src: check retval of VarNameStoreRegister

VarNameStoreRegister can return 0 in case of any error conditions.
Handle this case in all the users of this function. It is an unlikely
event so add branch assistance accordingly.

Bug 8054

diff --git a/src/detect-flowbits.c b/src/detect-flowbits.c
index 6df7e37922dfc99ef76a38ca7ec2057a496c5dcc..deb4197a2a6c19bd5715e996434f8d2c7a3ca0b6 100644 (file)
--- a/src/detect-flowbits.c
+++ b/src/detect-flowbits.c
@@ -134,7 +134,10 @@ static int FlowbitOrAddData(DetectEngineCtx *de_ctx, DetectFlowbitsData *cd, cha
     if (unlikely(cd->or_list == NULL))
         return -1;
     for (uint8_t j = 0; j < cd->or_list_size ; j++) {
-        cd->or_list[j] = VarNameStoreRegister(strarr[j], VAR_TYPE_FLOW_BIT);
+        uint32_t varname_id = VarNameStoreRegister(strarr[j], VAR_TYPE_FLOW_BIT);
+        if (unlikely(varname_id == 0))
+            return -1;
+        cd->or_list[j] = varname_id;
         de_ctx->max_fb_id = MAX(cd->or_list[j], de_ctx->max_fb_id);
     }
 
@@ -349,7 +352,10 @@ int DetectFlowbitSetup (DetectEngineCtx *de_ctx, Signature *s, const char *rawst
         }
         cd->cmd = fb_cmd;
     } else {
-        cd->idx = VarNameStoreRegister(fb_name, VAR_TYPE_FLOW_BIT);
+        uint32_t varname_id = VarNameStoreRegister(fb_name, VAR_TYPE_FLOW_BIT);
+        if (unlikely(varname_id == 0))
+            goto error;
+        cd->idx = varname_id;
         de_ctx->max_fb_id = MAX(cd->idx, de_ctx->max_fb_id);
         cd->cmd = fb_cmd;
         cd->or_list_size = 0;
@@ -1610,6 +1616,7 @@ static int FlowBitsTestSig06(void)
     FAIL_IF_NULL(s);
 
     idx = VarNameStoreRegister("myflow", VAR_TYPE_FLOW_BIT);
+    FAIL_IF_NOT(idx);
     SigGroupBuild(de_ctx);
     DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
 
@@ -1684,6 +1691,7 @@ static int FlowBitsTestSig07(void)
     FAIL_IF_NULL(s);
 
     idx = VarNameStoreRegister("myflow", VAR_TYPE_FLOW_BIT);
+    FAIL_IF_NOT(idx);
     SigGroupBuild(de_ctx);
     DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
 
@@ -1759,6 +1767,7 @@ static int FlowBitsTestSig08(void)
     FAIL_IF_NULL(s);
 
     idx = VarNameStoreRegister("myflow", VAR_TYPE_FLOW_BIT);
+    FAIL_IF_NOT(idx);
     SigGroupBuild(de_ctx);
     DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
 

diff --git a/src/detect-flowint.c b/src/detect-flowint.c
index 6c556f43df644cc1c8c9d6254bdcf2e219da4eee..c813ccbf4e866b7e20c7b5d1ffbe34b79b3cf197 100644 (file)
--- a/src/detect-flowint.c
+++ b/src/detect-flowint.c
@@ -334,7 +334,10 @@ static DetectFlowintData *DetectFlowintParse(DetectEngineCtx *de_ctx, const char
         SCLogError("malloc from strdup failed");
         goto error;
     }
-    sfd->idx = VarNameStoreRegister(varname, VAR_TYPE_FLOW_INT);
+    uint32_t varname_id = VarNameStoreRegister(varname, VAR_TYPE_FLOW_INT);
+    if (unlikely(varname_id == 0))
+        goto error;
+    sfd->idx = varname_id;
     SCLogDebug("sfd->name %s id %u", sfd->name, sfd->idx);
     sfd->modifier = modifier;
 

diff --git a/src/detect-flowvar.c b/src/detect-flowvar.c
index f940b76b6aef93ba08423625689c5dab5fb00d5c..d5396742456fab17df85d0158acc6542272c0e41 100644 (file)
--- a/src/detect-flowvar.c
+++ b/src/detect-flowvar.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2007-2020 Open Information Security Foundation
+/* Copyright (C) 2007-2025 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
@@ -178,7 +178,10 @@ static int DetectFlowvarSetup (DetectEngineCtx *de_ctx, Signature *s, const char
     fd->name = SCStrdup(varname);
     if (unlikely(fd->name == NULL))
         goto error;
-    fd->idx = VarNameStoreRegister(varname, VAR_TYPE_FLOW_VAR);
+    uint32_t varname_id = VarNameStoreRegister(varname, VAR_TYPE_FLOW_VAR);
+    if (unlikely(varname_id == 0))
+        goto error;
+    fd->idx = varname_id;
 
     /* Okay so far so good, lets get this into a SigMatch
      * and put it in the Signature. */

diff --git a/src/detect-hostbits.c b/src/detect-hostbits.c
index b9e209e10a911ed960ea252d7abebafa9c0eee33..036f63234bdf6ba6940139c702e365daab5a8f1e 100644 (file)
--- a/src/detect-hostbits.c
+++ b/src/detect-hostbits.c
@@ -395,7 +395,10 @@ int DetectHostbitSetup (DetectEngineCtx *de_ctx, Signature *s, const char *rawst
     if (unlikely(cd == NULL))
         goto error;
 
-    cd->idx = VarNameStoreRegister(fb_name, VAR_TYPE_HOST_BIT);
+    uint32_t varname_id = VarNameStoreRegister(fb_name, VAR_TYPE_HOST_BIT);
+    if (unlikely(varname_id == 0))
+        goto error;
+    cd->idx = varname_id;
     cd->cmd = fb_cmd;
     cd->tracker = hb_dir;
     cd->type = VAR_TYPE_HOST_BIT;

diff --git a/src/detect-lua.c b/src/detect-lua.c
index 07aaed2d6255c7a37d360c8aee457bf92d9ce7a8..7195c05a37abf3c03d3a63a85ad5048762118c11 100644 (file)
--- a/src/detect-lua.c
+++ b/src/detect-lua.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2007-2024 Open Information Security Foundation
+/* Copyright (C) 2007-2025 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
@@ -575,6 +575,8 @@ static int DetectLuaSetupPrime(DetectEngineCtx *de_ctx, DetectLuaData *ld, const
                     }
 
                     uint32_t idx = VarNameStoreRegister(value, VAR_TYPE_FLOW_VAR);
+                    if (unlikely(idx == 0))
+                        goto error;
                     ld->flowvar[ld->flowvars++] = idx;
                     SCLogDebug("script uses flowvar %u with script id %u", idx, ld->flowvars - 1);
                 }
@@ -597,6 +599,8 @@ static int DetectLuaSetupPrime(DetectEngineCtx *de_ctx, DetectLuaData *ld, const
                     }
 
                     uint32_t idx = VarNameStoreRegister(value, VAR_TYPE_FLOW_INT);
+                    if (unlikely(idx == 0))
+                        goto error;
                     ld->flowint[ld->flowints++] = idx;
                     SCLogDebug("script uses flowint %u with script id %u", idx, ld->flowints - 1);
                 }

diff --git a/src/detect-pcre.c b/src/detect-pcre.c
index 30f29774987f4083b0f303bd0aaec4b07afc5812..58c36ae022439c8d7929ebd3d3d1461eecc26950 100644 (file)
--- a/src/detect-pcre.c
+++ b/src/detect-pcre.c
@@ -815,21 +815,30 @@ static int DetectPcreParseCapture(const char *regexstr, DetectEngineCtx *de_ctx,
                 return -1;
 
             } else if (strncmp(name_array[name_idx], "flow:", 5) == 0) {
-                pd->capids[pd->idx] =
+                uint32_t varname_id =
                         VarNameStoreRegister(name_array[name_idx] + 5, VAR_TYPE_FLOW_VAR);
+                if (unlikely(varname_id == 0))
+                    return -1;
+                pd->capids[pd->idx] = varname_id;
                 pd->captypes[pd->idx] = VAR_TYPE_FLOW_VAR;
                 pd->idx++;
 
             } else if (strncmp(name_array[name_idx], "pkt:", 4) == 0) {
-                pd->capids[pd->idx] =
+                uint32_t varname_id =
                         VarNameStoreRegister(name_array[name_idx] + 4, VAR_TYPE_PKT_VAR);
+                if (unlikely(varname_id == 0))
+                    return -1;
+                pd->capids[pd->idx] = varname_id;
                 pd->captypes[pd->idx] = VAR_TYPE_PKT_VAR;
                 SCLogDebug("id %u type %u", pd->capids[pd->idx], pd->captypes[pd->idx]);
                 pd->idx++;
 
             } else if (strncmp(name_array[name_idx], "alert:", 6) == 0) {
-                pd->capids[pd->idx] =
+                uint32_t varname_id =
                         VarNameStoreRegister(name_array[name_idx] + 6, VAR_TYPE_ALERT_VAR);
+                if (unlikely(varname_id == 0))
+                    return -1;
+                pd->capids[pd->idx] = varname_id;
                 pd->captypes[pd->idx] = VAR_TYPE_ALERT_VAR;
                 pd->idx++;
 
@@ -890,16 +899,25 @@ static int DetectPcreParseCapture(const char *regexstr, DetectEngineCtx *de_ctx,
         }
 
         if (strcmp(type_str, "pkt") == 0) {
-            pd->capids[pd->idx] = VarNameStoreRegister((char *)capture_str, VAR_TYPE_PKT_VAR);
+            uint32_t varname_id = VarNameStoreRegister((char *)capture_str, VAR_TYPE_PKT_VAR);
+            if (unlikely(varname_id == 0))
+                return -1;
+            pd->capids[pd->idx] = varname_id;
             pd->captypes[pd->idx] = VAR_TYPE_PKT_VAR;
             SCLogDebug("id %u type %u", pd->capids[pd->idx], pd->captypes[pd->idx]);
             pd->idx++;
         } else if (strcmp(type_str, "flow") == 0) {
-            pd->capids[pd->idx] = VarNameStoreRegister((char *)capture_str, VAR_TYPE_FLOW_VAR);
+            uint32_t varname_id = VarNameStoreRegister((char *)capture_str, VAR_TYPE_FLOW_VAR);
+            if (unlikely(varname_id == 0))
+                return -1;
+            pd->capids[pd->idx] = varname_id;
             pd->captypes[pd->idx] = VAR_TYPE_FLOW_VAR;
             pd->idx++;
         } else if (strcmp(type_str, "alert") == 0) {
-            pd->capids[pd->idx] = VarNameStoreRegister((char *)capture_str, VAR_TYPE_ALERT_VAR);
+            uint32_t varname_id = VarNameStoreRegister((char *)capture_str, VAR_TYPE_ALERT_VAR);
+            if (unlikely(varname_id == 0))
+                return -1;
+            pd->capids[pd->idx] = varname_id;
             pd->captypes[pd->idx] = VAR_TYPE_ALERT_VAR;
             pd->idx++;
         }

diff --git a/src/detect-pktvar.c b/src/detect-pktvar.c
index 7b3eb477578a6d3b3ed20503a224b57b2a14b7c1..96290d16c423e7d58d0ae14097b4db07e6584b1c 100644 (file)
--- a/src/detect-pktvar.c
+++ b/src/detect-pktvar.c
@@ -94,7 +94,7 @@ static int DetectPktvarSetup (DetectEngineCtx *de_ctx, Signature *s, const char
     size_t pcre2_len;
     uint8_t *content = NULL;
     uint16_t len = 0;
-
+    DetectPktvarData *cd = NULL;
     pcre2_match_data *match = NULL;
     int ret = DetectParsePcreExec(&parse_regex, &match, rawstr, 0, 0);
     if (ret != 3) {
@@ -138,7 +138,7 @@ static int DetectPktvarSetup (DetectEngineCtx *de_ctx, Signature *s, const char
     }
     pcre2_substring_free((PCRE2_UCHAR8 *)varcontent);
 
-    DetectPktvarData *cd = SCCalloc(1, sizeof(DetectPktvarData));
+    cd = SCCalloc(1, sizeof(DetectPktvarData));
     if (unlikely(cd == NULL)) {
         pcre2_substring_free((PCRE2_UCHAR8 *)varname);
         SCFree(content);
@@ -147,7 +147,10 @@ static int DetectPktvarSetup (DetectEngineCtx *de_ctx, Signature *s, const char
 
     cd->content = content;
     cd->content_len = len;
-    cd->id = VarNameStoreRegister(varname, VAR_TYPE_PKT_VAR);
+    uint32_t varname_id = VarNameStoreRegister(varname, VAR_TYPE_PKT_VAR);
+    if (unlikely(varname_id == 0))
+        goto error;
+    cd->id = varname_id;
     pcre2_substring_free((PCRE2_UCHAR8 *)varname);
 
     /* Okay so far so good, lets get this into a SigMatch
@@ -161,6 +164,7 @@ static int DetectPktvarSetup (DetectEngineCtx *de_ctx, Signature *s, const char
     return 0;
 
 error:
+    DetectPktvarFree(de_ctx, cd);
     if (match) {
         pcre2_match_data_free(match);
     }

diff --git a/src/detect-xbits.c b/src/detect-xbits.c
index 4056c3e496b561e83b5eb1b5e2ef3a253cec69d8..06ca78346f47041bfc9174a4aba803a7c6818dbd 100644 (file)
--- a/src/detect-xbits.c
+++ b/src/detect-xbits.c
@@ -368,7 +368,10 @@ static int DetectXbitParse(DetectEngineCtx *de_ctx,
     if (unlikely(cd == NULL))
         return -1;
 
-    cd->idx = VarNameStoreRegister(fb_name, var_type);
+    uint32_t varname_id = VarNameStoreRegister(fb_name, var_type);
+    if (unlikely(varname_id == 0))
+        goto error;
+    cd->idx = varname_id;
     cd->cmd = fb_cmd;
     cd->tracker = hb_dir;
     cd->type = var_type;