From: Arne Welzel Date: Sat, 12 Feb 2022 16:49:07 +0000 (+0100) Subject: flow-manager: fix off-by-one in flow_hash row allocation X-Git-Tag: suricata-6.0.5~55 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F7206%2Fhead;p=thirdparty%2Fsuricata.git flow-manager: fix off-by-one in flow_hash row allocation The current code doesn't cover all rows when more than one flow manager is used. It leaves a single row between ftd->max and ftd->min of the next manager orphaned. As an example: hash_size=1000 flowmgr_number=3 range=333 instance ftd->min ftd->max 0 0 333 1 334 666 2 667 1000 Rows not covered: 333, 666 (cherry picked from commit 8ef066318d7c4dd9b6686dbebd621c790828c384) --- diff --git a/src/flow-manager.c b/src/flow-manager.c index 359a39ecee..2a6bc63554 100644 --- a/src/flow-manager.c +++ b/src/flow-manager.c @@ -658,14 +658,13 @@ static TmEcode FlowManagerThreadInit(ThreadVars *t, const void *initdata, void * /* set the min and max value used for hash row walking * each thread has it's own section of the flow hash */ uint32_t range = flow_config.hash_size / flowmgr_number; - if (ftd->instance == 0) - ftd->max = range; - else if ((ftd->instance + 1) == flowmgr_number) { - ftd->min = (range * ftd->instance) + 1; + + ftd->min = ftd->instance * range; + ftd->max = (ftd->instance + 1) * range; + + /* last flow-manager takes on hash_size % flowmgr_number extra rows */ + if ((ftd->instance + 1) == flowmgr_number) { ftd->max = flow_config.hash_size; - } else { - ftd->min = (range * ftd->instance) + 1; - ftd->max = (range * (ftd->instance + 1)); } BUG_ON(ftd->min > flow_config.hash_size || ftd->max > flow_config.hash_size);