From 3a79984e5ea81f8fd376caaee19ed69f68b805a3 Mon Sep 17 00:00:00 2001 From: Philippe Antoine Date: Tue, 21 Nov 2023 21:31:10 +0100 Subject: [PATCH] detect/xbits: fix coverity warning CID 1554237 and CID 1554233 Basically make the code easier to reason with for coverity without changing the behavior which was fine. --- src/detect-xbits.c | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/src/detect-xbits.c b/src/detect-xbits.c index 92b86ba9da..a3f67dbfc9 100644 --- a/src/detect-xbits.c +++ b/src/detect-xbits.c @@ -340,44 +340,39 @@ int DetectXbitSetup (DetectEngineCtx *de_ctx, Signature *s, const char *rawstr) int result = DetectXbitParse(de_ctx, rawstr, &cd); if (result < 0) { return -1; - /* noalert doesn't use a cd/sm struct. It flags the sig. We're done. */ - } else if (result == 0 && cd == NULL) { + } else if (cd == NULL) { + /* noalert doesn't use a cd/sm struct. It flags the sig. We're done. */ s->flags |= SIG_FLAG_NOALERT; return 0; } /* Okay so far so good, lets get this into a SigMatch * and put it in the Signature. */ - switch (cd->cmd) { /* case DETECT_XBITS_CMD_NOALERT can't happen here */ - case DETECT_XBITS_CMD_ISNOTSET: case DETECT_XBITS_CMD_ISSET: /* checks, so packet list */ if (SigMatchAppendSMToList( de_ctx, s, DETECT_XBITS, (SigMatchCtx *)cd, DETECT_SM_LIST_MATCH) == NULL) { - goto error; + SCFree(cd); + return -1; } break; - case DETECT_XBITS_CMD_SET: - case DETECT_XBITS_CMD_UNSET: - case DETECT_XBITS_CMD_TOGGLE: + // all other cases + // DETECT_XBITS_CMD_SET, DETECT_XBITS_CMD_UNSET, DETECT_XBITS_CMD_TOGGLE: + default: /* modifiers, only run when entire sig has matched */ if (SigMatchAppendSMToList(de_ctx, s, DETECT_XBITS, (SigMatchCtx *)cd, DETECT_SM_LIST_POSTMATCH) == NULL) { - goto error; + SCFree(cd); + return -1; } break; } return 0; - -error: - if (cd != NULL) - SCFree(cd); - return -1; } static void DetectXbitFree (DetectEngineCtx *de_ctx, void *ptr) -- 2.47.2