From 7fb58e67831b8dfb5d1ca391c8e99c4f3150142a Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Tue, 24 Oct 2017 12:04:43 +0200 Subject: [PATCH] random: fix random logic with getrandom The older random functions returned random values in the range of 0 - RAND_MAX. This is what the http randomize code was expecting. Newer methods, based on getrandom (or probably Windows too), return a much large range of values, including negative values and >RAND_MAX. This patch adds a wrapper to turn the returned value into the expected range before using it in the http code. The same is true for the stream engine. --- src/app-layer-htp.c | 18 ++++++++++++++---- src/stream-tcp.c | 14 ++++++++++++-- 2 files changed, 26 insertions(+), 6 deletions(-) diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index 1acccae560..d8a3308856 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -2208,6 +2208,16 @@ static void HTPConfigSetDefaultsPhase1(HTPCfgRec *cfg_prec) return; } +/* hack: htp random range code expects random values in range of 0-RAND_MAX, + * but we can get both <0 and >RAND_MAX values from RandomGet + */ +static int RandomGetWrap(void) +{ + long int r = RandomGet(); + int r_int = r % (long int)RAND_MAX; + return abs(r_int); +} + /* * We have this splitup so that in case double decoding has been enabled * for query and path, they would be called first on the callback queue, @@ -2220,12 +2230,12 @@ static void HTPConfigSetDefaultsPhase2(const char *name, HTPCfgRec *cfg_prec) if (cfg_prec->randomize) { int rdrange = cfg_prec->randomize_range; - long int r = RandomGet(); + long int r = RandomGetWrap(); cfg_prec->request.inspect_min_size += (int) (cfg_prec->request.inspect_min_size * (r * 1.0 / RAND_MAX - 0.5) * rdrange / 100); - r = RandomGet(); + r = RandomGetWrap(); cfg_prec->request.inspect_window += (int) (cfg_prec->request.inspect_window * (r * 1.0 / RAND_MAX - 0.5) * rdrange / 100); @@ -2237,12 +2247,12 @@ static void HTPConfigSetDefaultsPhase2(const char *name, HTPCfgRec *cfg_prec) cfg_prec->request.inspect_window); - r = RandomGet(); + r = RandomGetWrap(); cfg_prec->response.inspect_min_size += (int) (cfg_prec->response.inspect_min_size * (r * 1.0 / RAND_MAX - 0.5) * rdrange / 100); - r = RandomGet(); + r = RandomGetWrap(); cfg_prec->response.inspect_window += (int) (cfg_prec->response.inspect_window * (r * 1.0 / RAND_MAX - 0.5) * rdrange / 100); diff --git a/src/stream-tcp.c b/src/stream-tcp.c index d99d0c255d..a2af379cad 100644 --- a/src/stream-tcp.c +++ b/src/stream-tcp.c @@ -312,6 +312,16 @@ int StreamTcpInlineDropInvalid(void) && (stream_config.flags & STREAMTCP_INIT_FLAG_DROP_INVALID)); } +/* hack: stream random range code expects random values in range of 0-RAND_MAX, + * but we can get both <0 and >RAND_MAX values from RandomGet + */ +static int RandomGetWrap(void) +{ + long int r = RandomGet(); + int r_int = r % (long int)RAND_MAX; + return abs(r_int); +} + /** \brief To initialize the stream global configuration data * * \param quiet It tells the mode of operation, if it is TRUE nothing will @@ -540,7 +550,7 @@ void StreamTcpInitConfig(char quiet) } if (randomize) { - long int r = RandomGet(); + long int r = RandomGetWrap(); stream_config.reassembly_toserver_chunk_size += (int) (stream_config.reassembly_toserver_chunk_size * (r * 1.0 / RAND_MAX - 0.5) * rdrange / 100); @@ -562,7 +572,7 @@ void StreamTcpInitConfig(char quiet) } if (randomize) { - long int r = RandomGet(); + long int r = RandomGetWrap(); stream_config.reassembly_toclient_chunk_size += (int) (stream_config.reassembly_toclient_chunk_size * (r * 1.0 / RAND_MAX - 0.5) * rdrange / 100); -- 2.47.2