}
}
- sm = s->sm_lists[DETECT_SM_LIST_AMATCH];
KEYWORD_PROFILING_SET_LIST(det_ctx, DETECT_SM_LIST_AMATCH);
- for (match = 0; sm != NULL; sm = sm->next) {
- match = 0;
- if (sigmatch_table[sm->type].AppLayerMatch != NULL) {
- if (alproto == ALPROTO_SMB || alproto == ALPROTO_SMB2) {
- smb_state = (SMBState *)alstate;
- if (smb_state->dcerpc_present) {
+ sm = s->sm_lists[DETECT_SM_LIST_AMATCH];
+ if (sm != NULL) {
+ /* RDLOCK would be nicer, but at least tlsstore needs
+ * write lock currently. */
+ FLOWLOCK_WRLOCK(f);
+
+ for (match = 0; sm != NULL; sm = sm->next) {
+ match = 0;
+ if (sigmatch_table[sm->type].AppLayerMatch != NULL) {
+ if (alproto == ALPROTO_SMB || alproto == ALPROTO_SMB2) {
+ smb_state = (SMBState *)alstate;
+ if (smb_state->dcerpc_present) {
+ KEYWORD_PROFILING_START;
+ match = sigmatch_table[sm->type].
+ AppLayerMatch(tv, det_ctx, f, flags, &smb_state->dcerpc, s, sm);
+ KEYWORD_PROFILING_END(det_ctx, sm->type, (match > 0));
+ }
+ } else {
KEYWORD_PROFILING_START;
match = sigmatch_table[sm->type].
- AppLayerMatch(tv, det_ctx, f, flags, &smb_state->dcerpc, s, sm);
+ AppLayerMatch(tv, det_ctx, f, flags, alstate, s, sm);
KEYWORD_PROFILING_END(det_ctx, sm->type, (match > 0));
}
- } else {
- KEYWORD_PROFILING_START;
- match = sigmatch_table[sm->type].
- AppLayerMatch(tv, det_ctx, f, flags, alstate, s, sm);
- KEYWORD_PROFILING_END(det_ctx, sm->type, (match > 0));
- }
- if (match == 0)
- break;
- if (match == 2) {
- inspect_flags |= DE_STATE_FLAG_SIG_CANT_MATCH;
- break;
+ if (match == 0)
+ break;
+ if (match == 2) {
+ inspect_flags |= DE_STATE_FLAG_SIG_CANT_MATCH;
+ break;
+ }
}
}
- }
- if (s->sm_lists[DETECT_SM_LIST_AMATCH] != NULL) {
+ FLOWLOCK_UNLOCK(f);
+
store_de_state = 1;
if (sm == NULL || inspect_flags & DE_STATE_FLAG_SIG_CANT_MATCH) {
if (match == 1) {
total_matches = 0;
KEYWORD_PROFILING_SET_LIST(det_ctx, DETECT_SM_LIST_AMATCH);
- for (sm = item->nm; sm != NULL; sm = sm->next) {
- if (sigmatch_table[sm->type].AppLayerMatch != NULL)
- {
- if (alproto == ALPROTO_SMB || alproto == ALPROTO_SMB2) {
- smb_state = (SMBState *)alstate;
- if (smb_state->dcerpc_present) {
+ if (item->nm != NULL) {
+ /* RDLOCK would be nicer, but at least tlsstore needs
+ * write lock currently. */
+ FLOWLOCK_WRLOCK(f);
+
+ for (sm = item->nm; sm != NULL; sm = sm->next) {
+ if (sigmatch_table[sm->type].AppLayerMatch != NULL)
+ {
+ if (alproto == ALPROTO_SMB || alproto == ALPROTO_SMB2) {
+ smb_state = (SMBState *)alstate;
+ if (smb_state->dcerpc_present) {
+ KEYWORD_PROFILING_START;
+ match = sigmatch_table[sm->type].
+ AppLayerMatch(tv, det_ctx, f, flags, &smb_state->dcerpc, s, sm);
+ KEYWORD_PROFILING_END(det_ctx, sm->type, (match > 0));
+ }
+ } else {
KEYWORD_PROFILING_START;
match = sigmatch_table[sm->type].
- AppLayerMatch(tv, det_ctx, f, flags, &smb_state->dcerpc, s, sm);
+ AppLayerMatch(tv, det_ctx, f, flags, alstate, s, sm);
KEYWORD_PROFILING_END(det_ctx, sm->type, (match > 0));
}
- } else {
- KEYWORD_PROFILING_START;
- match = sigmatch_table[sm->type].
- AppLayerMatch(tv, det_ctx, f, flags, alstate, s, sm);
- KEYWORD_PROFILING_END(det_ctx, sm->type, (match > 0));
- }
- if (match == 0)
- break;
- else if (match == 2)
- inspect_flags |= DE_STATE_FLAG_SIG_CANT_MATCH;
- else if (match == 1)
- total_matches++;
+ if (match == 0)
+ break;
+ else if (match == 2)
+ inspect_flags |= DE_STATE_FLAG_SIG_CANT_MATCH;
+ else if (match == 1)
+ total_matches++;
+ }
}
+ FLOWLOCK_UNLOCK(f);
}
RULE_PROFILING_END(det_ctx, s, match, p);
projects / thirdparty / suricata.git / commitdiff
