From 7666fdd4f7fb357deeab9c4791606ca9659ea67d Mon Sep 17 00:00:00 2001
From: "Shravan Rangarajuvenkata (shrarang)" <shrarang@cisco.com>
Date: Wed, 13 May 2020 19:10:46 +0000
Subject: [PATCH] Merge pull request #2212 in SNORT/snort3 from
 ~SATHIRKA/snort3:dns_session_alloc to master

Squashed commit of the following:

commit cc4a642b171b30b844f78f3c50ea5bccb6fb42ea
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date:   Tue May 12 15:08:28 2020 -0400

    appid: Do not allocate DNS session for non-DNS flows and update memory tracker for HTTP sessions
---
 src/network_inspectors/appid/appid_http_session.cc     |  3 +++
 src/network_inspectors/appid/appid_session.cc          | 10 ++++++++--
 src/network_inspectors/appid/appid_session.h           |  1 +
 .../appid/detector_plugins/detector_dns.cc             | 10 +++++++++-
 .../appid/service_plugins/service_discovery.cc         |  4 ++--
 .../appid/test/appid_http_session_test.cc              |  3 +++
 src/network_inspectors/appid/test/appid_mock_session.h |  7 ++++++-
 7 files changed, 32 insertions(+), 6 deletions(-)

diff --git a/src/network_inspectors/appid/appid_http_session.cc b/src/network_inspectors/appid/appid_http_session.cc
index 92967a065..2bde9de79 100644
--- a/src/network_inspectors/appid/appid_http_session.cc
+++ b/src/network_inspectors/appid/appid_http_session.cc
@@ -25,6 +25,7 @@
 
 #include "appid_http_session.h"
 
+#include "memory/memory_cap.h"
 #include "profiler/profiler.h"
 
 #include "app_info_table.h"
@@ -45,6 +46,7 @@ AppIdHttpSession::AppIdHttpSession(AppIdSession& asd, uint32_t http2_stream_id)
         meta_offset[i].first = 0;
         meta_offset[i].second = 0;
     }
+    memory::MemoryCap::update_allocations(sizeof(AppIdHttpSession));
 }
 
 AppIdHttpSession::~AppIdHttpSession()
@@ -53,6 +55,7 @@ AppIdHttpSession::~AppIdHttpSession()
         delete meta_data[i];
     if (tun_dest)
         delete tun_dest;
+    memory::MemoryCap::update_deallocations(sizeof(AppIdHttpSession));
 }
 
 void AppIdHttpSession::free_chp_matches(ChpMatchDescriptor& cmd, unsigned num_matches)
diff --git a/src/network_inspectors/appid/appid_session.cc b/src/network_inspectors/appid/appid_session.cc
index 7ab5e0cab..2df26d143 100644
--- a/src/network_inspectors/appid/appid_session.cc
+++ b/src/network_inspectors/appid/appid_session.cc
@@ -1023,10 +1023,16 @@ AppIdHttpSession* AppIdSession::get_http_session(uint32_t stream_index)
         return nullptr;
 }
 
+AppIdDnsSession* AppIdSession::create_dns_session()
+{
+    if (dsession)
+        delete dsession;
+    dsession = new AppIdDnsSession();
+    return dsession;
+}
+
 AppIdDnsSession* AppIdSession::get_dns_session()
 {
-    if (!dsession)
-        dsession = new AppIdDnsSession();
     return dsession;
 }
 
diff --git a/src/network_inspectors/appid/appid_session.h b/src/network_inspectors/appid/appid_session.h
index 961d96548..34547c85b 100644
--- a/src/network_inspectors/appid/appid_session.h
+++ b/src/network_inspectors/appid/appid_session.h
@@ -368,6 +368,7 @@ public:
         hsessions.clear();
     }
 
+    AppIdDnsSession* create_dns_session();
     AppIdDnsSession* get_dns_session();
 
     bool is_tp_appid_done() const;
diff --git a/src/network_inspectors/appid/detector_plugins/detector_dns.cc b/src/network_inspectors/appid/detector_plugins/detector_dns.cc
index 7e14aeda8..167d12351 100644
--- a/src/network_inspectors/appid/detector_plugins/detector_dns.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_dns.cc
@@ -188,6 +188,8 @@ APPID_STATUS_CODE DnsValidator::add_dns_query_info(AppIdSession& asd, uint16_t i
     const uint8_t* host, uint8_t host_len, uint16_t host_offset, uint16_t record_type)
 {
     AppIdDnsSession* dsession = asd.get_dns_session();
+    if (!dsession)
+        dsession = asd.create_dns_session();
     if ( ( dsession->get_state() != 0 ) && ( dsession->get_id() != id ) )
         dsession->reset();
 
@@ -218,6 +220,8 @@ APPID_STATUS_CODE DnsValidator::add_dns_response_info(AppIdSession& asd, uint16_
     const uint8_t* host, uint8_t host_len, uint16_t host_offset, uint8_t response_type, uint32_t ttl)
 {
     AppIdDnsSession* dsession = asd.get_dns_session();
+    if (!dsession)
+        dsession = asd.create_dns_session();
     if ( ( dsession->get_state() != 0 ) && ( dsession->get_id() != id ) )
         dsession->reset();
 
@@ -438,7 +442,11 @@ int DnsValidator::dns_validate_header(const AppidSessionDirection dir, const DNS
     else if (!hdr->QR)        // Query.
     {
         if (host_reporting)
-            asd.get_dns_session()->reset();
+        {
+            AppIdDnsSession* dsession = asd.get_dns_session();
+            if (dsession)
+                dsession->reset();
+        }
         return dir == APP_ID_FROM_INITIATOR ? APPID_SUCCESS : APPID_REVERSED;
     }
     else     // Response.
diff --git a/src/network_inspectors/appid/service_plugins/service_discovery.cc b/src/network_inspectors/appid/service_plugins/service_discovery.cc
index 615557d83..a6238b277 100644
--- a/src/network_inspectors/appid/service_plugins/service_discovery.cc
+++ b/src/network_inspectors/appid/service_plugins/service_discovery.cc
@@ -681,8 +681,8 @@ bool ServiceDiscovery::do_service_discovery(AppIdSession& asd, Packet* p,
         }
 
         AppIdDnsSession* dsession = asd.get_dns_session();
-        if (asd.service.get_id() == APP_ID_DNS && asd.ctxt.get_odp_ctxt().dns_host_reporting
-            && dsession->get_host())
+        if (dsession and asd.service.get_id() == APP_ID_DNS
+            and asd.ctxt.get_odp_ctxt().dns_host_reporting and dsession->get_host())
         {
             AppId client_id = APP_ID_NONE;
             AppId payload_id = APP_ID_NONE;
diff --git a/src/network_inspectors/appid/test/appid_http_session_test.cc b/src/network_inspectors/appid/test/appid_http_session_test.cc
index dd4bd407b..f6fd78cc0 100644
--- a/src/network_inspectors/appid/test/appid_http_session_test.cc
+++ b/src/network_inspectors/appid/test/appid_http_session_test.cc
@@ -27,6 +27,7 @@
 #include <string>
 
 #include "framework/data_bus.h"
+#include "memory/memory_cap.h"
 #include "protocols/protocol_ids.h"
 #include "service_inspectors/http_inspect/http_msg_header.h"
 #include "tp_appid_module_api.h"
@@ -151,6 +152,8 @@ void Profiler::show_stats() { }
 
 MemoryContext::MemoryContext(MemoryTracker&) { }
 MemoryContext::~MemoryContext() { }
+void memory::MemoryCap::update_allocations(unsigned long) { }
+void memory::MemoryCap::update_deallocations(unsigned long) { }
 
 OdpContext::OdpContext(AppIdConfig&, snort::SnortConfig*) { }
 AppIdConfig::~AppIdConfig() { }
diff --git a/src/network_inspectors/appid/test/appid_mock_session.h b/src/network_inspectors/appid/test/appid_mock_session.h
index ec222b087..52215e22d 100644
--- a/src/network_inspectors/appid/test/appid_mock_session.h
+++ b/src/network_inspectors/appid/test/appid_mock_session.h
@@ -283,13 +283,18 @@ AppIdHttpSession* AppIdSession::get_http_session(uint32_t stream_index)
     return nullptr;
 }
 
-AppIdDnsSession* AppIdSession::get_dns_session()
+AppIdDnsSession* AppIdSession::create_dns_session()
 {
     if ( !dsession )
         dsession = new MockAppIdDnsSession();
     return dsession;
 }
 
+AppIdDnsSession* AppIdSession::get_dns_session()
+{
+    return dsession;
+}
+
 bool AppIdSession::is_tp_appid_done() const
 {
     return true;
-- 
2.47.3