From: Sreeja Athirkandathil Narayanan (sathirka) <sathirka@cisco.com>
Date: Thu, 30 Nov 2023 14:10:27 +0000 (+0000)
Subject: Pull request #4107: appid: fixing coverity issues
X-Git-Tag: 3.1.76.0~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f8db68a56c4264885446ccda06b994fb66210dc2;p=thirdparty%2Fsnort3.git

Pull request #4107: appid: fixing coverity issues

Merge in SNORT/snort3 from ~SATHIRKA/snort3:appid_coverity to master

Squashed commit of the following:

commit 49746e192fce6caf2e7c19702c8fffdaaeabdb54
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date:   Fri Nov 17 06:42:53 2023 -0500

    appid: fixing coverity issues
---

diff --git a/src/network_inspectors/appid/detector_plugins/http_url_patterns.h b/src/network_inspectors/appid/detector_plugins/http_url_patterns.h
index 5f75fc57c..f17dec7c6 100644
--- a/src/network_inspectors/appid/detector_plugins/http_url_patterns.h
+++ b/src/network_inspectors/appid/detector_plugins/http_url_patterns.h
@@ -123,13 +123,13 @@ struct DetectorHTTPPattern
         return true;
     }
 
-    DHPSequence sequence;
-    AppId service_id;
-    AppId client_id;
-    AppId payload_id;
-    AppId app_id;
-    unsigned pattern_size;
-    const uint8_t* pattern;
+    DHPSequence sequence = SINGLE;
+    AppId service_id = 0;
+    AppId client_id = 0;
+    AppId payload_id = 0;
+    AppId app_id = 0;
+    unsigned pattern_size = 0;
+    const uint8_t* pattern = nullptr;
 };
 typedef std::vector<DetectorHTTPPattern> DetectorHTTPPatterns;
 
diff --git a/src/network_inspectors/appid/service_plugins/service_bit.cc b/src/network_inspectors/appid/service_plugins/service_bit.cc
index 07bb135ca..668429efa 100644
--- a/src/network_inspectors/appid/service_plugins/service_bit.cc
+++ b/src/network_inspectors/appid/service_plugins/service_bit.cc
@@ -138,6 +138,8 @@ int BitServiceDetector::validate(AppIdDiscoveryArgs& args)
             ss->pos++;
             break;
         case BIT_STATE_MESSAGE_LEN:
+            if (ss->pos >= 4)
+                break;
             ss->l.raw_len[ss->pos] = data[offset];
             ss->pos++;
             if (ss->pos >= offsetof(ServiceBITMsg, code))
diff --git a/src/network_inspectors/appid/service_plugins/service_discovery.cc b/src/network_inspectors/appid/service_plugins/service_discovery.cc
index 775343e51..d1d71e2cd 100644
--- a/src/network_inspectors/appid/service_plugins/service_discovery.cc
+++ b/src/network_inspectors/appid/service_plugins/service_discovery.cc
@@ -126,12 +126,12 @@ void ServiceDiscovery::initialize(AppIdInspector& inspector)
     new RegTestServiceDetector2(this);
 #endif
 
-    for ( auto kv : tcp_detectors )
+    for ( auto& kv : tcp_detectors )
     {
         kv.second->initialize(inspector);
         service_detector_list.emplace_back(kv.second);
     }
-    for ( auto kv : udp_detectors )
+    for ( auto& kv : udp_detectors )
     {
         kv.second->initialize(inspector);
         service_detector_list.emplace_back(kv.second);
@@ -140,9 +140,9 @@ void ServiceDiscovery::initialize(AppIdInspector& inspector)
 
 void ServiceDiscovery::reload()
 {
-    for ( auto kv : tcp_detectors )
+    for ( auto& kv : tcp_detectors )
         kv.second->reload();
-    for ( auto kv : udp_detectors )
+    for ( auto& kv : udp_detectors )
         kv.second->reload();
 }
 
diff --git a/src/network_inspectors/appid/service_plugins/service_netbios.cc b/src/network_inspectors/appid/service_plugins/service_netbios.cc
index a575cbf5d..16ab4fc40 100644
--- a/src/network_inspectors/appid/service_plugins/service_netbios.cc
+++ b/src/network_inspectors/appid/service_plugins/service_netbios.cc
@@ -618,7 +618,7 @@ not_mailslot:
         data += sizeof(NBDgmError);
         if (end != data)
             goto fail;
-        if (err->code < NBDGM_ERROR_CODE_MIN and
+        if (err->code < NBDGM_ERROR_CODE_MIN or
             err->code > NBDGM_ERROR_CODE_MAX)
         {
             goto fail;
diff --git a/src/network_inspectors/appid/service_plugins/service_ssl.cc b/src/network_inspectors/appid/service_plugins/service_ssl.cc
index 0b0687fbd..d103efb28 100644
--- a/src/network_inspectors/appid/service_plugins/service_ssl.cc
+++ b/src/network_inspectors/appid/service_plugins/service_ssl.cc
@@ -428,8 +428,6 @@ int SslServiceDetector::validate(AppIdDiscoveryArgs& args)
                     }
                     break;
                 case SSLV3RecordType::SERVER_HELLO_DONE:
-                    if (size < offsetof(ServiceSSLV3Record, version))
-                        goto success;
                     if (rec->length)
                         goto fail;
                     if (ss->tot_length != offsetof(ServiceSSLV3Record, version))
diff --git a/src/network_inspectors/appid/service_plugins/service_tns.cc b/src/network_inspectors/appid/service_plugins/service_tns.cc
index fc29b5854..627889ff0 100644
--- a/src/network_inspectors/appid/service_plugins/service_tns.cc
+++ b/src/network_inspectors/appid/service_plugins/service_tns.cc
@@ -228,9 +228,11 @@ int TnsServiceDetector::validate(AppIdDiscoveryArgs& args)
             break;
 
         case TNS_STATE_MESSAGE_ACCEPT:
+            if (ss->pos >= (ACCEPT_VERSION_OFFSET + 2))
+                break;
             ss->l.raw_len[ss->pos - ACCEPT_VERSION_OFFSET] = data[offset];
             ss->pos++;
-            if (ss->pos >= (ACCEPT_VERSION_OFFSET + 2))
+            if (ss->pos == (ACCEPT_VERSION_OFFSET + 2))
             {
                 switch (ntohs(ss->l.len))
                 {