detect: add more defensive checks for flow handling

author Victor Julien <victor@inliniac.net>

Wed, 30 Apr 2014 07:57:09 +0000 (09:57 +0200)

committer Victor Julien <victor@inliniac.net>

Fri, 2 May 2014 09:43:44 +0000 (11:43 +0200)
author Victor Julien <victor@inliniac.net>
Wed, 30 Apr 2014 07:57:09 +0000 (09:57 +0200)
committer Victor Julien <victor@inliniac.net>
Fri, 2 May 2014 09:43:44 +0000 (11:43 +0200)
diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c

index e60211bf2f82531efc84185239adf85a33df9460..9d7dae1cf83f3a35336a0c497f31e21b87aab7fc 100644 (file)
--- a/src/app-layer-parser.c
+++ b/src/app-layer-parser.c
@@ -502,14 +502,15 @@ uint64_t AppLayerParserGetTransactionLogId(AppLayerParserState *pstate)
  {
      SCEnter();
  
-    SCReturnCT(pstate->log_id, "uint64_t");
+    SCReturnCT((pstate == NULL) ? 0 : pstate->log_id, "uint64_t");
  }
  
  void AppLayerParserSetTransactionLogId(AppLayerParserState *pstate)
  {
      SCEnter();
  
-    pstate->log_id++;
+    if (pstate != NULL)
+        pstate->log_id++;
  
      SCReturn;
  }
@@ -518,6 +519,9 @@ uint64_t AppLayerParserGetTransactionInspectId(AppLayerParserState *pstate, uint
  {
      SCEnter();
  
+    if (pstate == NULL)
+        SCReturnCT(0ULL, "uint64_t");
+
      SCReturnCT(pstate->inspect_id[direction & STREAM_TOSERVER ? 0 : 1], "uint64_t");
  }
  
diff --git a/src/detect-engine-state.c b/src/detect-engine-state.c

index 702f6b2c3db18de5946f3af5e774ca780c773773..74c8ee4e944e2939c0a0e6ab2595d57e84c5c758 100644 (file)
--- a/src/detect-engine-state.c
+++ b/src/detect-engine-state.c
@@ -212,6 +212,11 @@ void DetectEngineStateFree(DetectEngineState *state)
      return;
  }
  
+/**
+ *  \retval 0 no inspectable state
+ *  \retval 1 inspectable state
+ *  \retval 2 inspectable state, but no update
+ */
  int DeStateFlowHasInspectableState(Flow *f, AppProto alproto, uint16_t alversion, uint8_t flags)
  {
      int r = 0;
@@ -220,10 +225,12 @@ int DeStateFlowHasInspectableState(Flow *f, AppProto alproto, uint16_t alversion
      if (f->de_state == NULL || f->de_state->dir_state[flags & STREAM_TOSERVER ? 0 : 1].cnt == 0) {
          if (AppLayerParserProtocolSupportsTxs(f->proto, alproto)) {
              FLOWLOCK_RDLOCK(f);
-            if (AppLayerParserGetTransactionInspectId(f->alparser, flags) >= AppLayerParserGetTxCnt(f->proto, alproto, f->alstate))
-                r = 2;
-            else
-                r = 0;
+            if (f->alparser != NULL && f->alstate != NULL) {
+                if (AppLayerParserGetTransactionInspectId(f->alparser, flags) >=
+                    AppLayerParserGetTxCnt(f->proto, alproto, f->alstate)) {
+                    r = 2;
+                }
+            }
              FLOWLOCK_UNLOCK(f);
          }
      } else if (!(flags & STREAM_EOF) &&
author	Victor Julien <victor@inliniac.net>
	Wed, 30 Apr 2014 07:57:09 +0000 (09:57 +0200)
committer	Victor Julien <victor@inliniac.net>
	Fri, 2 May 2014 09:43:44 +0000 (11:43 +0200)
src/app-layer-parser.c		patch \| blob \| blame \| history
src/detect-engine-state.c		patch \| blob \| blame \| history