From: Maya Dagon (mdagon) <mdagon@cisco.com>
Date: Wed, 30 Aug 2023 14:11:28 +0000 (+0000)
Subject: Pull request #3975: helpers: improve hyperscan_search error message
X-Git-Tag: 3.1.70.0~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=df45804527e889f4608fab97e401f096884e50d9;p=thirdparty%2Fsnort3.git

Pull request #3975: helpers: improve hyperscan_search error message

Merge in SNORT/snort3 from ~MDAGON/snort3:hyper_msg to master

Squashed commit of the following:

commit 84357839a39f9ac89a8cd5b448a828a061129c51
Author: maya dagon <mdagon@cisco.com>
Date:   Thu Aug 24 14:52:14 2023 -0400

    helpers: improve hyperscan_search error message
---

diff --git a/src/helpers/hyper_search.cc b/src/helpers/hyper_search.cc
index c201a71f4..2e4ebe29e 100644
--- a/src/helpers/hyper_search.cc
+++ b/src/helpers/hyper_search.cc
@@ -33,6 +33,7 @@
 #include "log/messages.h"
 #include "main/snort_config.h"
 #include "main/thread.h"
+#include "utils/util.h"
 
 #include "hyper_scratch_allocator.h"
 
@@ -81,12 +82,18 @@ HyperSearch::HyperSearch(LiteralSearch::Handle* h, const uint8_t* pattern, unsig
         HS_MODE_BLOCK, nullptr, (hs_database_t**)&db, &err) != HS_SUCCESS )
 #endif
     {
-        ParseError("can't compile content '%s'", pattern);
+        std::string print_str;
+        uint8_to_printable_str(pattern, len, print_str);
+        ParseError("can't compile content '%s'", print_str.c_str());
         hs_free_compile_error(err);
         return;
     }
     if ( !scratcher->allocate(db) )
-        ParseError("can't allocate scratch for content '%s'", pattern);
+    {
+        std::string print_str;
+        uint8_to_printable_str(pattern, len, print_str);
+        ParseError("can't allocate scratch for content '%s'", print_str.c_str());
+    }
 }
 
 HyperSearch::~HyperSearch()
diff --git a/src/helpers/test/hyper_search_test.cc b/src/helpers/test/hyper_search_test.cc
index b7ec37ba3..d2064a980 100644
--- a/src/helpers/test/hyper_search_test.cc
+++ b/src/helpers/test/hyper_search_test.cc
@@ -84,6 +84,9 @@ void ParseError(const char*, ...)
 unsigned get_instance_id()
 { return 0; }
 
+void uint8_to_printable_str(const uint8_t*, unsigned, std::string&)
+{}
+
 }
 
 //-------------------------------------------------------------------------
diff --git a/src/utils/util.cc b/src/utils/util.cc
index 3652515ef..af9d9824b 100644
--- a/src/utils/util.cc
+++ b/src/utils/util.cc
@@ -597,6 +597,49 @@ void ts_print(const struct timeval* tvp, char* timebuf, bool yyyymmdd)
             (unsigned)tvp->tv_usec);
     }
 }
+
+static void start_hex_state(bool& hex_state, std::string& print_str)
+{
+    if (!hex_state)
+    {
+        hex_state = true;
+        print_str += "|";
+    }
+}
+
+static void end_hex_state(bool& hex_state, std::string& print_str)
+{
+    if (hex_state)
+    {
+        hex_state = false;
+        print_str += "|";
+    }
+}
+
+void uint8_to_printable_str(const uint8_t* buff, unsigned len, std::string& print_str)
+{
+    print_str.clear();
+    char output[4];
+    bool hex_state = false;
+    for (unsigned i = 0 ; i < len ; i++)
+    {
+        if ((buff[i] >= 0x20) && (buff[i] <= 0x7E))
+        {
+            end_hex_state(hex_state, print_str);
+            sprintf(output, "%c", (char)buff[i]);
+        }
+        else
+        {
+            start_hex_state(hex_state, print_str);
+            sprintf(output, "%.2x ", buff[i]);
+        }
+
+        print_str += output;
+    }
+
+    end_hex_state(hex_state, print_str);
+}
+
 }
 
 #ifdef UNIT_TEST
@@ -604,4 +647,29 @@ TEST_CASE("gmt2local_time_out_of_range", "[util]")
 {
     REQUIRE((gmt2local(0xffffffff1fff2f)==0));
 }
+
+TEST_CASE("uint8_to_printable_str go over all options", "[util]")
+{
+    std::string print_str;
+    uint8_t pattern[] = { 0, 'a', '(', 'd', ')', 1, '\r', 2, '\n','n'};
+    uint8_to_printable_str(pattern, 10, print_str);
+    CHECK((strcmp(print_str.c_str(),"|00 |a(d)|01 0d 02 0a |n") == 0));
+}
+
+TEST_CASE("uint8_to_printable_str empty buffer", "[util]")
+{
+    std::string print_str;
+    uint8_t* pattern = nullptr;
+    uint8_to_printable_str(pattern, 0, print_str);
+    CHECK((strcmp(print_str.c_str(),"") == 0));
+}
+
+TEST_CASE("uint8_to_printable_str end with |", "[util]")
+{
+    std::string print_str;
+    uint8_t pattern[] = { 'a', 0 };
+    uint8_to_printable_str(pattern, 2, print_str);
+    CHECK((strcmp(print_str.c_str(),"a|00 |") == 0));
+}
+
 #endif
diff --git a/src/utils/util.h b/src/utils/util.h
index e841eb58d..a8d3302f8 100644
--- a/src/utils/util.h
+++ b/src/utils/util.h
@@ -110,6 +110,7 @@ SO_PUBLIC char* snort_strdup(const char*);
 SO_PUBLIC char* snort_strndup(const char*, size_t);
 SO_PUBLIC const uint8_t* snort_memrchr(const uint8_t*, char, size_t);
 SO_PUBLIC void ts_print(const struct timeval*, char*, bool yyyymmdd = false);
+void uint8_to_printable_str(const uint8_t* buff, unsigned len, std::string& print_str);
 }
 
 #endif