From 83067e5a5588f46ed614f2626f7353e84a15634d Mon Sep 17 00:00:00 2001 From: Jeff Lucovsky Date: Mon, 24 May 2021 08:01:58 -0400 Subject: [PATCH] decode: Eliminate NULL pkt checks This commit removes the NULL pkt check that each decoder performs as this is a "can't happen" case. --- src/decode-chdlc.c | 7 ++++--- src/decode-erspan.c | 5 ++++- src/decode-esp.c | 8 +++++++- src/decode-ethernet.c | 7 ++++--- src/decode-geneve.c | 5 ++++- src/decode-gre.c | 5 +++-- src/decode-mpls.c | 6 +++++- src/decode-nsh.c | 3 ++- src/decode-null.c | 5 ++++- src/decode-ppp.c | 7 ++++--- src/decode-pppoe.c | 11 ++++++----- src/decode-raw.c | 5 ++++- src/decode-sctp.c | 6 +++++- src/decode-sll.c | 8 +++++--- src/decode-template.c | 6 +++++- src/decode-teredo.c | 6 +++++- src/decode-vlan.c | 9 ++++++--- src/decode-vntag.c | 6 +++--- src/decode-vxlan.c | 3 ++- 19 files changed, 82 insertions(+), 36 deletions(-) diff --git a/src/decode-chdlc.c b/src/decode-chdlc.c index 4607eb0a1c..171f662f75 100644 --- a/src/decode-chdlc.c +++ b/src/decode-chdlc.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2020 Open Information Security Foundation +/* Copyright (C) 2020-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -35,12 +35,15 @@ #include "decode-chdlc.h" #include "decode-events.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" int DecodeCHDLC(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_chdlc); if (unlikely(len < CHDLC_HEADER_LEN)) { @@ -56,8 +59,6 @@ int DecodeCHDLC(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, } CHDLCHdr *hdr = (CHDLCHdr *)pkt; - if (unlikely(hdr == NULL)) - return TM_ECODE_FAILED; SCLogDebug("p %p pkt %p ether type %04x", p, pkt, SCNtohs(hdr->protocol)); diff --git a/src/decode-erspan.c b/src/decode-erspan.c index ab326a0d62..b5a5a722f7 100644 --- a/src/decode-erspan.c +++ b/src/decode-erspan.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2020 Open Information Security Foundation +/* Copyright (C) 2020-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -36,6 +36,7 @@ #include "decode-events.h" #include "decode-erspan.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" @@ -74,6 +75,8 @@ int DecodeERSPANTypeI(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, */ int DecodeERSPAN(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_erspan); if (len < sizeof(ErspanHdr)) { diff --git a/src/decode-esp.c b/src/decode-esp.c index 2057679675..1dd5b739b0 100644 --- a/src/decode-esp.c +++ b/src/decode-esp.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2020 Open Information Security Foundation +/* Copyright (C) 2020-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -31,8 +31,12 @@ #include "decode-esp.h" #include "flow.h" +#include "util-validate.h" + static int DecodeESPPacket(ThreadVars *tv, Packet *p, const uint8_t *pkt, uint16_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + if (unlikely(len < ESP_HEADER_LEN)) { ENGINE_SET_INVALID_EVENT(p, ESP_PKT_TOO_SMALL); return -1; @@ -59,6 +63,8 @@ static int DecodeESPPacket(ThreadVars *tv, Packet *p, const uint8_t *pkt, uint16 */ int DecodeESP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_esp); if (!PacketIncreaseCheckLayers(p)) { diff --git a/src/decode-ethernet.c b/src/decode-ethernet.c index 556f5ed338..71b4e85163 100644 --- a/src/decode-ethernet.c +++ b/src/decode-ethernet.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2014 Open Information Security Foundation +/* Copyright (C) 2007-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -35,12 +35,15 @@ #include "decode-ethernet.h" #include "decode-events.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" int DecodeEthernet(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_eth); if (unlikely(len < ETHERNET_HEADER_LEN)) { @@ -52,8 +55,6 @@ int DecodeEthernet(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, return TM_ECODE_FAILED; } p->ethh = (EthernetHdr *)pkt; - if (unlikely(p->ethh == NULL)) - return TM_ECODE_FAILED; SCLogDebug("p %p pkt %p ether type %04x", p, pkt, SCNtohs(p->ethh->eth_type)); diff --git a/src/decode-geneve.c b/src/decode-geneve.c index 88c6ade825..485970b67c 100644 --- a/src/decode-geneve.c +++ b/src/decode-geneve.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2020 Open Information Security Foundation +/* Copyright (C) 2020-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -35,6 +35,7 @@ #include "flow.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" @@ -183,6 +184,8 @@ static inline bool IsHeaderLengthConsistentWithOptions(const GeneveHeader *genev */ int DecodeGeneve(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + const GeneveHeader *geneve_hdr = (const GeneveHeader *)pkt; uint16_t eth_type, geneve_hdr_len; diff --git a/src/decode-gre.c b/src/decode-gre.c index 078b9bfae5..02307ec535 100644 --- a/src/decode-gre.c +++ b/src/decode-gre.c @@ -36,6 +36,7 @@ #include "decode-events.h" #include "decode-gre.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" @@ -45,6 +46,8 @@ int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + uint32_t header_len = GRE_HDR_LEN; GRESreHdr *gsre = NULL; @@ -59,8 +62,6 @@ int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *p } p->greh = (GREHdr *)pkt; - if(p->greh == NULL) - return TM_ECODE_FAILED; SCLogDebug("p %p pkt %p GRE protocol %04x Len: %d GRE version %x", p, pkt, GRE_GET_PROTO(p->greh), len,GRE_GET_VERSION(p->greh)); diff --git a/src/decode-mpls.c b/src/decode-mpls.c index 6de6e49e2d..0ce06c8468 100644 --- a/src/decode-mpls.c +++ b/src/decode-mpls.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2014 Open Information Security Foundation +/* Copyright (C) 2014-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -25,6 +25,8 @@ #include "suricata-common.h" #include "decode.h" + +#include "util-validate.h" #include "util-unittest.h" #define MPLS_HEADER_LEN 4 @@ -47,6 +49,8 @@ int DecodeMPLS(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + uint32_t shim; int label; int event = 0; diff --git a/src/decode-nsh.c b/src/decode-nsh.c index f3dd542ee6..23f8ddd24f 100644 --- a/src/decode-nsh.c +++ b/src/decode-nsh.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2020 Open Information Security Foundation +/* Copyright (C) 2020-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -35,6 +35,7 @@ #include "decode-events.h" #include "decode-nsh.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" diff --git a/src/decode-null.c b/src/decode-null.c index b4420f89aa..94daae54b9 100644 --- a/src/decode-null.c +++ b/src/decode-null.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2015 Open Information Security Foundation +/* Copyright (C) 2015-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -36,6 +36,7 @@ #include "decode-raw.h" #include "decode-events.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" @@ -48,6 +49,8 @@ int DecodeNull(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_null); if (unlikely(len < HDR_SIZE)) { diff --git a/src/decode-ppp.c b/src/decode-ppp.c index 7cb311c4f5..3ece93f741 100644 --- a/src/decode-ppp.c +++ b/src/decode-ppp.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2013 Open Information Security Foundation +/* Copyright (C) 2007-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -37,12 +37,15 @@ #include "flow.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" int DecodePPP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_ppp); if (unlikely(len < PPP_HEADER_LEN)) { @@ -54,8 +57,6 @@ int DecodePPP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, } p->ppph = (PPPHdr *)pkt; - if (unlikely(p->ppph == NULL)) - return TM_ECODE_FAILED; SCLogDebug("p %p pkt %p PPP protocol %04x Len: %" PRIu32 "", p, pkt, SCNtohs(p->ppph->protocol), len); diff --git a/src/decode-pppoe.c b/src/decode-pppoe.c index eef6629949..fe49f22d64 100644 --- a/src/decode-pppoe.c +++ b/src/decode-pppoe.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2013 Open Information Security Foundation +/* Copyright (C) 2007-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -41,6 +41,7 @@ #include "flow.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" @@ -50,6 +51,8 @@ int DecodePPPOEDiscovery(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_pppoe); if (len < PPPOE_DISCOVERY_HEADER_MIN_LEN) { @@ -58,8 +61,6 @@ int DecodePPPOEDiscovery(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, } p->pppoedh = (PPPOEDiscoveryHdr *)pkt; - if (p->pppoedh == NULL) - return TM_ECODE_FAILED; /* parse the PPPOE code */ switch (p->pppoedh->pppoe_code) @@ -130,6 +131,8 @@ int DecodePPPOEDiscovery(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, int DecodePPPOESession(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_pppoe); if (len < PPPOE_SESSION_HEADER_LEN) { @@ -138,8 +141,6 @@ int DecodePPPOESession(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, } p->pppoesh = (PPPOESessionHdr *)pkt; - if (p->pppoesh == NULL) - return TM_ECODE_FAILED; SCLogDebug("PPPOE VERSION %" PRIu32 " TYPE %" PRIu32 " CODE %" PRIu32 " SESSIONID %" PRIu32 " LENGTH %" PRIu32 "", PPPOE_SESSION_GET_VERSION(p->pppoesh), PPPOE_SESSION_GET_TYPE(p->pppoesh), p->pppoesh->pppoe_code, SCNtohs(p->pppoesh->session_id), SCNtohs(p->pppoesh->pppoe_length)); diff --git a/src/decode-raw.c b/src/decode-raw.c index 1b9f9eb2b6..094273d806 100644 --- a/src/decode-raw.c +++ b/src/decode-raw.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2013 Open Information Security Foundation +/* Copyright (C) 2007-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -35,6 +35,7 @@ #include "decode-raw.h" #include "decode-events.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" @@ -46,6 +47,8 @@ int DecodeRaw(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_raw); /* If it is ipv4 or ipv6 it should at least be the size of ipv4 */ diff --git a/src/decode-sctp.c b/src/decode-sctp.c index 0346dfb3e2..9a6c4e8ead 100644 --- a/src/decode-sctp.c +++ b/src/decode-sctp.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2011 Open Information Security Foundation +/* Copyright (C) 2011-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -34,6 +34,8 @@ #include "decode.h" #include "decode-sctp.h" #include "decode-events.h" + +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" #include "util-optimize.h" @@ -41,6 +43,8 @@ static int DecodeSCTPPacket(ThreadVars *tv, Packet *p, const uint8_t *pkt, uint16_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + if (unlikely(len < SCTP_HEADER_LEN)) { ENGINE_SET_INVALID_EVENT(p, SCTP_PKT_TOO_SMALL); return -1; diff --git a/src/decode-sll.c b/src/decode-sll.c index 7bfe5799d2..f26950fffe 100644 --- a/src/decode-sll.c +++ b/src/decode-sll.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2010 Open Information Security Foundation +/* Copyright (C) 2007-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -34,11 +34,15 @@ #include "decode.h" #include "decode-sll.h" #include "decode-events.h" + +#include "util-validate.h" #include "util-debug.h" int DecodeSll(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_sll); if (unlikely(len < SLL_HEADER_LEN)) { @@ -50,8 +54,6 @@ int DecodeSll(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, } SllHdr *sllh = (SllHdr *)pkt; - if (unlikely(sllh == NULL)) - return TM_ECODE_FAILED; SCLogDebug("p %p pkt %p sll_protocol %04x", p, pkt, SCNtohs(sllh->sll_protocol)); diff --git a/src/decode-template.c b/src/decode-template.c index 15091df78a..32a8955bba 100644 --- a/src/decode-template.c +++ b/src/decode-template.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2015-2018 Open Information Security Foundation +/* Copyright (C) 2015-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -36,6 +36,8 @@ #include "decode-events.h" #include "decode-template.h" +#include "util-validate.h" + /** * \brief Function to decode TEMPLATE packets * \param tv thread vars @@ -49,6 +51,8 @@ int DecodeTEMPLATE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + /* TODO add counter for your type of packet to DecodeThreadVars, * and register it in DecodeRegisterPerfCounters */ //StatsIncr(tv, dtv->counter_template); diff --git a/src/decode-teredo.c b/src/decode-teredo.c index 6206311579..194d09a92e 100644 --- a/src/decode-teredo.c +++ b/src/decode-teredo.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2012-2020 Open Information Security Foundation +/* Copyright (C) 2012-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -36,6 +36,8 @@ #include "decode.h" #include "decode-ipv6.h" #include "decode-teredo.h" + +#include "util-validate.h" #include "util-debug.h" #include "conf.h" #include "detect-engine-port.h" @@ -124,6 +126,8 @@ void DecodeTeredoConfig(void) int DecodeTeredo(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + if (!g_teredo_enabled) return TM_ECODE_FAILED; diff --git a/src/decode-vlan.c b/src/decode-vlan.c index aba0ec93fc..c9358a652e 100644 --- a/src/decode-vlan.c +++ b/src/decode-vlan.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2013 Open Information Security Foundation +/* Copyright (C) 2007-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -37,6 +37,7 @@ #include "flow.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" @@ -59,6 +60,8 @@ int DecodeVLAN(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + uint32_t proto; if (p->vlan_idx == 0) @@ -79,8 +82,6 @@ int DecodeVLAN(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, } VLANHdr *vlan_hdr = (VLANHdr *)pkt; - if(vlan_hdr == NULL) - return TM_ECODE_FAILED; proto = GET_VLAN_PROTO(vlan_hdr); @@ -120,6 +121,8 @@ typedef struct IEEE8021ahHdr_ { int DecodeIEEE8021ah(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_ieee8021ah); if (len < IEEE8021AH_HEADER_LEN) { diff --git a/src/decode-vntag.c b/src/decode-vntag.c index b7963238bb..637784cdac 100644 --- a/src/decode-vntag.c +++ b/src/decode-vntag.c @@ -36,6 +36,7 @@ #include "flow.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" @@ -52,11 +53,12 @@ * \param p pointer to the packet struct * \param pkt pointer to the raw packet * \param len packet len - * \param pq pointer to the packet queue * */ int DecodeVNTag(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len) { + DEBUG_VALIDATE_BUG_ON(pkt == NULL); + StatsIncr(tv, dtv->counter_vntag); if (len < VNTAG_HEADER_LEN) { @@ -69,8 +71,6 @@ int DecodeVNTag(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t } VNTagHdr *vntag_hdr = (VNTagHdr *)pkt; - if (vntag_hdr == NULL) - return TM_ECODE_FAILED; uint16_t proto = GET_VNTAG_PROTO(vntag_hdr); diff --git a/src/decode-vxlan.c b/src/decode-vxlan.c index f5d754de09..e08a4873c0 100644 --- a/src/decode-vxlan.c +++ b/src/decode-vxlan.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2019 Open Information Security Foundation +/* Copyright (C) 2019-2021 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -35,6 +35,7 @@ #include "flow.h" +#include "util-validate.h" #include "util-unittest.h" #include "util-debug.h" -- 2.47.2