TmEcode DecodeAFXDPThreadDeinit(ThreadVars *tv, void *data) /* eof */ /** * @} - */ \ No newline at end of file + */ diff --git a/src/source-ipfw.c b/src/source-ipfw.c index ecae507c41..db9609d463 100644 --- a/src/source-ipfw.c +++ b/src/source-ipfw.c @@ -42,15 +42,6 @@ #include "util-device.h" #include "runmodes.h" -#define IPFW_ACCEPT 0 -#define IPFW_DROP 1 - -#define IPFW_SOCKET_POLL_MSEC 300 - -#ifndef IP_MAXPACKET -#define IP_MAXPACKET 65535 -#endif - #ifndef IPFW /* Handle the case if --enable-ipfw was not used * @@ -102,6 +93,11 @@ TmEcode NoIPFWSupportExit(ThreadVars *tv, const void *initdata, void **data) #include "action-globals.h" +#define IPFW_ACCEPT 0 +#define IPFW_DROP 1 + +#define IPFW_SOCKET_POLL_MSEC 300 + extern uint16_t max_pending_packets; /** @@ -223,6 +219,10 @@ static inline void IPFWMutexUnlock(IPFWQueueVars *nq) SCMutexUnlock(&nq->socket_lock); } +#ifndef IP_MAXPACKET +#define IP_MAXPACKET 65535 +#endif + TmEcode ReceiveIPFWLoop(ThreadVars *tv, void *data, void *slot) { SCEnter(); diff --git a/src/tests/fuzz/fuzz_applayerparserparse.c b/src/tests/fuzz/fuzz_applayerparserparse.c index 0b17edf886..f12f814fd3 100644 --- a/src/tests/fuzz/fuzz_applayerparserparse.c +++ b/src/tests/fuzz/fuzz_applayerparserparse.c @@ -66,9 +66,6 @@ int LLVMFuzzerInitialize(int *argc, char ***argv) return 0; } -// arbitrary value -#define ALPROTO_MAXTX 4096 - int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { Flow * f; diff --git a/src/tests/fuzz/oss-fuzz-configure.sh b/src/tests/fuzz/oss-fuzz-configure.sh index 9088f762ca..77ec80442d 100755 --- a/src/tests/fuzz/oss-fuzz-configure.sh +++ b/src/tests/fuzz/oss-fuzz-configure.sh @@ -1,2 +1,2 @@ #!/bin/sh -./configure --disable-shared --enable-fuzztargets --disable-gccmarch-native --enable-debug-validation +./configure --enable-warnings --disable-shared --enable-fuzztargets --disable-gccmarch-native --enable-debug-validation diff --git a/src/util-coredump-config.c b/src/util-coredump-config.c index 09485cb795..4fa43579cc 100644 --- a/src/util-coredump-config.c +++ b/src/util-coredump-config.c @@ -24,7 +24,6 @@ */ #include "suricata-common.h" -#define _FILE_OFFSET_BITS 64 #include "util-coredump-config.h" #include "conf.h" #ifdef HAVE_SYS_RESOURCE_H diff --git a/src/util-decode-mime.c b/src/util-decode-mime.c index 4b9cd23f34..4d5b8c1da5 100644 --- a/src/util-decode-mime.c +++ b/src/util-decode-mime.c @@ -45,12 +45,7 @@ #define COLON 58 #define DASH 45 #define PRINTABLE_START 33 -#define PRINTABLE_END 126 -#define UC_START 65 -#define UC_END 90 -#define LC_START 97 -#define LC_END 122 -#define UC_LC_DIFF 32 +#define PRINTABLE_END 126 #define EOL_LEN 2 /* Base-64 constants */ diff --git a/src/util-dpdk-bonding.c b/src/util-dpdk-bonding.c index 59b92ba829..ad9b4fef12 100644 --- a/src/util-dpdk-bonding.c +++ b/src/util-dpdk-bonding.c @@ -21,9 +21,6 @@ * \author Lukas Sismis */ -#ifndef UTIL_DPDK_BONDING_C -#define UTIL_DPDK_BONDING_C - #include "suricata-common.h" #include "util-dpdk-bonding.h" @@ -121,5 +118,3 @@ const char *BondingDeviceDriverGet(uint16_t bond_pid) } #endif /* HAVE_DPDK */ - -#endif /* UTIL_DPDK_BONDING_C */ diff --git a/src/util-ebpf.c b/src/util-ebpf.c index 13eaea828d..9029335301 100644 --- a/src/util-ebpf.c +++ b/src/util-ebpf.c @@ -30,7 +30,6 @@ * */ -#define PCAP_DONT_INCLUDE_PCAP_BPF_H 1 #define SC_PCAP_DONT_INCLUDE_PCAP_H 1 #include "suricata-common.h" diff --git a/src/util-hash-lookup3.c b/src/util-hash-lookup3.c index 5d1146152b..2354c183d2 100644 --- a/src/util-hash-lookup3.c +++ b/src/util-hash-lookup3.c @@ -64,8 +64,6 @@ on 1 byte), but shoehorning those bytes into integers efficiently is messy. # define HASH_BIG_ENDIAN 0 #endif -#define hashsize(n) ((uint32_t)1<<(n)) -#define hashmask(n) (hashsize(n)-1) #define rot(x,k) (((x)<<(k)) | ((x)>>(32-(k)))) /* diff --git a/src/util-print.c b/src/util-print.c index 8fa2cba596..4ca901fa0c 100644 --- a/src/util-print.c +++ b/src/util-print.c @@ -212,10 +212,6 @@ void PrintStringsToBuffer(uint8_t *dst_buf, uint32_t *dst_buf_offset_ptr, uint32 return; } -#ifndef s6_addr16 -# define s6_addr16 __u6_addr.__u6_addr16 -#endif - static const char *PrintInetIPv6(const void *src, char *dst, socklen_t size) { char s_part[6]; diff --git a/src/util-sysfs.c b/src/util-sysfs.c index 11f1854a8c..f1e21dd9be 100644 --- a/src/util-sysfs.c +++ b/src/util-sysfs.c @@ -25,11 +25,10 @@ #include "util-sysfs.h" -#define SYSFS_MAX_FILENAME_LEN (SYSFS_MAX_FILENAME_SIZE + 5) - TmEcode SysFsWriteValue(const char *path, int64_t value) { #if defined(__linux__) +#define SYSFS_MAX_FILENAME_LEN (SYSFS_MAX_FILENAME_SIZE + 5) char fname[SYSFS_MAX_FILENAME_LEN] = "/sys/"; char sentence[64];