From: Umang Sharma (umasharm) <umasharm@cisco.com>
Date: Thu, 30 Nov 2023 14:34:29 +0000 (+0000)
Subject: Pull request #4116: appid: coverity issues
X-Git-Tag: 3.1.76.0~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f616352bce99a755c632eafb2d0c9035f6d7f537;p=thirdparty%2Fsnort3.git

Pull request #4116: appid: coverity issues

Merge in SNORT/snort3 from ~UMASHARM/snort3:coverity_fixes to master

Squashed commit of the following:

commit 5f57ab950b53a47217d9a1155e4988f31bd288a5
Author: Umang Sharma <umasharm@cisco.com>
Date:   Wed Nov 22 02:25:17 2023 -0500

    appid: fixing coverity issues
---

diff --git a/src/network_inspectors/appid/appid_discovery.cc b/src/network_inspectors/appid/appid_discovery.cc
index d985009a2..17636740d 100644
--- a/src/network_inspectors/appid/appid_discovery.cc
+++ b/src/network_inspectors/appid/appid_discovery.cc
@@ -80,10 +80,10 @@ AppIdDiscovery::~AppIdDiscovery()
 
     pattern_data.clear();
 
-    for (auto kv : tcp_detectors)
+    for (const auto& kv : tcp_detectors)
         delete kv.second;
 
-    for (auto kv : udp_detectors)
+    for (const auto& kv : udp_detectors)
         delete kv.second;
 }
 
diff --git a/src/network_inspectors/appid/appid_http_session.h b/src/network_inspectors/appid/appid_http_session.h
index c8bf149a9..0f9b33c36 100644
--- a/src/network_inspectors/appid/appid_http_session.h
+++ b/src/network_inspectors/appid/appid_http_session.h
@@ -50,6 +50,7 @@ struct TunnelDest
     uint16_t port = 0;
     TunnelDest(const char* string_srcip, uint16_t tun_port)
     {
+        ip.clear();
         if ( ip.set(string_srcip) == SFIP_SUCCESS )
             port = tun_port;
     }
@@ -200,4 +201,3 @@ protected:
 };
 
 #endif
-
diff --git a/src/network_inspectors/appid/appid_stats.cc b/src/network_inspectors/appid/appid_stats.cc
index 10ba315a7..02986750b 100644
--- a/src/network_inspectors/appid/appid_stats.cc
+++ b/src/network_inspectors/appid/appid_stats.cc
@@ -106,7 +106,7 @@ void AppIdStatistics::dump_statistics()
     {
         if ( bucket->app_record_cnt )
         {
-            for (auto it : bucket->apps_tree)
+            for (auto& it : bucket->apps_tree)
             {
                 struct AppIdStatRecord& record = it.second;
 
@@ -266,4 +266,3 @@ void AppIdStatistics::flush()
         start_stats_period(now);
     }
 }
-
diff --git a/src/network_inspectors/appid/appid_stats.h b/src/network_inspectors/appid/appid_stats.h
index 9e3d171b3..81b096e87 100644
--- a/src/network_inspectors/appid/appid_stats.h
+++ b/src/network_inspectors/appid/appid_stats.h
@@ -47,7 +47,7 @@ struct AppIdStatRecord
 
 struct StatsBucket
 {
-    uint32_t start_time = 0;
+    time_t start_time = 0;
     std::map<AppId, AppIdStatRecord> apps_tree;
     struct
     {
diff --git a/src/network_inspectors/appid/client_plugins/client_app_bit.cc b/src/network_inspectors/appid/client_plugins/client_app_bit.cc
index 5a84bbb92..f10072860 100644
--- a/src/network_inspectors/appid/client_plugins/client_app_bit.cc
+++ b/src/network_inspectors/appid/client_plugins/client_app_bit.cc
@@ -124,9 +124,12 @@ int BitClientDetector::validate(AppIdDiscoveryArgs& args)
             fd->pos++;
             break;
         case BIT_STATE_MESSAGE_LEN:
+            if (fd->pos >= offsetof(ClientBITMsg, code))
+                break;
+
             fd->l.raw_len[fd->pos] = args.data[offset];
             fd->pos++;
-            if (fd->pos >= offsetof(ClientBITMsg, code))
+            if (fd->pos == offsetof(ClientBITMsg, code))
             {
                 fd->stringlen = ntohl(fd->l.len);
                 fd->state = BIT_STATE_MESSAGE_DATA;
@@ -157,4 +160,3 @@ done:
     add_app(args.asd, APP_ID_BITTORRENT, APP_ID_BITTORRENT, nullptr, args.change_bits);
     return APPID_SUCCESS;
 }
-
diff --git a/src/network_inspectors/appid/client_plugins/client_app_tns.cc b/src/network_inspectors/appid/client_plugins/client_app_tns.cc
index adedfc543..8ee79c11c 100644
--- a/src/network_inspectors/appid/client_plugins/client_app_tns.cc
+++ b/src/network_inspectors/appid/client_plugins/client_app_tns.cc
@@ -224,9 +224,11 @@ int TnsClientDetector::validate(AppIdDiscoveryArgs& args)
             }
             break;
         case TNS_STATE_MESSAGE_CONNECT:
+            if (fd->pos >= (CONNECT_VERSION_OFFSET + 2))
+                break;
             fd->l.raw_len[fd->pos - CONNECT_VERSION_OFFSET] = args.data[offset];
             fd->pos++;
-            if (fd->pos >= (CONNECT_VERSION_OFFSET + 2))
+            if (fd->pos == (CONNECT_VERSION_OFFSET + 2))
             {
                 {
                     switch (ntohs(fd->l.len))
@@ -344,4 +346,3 @@ done:
     }
     return APPID_SUCCESS;
 }
-
diff --git a/src/network_inspectors/appid/client_plugins/client_discovery.cc b/src/network_inspectors/appid/client_plugins/client_discovery.cc
index da661210d..a62d3e41f 100644
--- a/src/network_inspectors/appid/client_plugins/client_discovery.cc
+++ b/src/network_inspectors/appid/client_plugins/client_discovery.cc
@@ -65,18 +65,18 @@ void ClientDiscovery::initialize(AppIdInspector& inspector)
     new TnsClientDetector(this);
     new VncClientDetector(this);
 
-    for ( auto kv : tcp_detectors )
+    for ( auto& kv : tcp_detectors )
         kv.second->initialize(inspector);
 
-    for ( auto kv : udp_detectors )
+    for ( auto& kv : udp_detectors )
         kv.second->initialize(inspector);
 }
 
 void ClientDiscovery::reload()
 {
-    for ( auto kv : tcp_detectors )
+    for ( auto& kv : tcp_detectors )
         kv.second->reload();
-    for ( auto kv : udp_detectors )
+    for ( auto& kv : udp_detectors )
         kv.second->reload();
 }