From: Hui Cao (huica) Date: Mon, 9 Jan 2017 21:04:54 +0000 (-0500) Subject: Merge pull request #769 in SNORT/snort3 from smb2_fix to master X-Git-Tag: 3.0.0-233~115 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d565e4ead92725c6ce3028a21ce19ec67564d273;p=thirdparty%2Fsnort3.git Merge pull request #769 in SNORT/snort3 from smb2_fix to master Squashed commit of the following: commit 9db2679579295da3f7a76eec8a9dea0bfcfc84a3 Author: huica Date: Mon Jan 9 13:15:17 2017 -0500 disable smb2 processing when file service is disabled --- diff --git a/src/file_api/file_config.h b/src/file_api/file_config.h index 0436e0e6c..7bd3509ba 100644 --- a/src/file_api/file_config.h +++ b/src/file_api/file_config.h @@ -75,6 +75,6 @@ private: }; std::string file_type_name(uint32_t id); -FileConfig* get_file_config (); +FileConfig* get_file_config(); #endif diff --git a/src/service_inspectors/dce_rpc/dce_smb2.cc b/src/service_inspectors/dce_rpc/dce_smb2.cc index a2171fde1..4e2450792 100644 --- a/src/service_inspectors/dce_rpc/dce_smb2.cc +++ b/src/service_inspectors/dce_rpc/dce_smb2.cc @@ -27,6 +27,7 @@ #include "detection/detection_util.h" #include "file_api/file_flows.h" +#include "file_api/file_service.h" #include "utils/util.h" #include "dce_smb_module.h" @@ -784,7 +785,9 @@ void DCE2_Smb2Process(DCE2_SmbSsnData* ssd) const uint8_t* data_ptr = p->data; uint16_t data_len = p->dsize; Smb2Hdr* smb_hdr; - const uint8_t* end = data_ptr + data_len; + + if (!FileService::is_file_service_enabled()) + return; /*Check header length*/ if (data_len < sizeof(NbssHdr) + SMB2_HEADER_LENGTH) @@ -806,7 +809,7 @@ void DCE2_Smb2Process(DCE2_SmbSsnData* ssd) dce_alert(GID_DCE2, DCE2_SMB_BAD_NEXT_COMMAND_OFFSET, (dce2CommonStats*)&dce2_smb_stats); } - DCE2_Smb2Inspect(ssd, (Smb2Hdr*)smb_hdr, end); + DCE2_Smb2Inspect(ssd, (Smb2Hdr*)smb_hdr, data_ptr + data_len); } else if (ssd->pdu_state == DCE2_SMB_PDU_STATE__RAW_DATA) {