From: Mike Stepanek (mstepane) Date: Thu, 28 Jun 2018 15:38:41 +0000 (-0400) Subject: Merge pull request #1291 in SNORT/snort3 from appid_leaks to master X-Git-Tag: 3.0.0-246~36 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=4cf7b82aa209038d5b9db40ddaca1cd060eeeaf8;p=thirdparty%2Fsnort3.git Merge pull request #1291 in SNORT/snort3 from appid_leaks to master Squashed commit of the following: commit 9b47b3bc433e235ab0d9360452fc7abc7ddb961f Author: deramada Date: Tue Jun 26 09:29:42 2018 -0400 appid: release plugins --- diff --git a/src/network_inspectors/appid/appid_discovery.cc b/src/network_inspectors/appid/appid_discovery.cc index c385be192..5a9390584 100644 --- a/src/network_inspectors/appid/appid_discovery.cc +++ b/src/network_inspectors/appid/appid_discovery.cc @@ -89,6 +89,12 @@ void AppIdDiscovery::finalize_plugins() ClientDiscovery::get_instance().finalize_client_plugins(); } +void AppIdDiscovery::release_plugins() +{ + ServiceDiscovery::release_instance(); + ClientDiscovery::release_instance(); +} + void AppIdDiscovery::tterm() { ClientDiscovery::get_instance().release_thread_resources(); diff --git a/src/network_inspectors/appid/appid_inspector.cc b/src/network_inspectors/appid/appid_inspector.cc index 8a5fb0104..d28fc5cef 100644 --- a/src/network_inspectors/appid/appid_inspector.cc +++ b/src/network_inspectors/appid/appid_inspector.cc @@ -223,6 +223,7 @@ static void appid_inspector_pterm() clean_appid_forecast(); free_length_app_cache(); LuaDetectorManager::terminate(); + AppIdDiscovery::release_plugins(); delete HttpPatternMatchers::get_instance(); service_dns_host_clean(); service_ssl_clean(); diff --git a/src/network_inspectors/appid/client_plugins/client_discovery.cc b/src/network_inspectors/appid/client_plugins/client_discovery.cc index 2bfde41ae..d842a02de 100644 --- a/src/network_inspectors/appid/client_plugins/client_discovery.cc +++ b/src/network_inspectors/appid/client_plugins/client_discovery.cc @@ -54,6 +54,7 @@ using namespace snort; #define MAX_CANDIDATE_CLIENTS 10 +ClientDiscovery* ClientDiscovery::discovery_manager = nullptr; ProfileStats clientMatchPerfStats; THREAD_LOCAL ClientAppMatch* match_free_list = nullptr; @@ -78,10 +79,8 @@ void ClientDiscovery::release_thread_resources() } } -//FIXIT-M: Don't use pointer and pass discovery_manager directly ClientDiscovery& ClientDiscovery::get_instance(AppIdInspector* ins) { - static ClientDiscovery* discovery_manager = nullptr; if (!discovery_manager) { assert(ins); @@ -91,6 +90,13 @@ ClientDiscovery& ClientDiscovery::get_instance(AppIdInspector* ins) return *discovery_manager; } +void ClientDiscovery::release_instance() +{ + assert(discovery_manager); + delete discovery_manager; + discovery_manager = nullptr; + +} void ClientDiscovery::initialize() { new AimClientDetector(this); diff --git a/src/network_inspectors/appid/client_plugins/client_discovery.h b/src/network_inspectors/appid/client_plugins/client_discovery.h index 3c565714a..4d197063d 100644 --- a/src/network_inspectors/appid/client_plugins/client_discovery.h +++ b/src/network_inspectors/appid/client_plugins/client_discovery.h @@ -46,6 +46,7 @@ class ClientDiscovery : public AppIdDiscovery public: ~ClientDiscovery() override; static ClientDiscovery& get_instance(AppIdInspector* ins = nullptr); + static void release_instance(); void finalize_client_plugins(); void release_thread_resources(); @@ -58,6 +59,7 @@ private: ClientAppMatch* find_detector_candidates(const snort::Packet* pkt, IpProtocol); void create_detector_candidates_list(AppIdSession&, snort::Packet*); int get_detector_candidates_list(AppIdSession&, snort::Packet*, AppidSessionDirection direction); + static ClientDiscovery* discovery_manager; }; #endif diff --git a/src/network_inspectors/appid/service_plugins/service_discovery.cc b/src/network_inspectors/appid/service_plugins/service_discovery.cc index 2ebf5bdc9..3dc5ee6a8 100644 --- a/src/network_inspectors/appid/service_plugins/service_discovery.cc +++ b/src/network_inspectors/appid/service_plugins/service_discovery.cc @@ -86,9 +86,9 @@ using namespace snort; -static ServiceDetector* ftp_service; - ProfileStats serviceMatchPerfStats; +static ServiceDetector* ftp_service; +ServiceDiscovery* ServiceDiscovery::discovery_manager = nullptr; ServiceDiscovery::ServiceDiscovery(AppIdInspector& ins) : AppIdDiscovery(ins) @@ -96,10 +96,8 @@ ServiceDiscovery::ServiceDiscovery(AppIdInspector& ins) initialize(); } -//FIXIT-M: Don't use pointer and pass discovery_manager directly ServiceDiscovery& ServiceDiscovery::get_instance(AppIdInspector* ins) { - static ServiceDiscovery* discovery_manager = nullptr; if (!discovery_manager) { assert(ins); @@ -109,6 +107,13 @@ ServiceDiscovery& ServiceDiscovery::get_instance(AppIdInspector* ins) return *discovery_manager; } +void ServiceDiscovery::release_instance() +{ + assert(discovery_manager); + delete discovery_manager; + discovery_manager = nullptr; +} + void ServiceDiscovery::initialize() { new BattleFieldServiceDetector(this); diff --git a/src/network_inspectors/appid/service_plugins/service_discovery.h b/src/network_inspectors/appid/service_plugins/service_discovery.h index a84556793..74844a933 100644 --- a/src/network_inspectors/appid/service_plugins/service_discovery.h +++ b/src/network_inspectors/appid/service_plugins/service_discovery.h @@ -69,6 +69,7 @@ class ServiceDiscovery : public AppIdDiscovery { public: static ServiceDiscovery& get_instance(AppIdInspector* ins = nullptr); + static void release_instance(); void finalize_service_patterns(); int add_service_port(AppIdDetector*, const ServiceDetectorPort&) override; @@ -89,6 +90,7 @@ private: void get_next_service(const snort::Packet*, const AppidSessionDirection dir, AppIdSession&); void get_port_based_services(IpProtocol, uint16_t port, AppIdSession&); void match_by_pattern(AppIdSession&, const snort::Packet*, IpProtocol); + static ServiceDiscovery* discovery_manager; std::vector service_detector_list; std::unordered_map > tcp_services; std::unordered_map > udp_services;