From: Tom Peters (thopeter) Date: Tue, 12 Jun 2018 18:29:39 +0000 (-0400) Subject: Merge pull request #1260 in SNORT/snort3 from snort_namespace_sweep to master X-Git-Tag: 3.0.0-246~56 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6f21ee2047c403420bcabe24edd2bbd4d1da91e0;p=thirdparty%2Fsnort3.git Merge pull request #1260 in SNORT/snort3 from snort_namespace_sweep to master Squashed commit of the following: commit dbcef856c2243ded126485e50515f964c2d61b48 Author: davis mcpherson Date: Fri Mar 16 06:55:42 2018 -0400 snort: wrap snort SO_PUBLIC symbols in the snort namespace --- diff --git a/src/connectors/file_connector/test/file_connector_module_test.cc b/src/connectors/file_connector/test/file_connector_module_test.cc index 08301667a..3be5aa459 100644 --- a/src/connectors/file_connector/test/file_connector_module_test.cc +++ b/src/connectors/file_connector/test/file_connector_module_test.cc @@ -40,8 +40,11 @@ void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } +namespace snort +{ char* snort_strdup(const char* s) { return strdup(s); } +} TEST_GROUP(file_connector_module) { diff --git a/src/connectors/file_connector/test/file_connector_test.cc b/src/connectors/file_connector/test/file_connector_test.cc index 0fd7170e7..b4415f465 100644 --- a/src/connectors/file_connector/test/file_connector_test.cc +++ b/src/connectors/file_connector/test/file_connector_test.cc @@ -54,8 +54,11 @@ void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } +namespace snort +{ const char* get_instance_file(std::string& file, const char* name) { file += name; return nullptr; } +} FileConnectorModule::FileConnectorModule() : Module("FC", "FC Help", nullptr) diff --git a/src/connectors/tcp_connector/test/tcp_connector_module_test.cc b/src/connectors/tcp_connector/test/tcp_connector_module_test.cc index 4d356e800..5d873bfac 100644 --- a/src/connectors/tcp_connector/test/tcp_connector_module_test.cc +++ b/src/connectors/tcp_connector/test/tcp_connector_module_test.cc @@ -40,8 +40,11 @@ void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } +namespace snort +{ char* snort_strdup(const char* s) { return strdup(s); } +} TEST_GROUP(tcp_connector_module) { diff --git a/src/connectors/tcp_connector/test/tcp_connector_test.cc b/src/connectors/tcp_connector/test/tcp_connector_test.cc index c99a0af64..4691219a2 100644 --- a/src/connectors/tcp_connector/test/tcp_connector_test.cc +++ b/src/connectors/tcp_connector/test/tcp_connector_test.cc @@ -71,11 +71,14 @@ void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } +namespace snort +{ unsigned get_instance_id() { return s_instance; } void ErrorMessage(const char*, ...) { } void LogMessage(const char*, ...) { } +} int connect (int, const struct sockaddr*, socklen_t) { return s_connect_return; } ssize_t send (int, const void*, size_t n, int) diff --git a/src/decompress/file_decomp.cc b/src/decompress/file_decomp.cc index 57c12d494..51dc02020 100644 --- a/src/decompress/file_decomp.cc +++ b/src/decompress/file_decomp.cc @@ -36,6 +36,8 @@ #include "catch/snort_catch.h" #endif +using namespace snort; + static const char PDF_Sig[5] = { '%', 'P', 'D', 'F', '-' }; static const char SWF_ZLIB_Sig[3] = { 'C', 'W', 'S' }; #ifdef HAVE_LZMA @@ -229,6 +231,8 @@ static fd_status_t Process_Decompression(fd_session_t* SessionPtr) return( Ret_Code ); } +namespace snort +{ /* The caller provides Compr_Depth, Decompr_Depth and Modes in the session object. Based on the requested Modes, gear=up to initialize the potential decompressors. */ fd_status_t File_Decomp_Init(fd_session_t* SessionPtr) @@ -390,6 +394,8 @@ void File_Decomp_Alert(fd_session_t* SessionPtr, int Event) (SessionPtr->Alert_Callback)(SessionPtr->Alert_Context, Event); } +} // namespace snort + //-------------------------------------------------------------------------- // unit tests //-------------------------------------------------------------------------- diff --git a/src/decompress/file_decomp.h b/src/decompress/file_decomp.h index 032dc9c5e..0b9e01e9b 100644 --- a/src/decompress/file_decomp.h +++ b/src/decompress/file_decomp.h @@ -271,7 +271,8 @@ inline bool Move_N(fd_session_t* SessionPtr, uint16_t N) } /* API Functions */ - +namespace snort +{ /* Create a new decompression session object */ SO_PUBLIC fd_session_t* File_Decomp_New(); @@ -295,5 +296,6 @@ SO_PUBLIC void File_Decomp_Free(fd_session_t*); /* Call the error alerting call-back function */ SO_PUBLIC void File_Decomp_Alert(fd_session_t*, int Event); +} #endif diff --git a/src/decompress/file_decomp_pdf.cc b/src/decompress/file_decomp_pdf.cc index 5ae26b116..5be86a960 100644 --- a/src/decompress/file_decomp_pdf.cc +++ b/src/decompress/file_decomp_pdf.cc @@ -33,6 +33,8 @@ #include "catch/snort_catch.h" #endif +using namespace snort; + /* Define characters and tokens in PDF grammar */ #define TOK_STRM_OPEN "stream" #define TOK_STRM_CLOSE "endstream" diff --git a/src/decompress/file_decomp_swf.cc b/src/decompress/file_decomp_swf.cc index 99f9b3d1d..245fabac7 100644 --- a/src/decompress/file_decomp_swf.cc +++ b/src/decompress/file_decomp_swf.cc @@ -30,6 +30,8 @@ #include "catch/snort_catch.h" #endif +using namespace snort; + #ifdef HAVE_LZMA #define LZMA_HEADER_LEN (13) #define LZMA_PRP_OFFSET (0) diff --git a/src/detection/detection_options.h b/src/detection/detection_options.h index 1f6d4ade2..0aec198b7 100644 --- a/src/detection/detection_options.h +++ b/src/detection/detection_options.h @@ -43,9 +43,9 @@ namespace snort { struct Packet; struct SnortConfig; +struct XHash; } struct RuleLatencyState; -struct XHash; typedef int (* eval_func_t)(void* option_data, class Cursor&, snort::Packet*); @@ -124,11 +124,11 @@ void* add_detection_option_tree(struct snort::SnortConfig*, detection_option_tre int detection_option_node_evaluate( detection_option_tree_node_t*, detection_option_eval_data_t*, class Cursor&); -void DetectionHashTableFree(XHash*); -void DetectionTreeHashTableFree(XHash*); +void DetectionHashTableFree(snort::XHash*); +void DetectionTreeHashTableFree(snort::XHash*); void print_option_tree(detection_option_tree_node_t*, int level); -void detection_option_tree_update_otn_stats(XHash*); +void detection_option_tree_update_otn_stats(snort::XHash*); detection_option_tree_root_t* new_root(OptTreeNode*); void free_detection_option_root(void** existing_tree); diff --git a/src/detection/fp_create.cc b/src/detection/fp_create.cc index 1ad01c015..fcceb2014 100644 --- a/src/detection/fp_create.cc +++ b/src/detection/fp_create.cc @@ -650,7 +650,7 @@ static int fpCreateInitRuleMap( /* Process src PORT groups */ if ( src ) { - for ( GHashNode* node=ghash_findfirst(src->pt_mpxo_hash); + for ( GHashNode* node = ghash_findfirst(src->pt_mpxo_hash); node; node=ghash_findnext(src->pt_mpxo_hash) ) { diff --git a/src/detection/service_map.h b/src/detection/service_map.h index 60394982f..3840f02cc 100644 --- a/src/detection/service_map.h +++ b/src/detection/service_map.h @@ -35,15 +35,15 @@ namespace snort { struct SnortConfig; +struct GHash; } struct PortGroup; -struct GHash; // Service Rule Map Master Table struct srmm_table_t { - GHash* to_srv[SNORT_PROTO_MAX]; - GHash* to_cli[SNORT_PROTO_MAX]; + snort::GHash* to_srv[SNORT_PROTO_MAX]; + snort::GHash* to_cli[SNORT_PROTO_MAX]; }; srmm_table_t* ServiceMapNew(); diff --git a/src/detection/signature.h b/src/detection/signature.h index afe453f2d..0bb7acfe5 100644 --- a/src/detection/signature.h +++ b/src/detection/signature.h @@ -31,11 +31,11 @@ namespace snort { +struct GHash; struct SnortConfig; } struct OptTreeNode; -struct GHash; /* this contains a list of the URLs for various reference systems */ struct ReferenceSystemNode @@ -107,11 +107,11 @@ struct SigInfo Target target; }; -GHash* OtnLookupNew(); -void OtnLookupAdd(GHash*, OptTreeNode*); -OptTreeNode* OtnLookup(GHash*, uint32_t gid, uint32_t sid); -void OtnLookupFree(GHash*); -void OtnRemove(GHash*, OptTreeNode*); +snort::GHash* OtnLookupNew(); +void OtnLookupAdd(snort::GHash*, OptTreeNode*); +OptTreeNode* OtnLookup(snort::GHash*, uint32_t gid, uint32_t sid); +void OtnLookupFree(snort::GHash*); +void OtnRemove(snort::GHash*, OptTreeNode*); void OtnDeleteData(void* data); void OtnFree(void* data); diff --git a/src/detection/treenodes.cc b/src/detection/treenodes.cc index a514e5370..060f42218 100644 --- a/src/detection/treenodes.cc +++ b/src/detection/treenodes.cc @@ -84,6 +84,8 @@ void* get_rule_type_data(OptTreeNode* otn, const char* name) return nullptr; } +namespace snort +{ bool otn_has_plugin(OptTreeNode* otn, const char* name) { OptFpList* fpl = otn->opt_func; @@ -100,4 +102,4 @@ bool otn_has_plugin(OptTreeNode* otn, const char* name) } return false; } - +} diff --git a/src/detection/treenodes.h b/src/detection/treenodes.h index ab9484dc5..1d766fea0 100644 --- a/src/detection/treenodes.h +++ b/src/detection/treenodes.h @@ -164,7 +164,10 @@ OptFpList* AddOptFuncToList(RuleOptEvalFunc, OptTreeNode*); void* get_rule_type_data(OptTreeNode*, const char* name); +namespace snort +{ SO_PUBLIC bool otn_has_plugin(OptTreeNode* otn, const char* name); +} inline bool otn_has_plugin(OptTreeNode* otn, int id) { return (otn->plugins & (0x1 << id)) != 0; } diff --git a/src/file_api/file_cache.cc b/src/file_api/file_cache.cc index 6b9aabd0d..4880b511a 100644 --- a/src/file_api/file_cache.cc +++ b/src/file_api/file_cache.cc @@ -119,7 +119,7 @@ FileContext* FileCache::add(const FileHashKey& hashKey, int64_t timeout) * after that anyway because the file that * caused this will be gone. */ - time_t now = packet_time(); + time_t now = snort::packet_time(); new_node.expires = now + timeout; new_node.file = new FileContext; diff --git a/src/file_api/file_cache.h b/src/file_api/file_cache.h index 50f66f0e2..a7cbc7b3f 100644 --- a/src/file_api/file_cache.h +++ b/src/file_api/file_cache.h @@ -28,8 +28,11 @@ #include "file_config.h" +namespace snort +{ struct XHash; struct XHashNode; +} class FileCache { @@ -72,7 +75,7 @@ private: int store_verdict(snort::Flow*, snort::FileInfo*, int64_t timeout); /* The hash table of expected files */ - XHash* fileHash = nullptr; + snort::XHash* fileHash = nullptr; int64_t block_timeout = DEFAULT_FILE_BLOCK_TIMEOUT; int64_t lookup_timeout = DEFAULT_FILE_LOOKUP_TIMEOUT; int64_t max_files = DEFAULT_MAX_FILES_CACHED; diff --git a/src/file_api/file_identifier.cc b/src/file_api/file_identifier.cc index 5f2f7ae64..3e3e56817 100644 --- a/src/file_api/file_identifier.cc +++ b/src/file_api/file_identifier.cc @@ -39,6 +39,8 @@ #include "catch/snort_catch.h" #endif +using namespace snort; + struct MergeNode { IdentifierNode* shared_node; /*the node that is shared*/ @@ -66,7 +68,7 @@ void FileMagicRule::clear() void FileIdentifier::init_merge_hash() { - identifier_merge_hash = ghash_new(1000, sizeof(MergeNode), 0, nullptr); + identifier_merge_hash = snort::ghash_new(1000, sizeof(MergeNode), 0, nullptr); assert(identifier_merge_hash); } diff --git a/src/file_api/file_identifier.h b/src/file_api/file_identifier.h index fe7152f38..ef454279b 100644 --- a/src/file_api/file_identifier.h +++ b/src/file_api/file_identifier.h @@ -103,7 +103,7 @@ private: /*properties*/ IdentifierNode* identifier_root = nullptr; /*Root of magic tries*/ uint32_t memory_used = 0; /*Track memory usage*/ - GHash* identifier_merge_hash = nullptr; + snort::GHash* identifier_merge_hash = nullptr; FileMagicRule file_magic_rules[FILE_ID_MAX + 1]; IDMemoryBlocks id_memory_blocks; }; diff --git a/src/file_api/file_mempool.cc b/src/file_api/file_mempool.cc index ec8867c96..543608551 100644 --- a/src/file_api/file_mempool.cc +++ b/src/file_api/file_mempool.cc @@ -34,6 +34,8 @@ #include "log/messages.h" #include "utils/util.h" +using namespace snort; + /*This magic is used for double free detection*/ #define FREE_MAGIC 0x2525252525252525 diff --git a/src/file_api/file_stats.cc b/src/file_api/file_stats.cc index 6552b9e86..325cb14b3 100644 --- a/src/file_api/file_stats.cc +++ b/src/file_api/file_stats.cc @@ -36,6 +36,8 @@ #include "file_capture.h" +using namespace snort; + THREAD_LOCAL FileCounts file_counts; THREAD_LOCAL FileStats* file_stats = nullptr; diff --git a/src/filters/detection_filter.cc b/src/filters/detection_filter.cc index 0f0ac0c96..ad693add9 100644 --- a/src/filters/detection_filter.cc +++ b/src/filters/detection_filter.cc @@ -30,6 +30,8 @@ #include "sfthd.h" +using namespace snort; + static THREAD_LOCAL XHash* detection_filter_hash = nullptr; DetectionFilterConfig* DetectionFilterConfigNew() @@ -96,7 +98,7 @@ void detection_filter_term() if ( !detection_filter_hash ) return; - xhash_delete(detection_filter_hash); + snort::xhash_delete(detection_filter_hash); detection_filter_hash = nullptr; } diff --git a/src/filters/rate_filter.cc b/src/filters/rate_filter.cc index 10ba4311b..63c556a21 100644 --- a/src/filters/rate_filter.cc +++ b/src/filters/rate_filter.cc @@ -35,6 +35,8 @@ #include "sfrf.h" +using namespace snort; + //static int _printThresholdContext(RateFilterConfig*); RateFilterConfig* RateFilter_ConfigNew() diff --git a/src/filters/sfrf.cc b/src/filters/sfrf.cc index 50bce1e15..f147092c2 100644 --- a/src/filters/sfrf.cc +++ b/src/filters/sfrf.cc @@ -35,6 +35,8 @@ #include "utils/sflsq.h" #include "utils/util.h" +using namespace snort; + // Number of hash rows for gid 1 (rules) #define SFRF_GEN_ID_1_ROWS 4096 // Number of hash rows for non-zero gid diff --git a/src/filters/sfrf.h b/src/filters/sfrf.h index 0ca545efa..444d13285 100644 --- a/src/filters/sfrf.h +++ b/src/filters/sfrf.h @@ -137,7 +137,7 @@ struct RateFilterConfig /* Array of hash, indexed by gid. Each array element is a hash, which * is keyed on sid/policyId and data is a tSFRFSidNode node. */ - struct GHash* genHash [SFRF_MAX_GENID]; + struct snort::GHash* genHash [SFRF_MAX_GENID]; // Number of DOS thresholds added. int count; diff --git a/src/filters/sfthd.cc b/src/filters/sfthd.cc index e7bb15654..d9f8ccaae 100644 --- a/src/filters/sfthd.cc +++ b/src/filters/sfthd.cc @@ -42,6 +42,8 @@ #include "utils/sflsq.h" #include "utils/util.h" +using namespace snort; + // Debug Printing //#define THD_DEBUG diff --git a/src/filters/sfthd.h b/src/filters/sfthd.h index 08cced047..1f9b5d29c 100644 --- a/src/filters/sfthd.h +++ b/src/filters/sfthd.h @@ -29,10 +29,11 @@ namespace snort { -struct SnortConfig; -} struct GHash; struct XHash; +struct SnortConfig; +} + typedef struct sf_list SF_LIST; /*! @@ -185,14 +186,14 @@ struct tThdItemKey */ struct THD_STRUCT { - XHash* ip_nodes; /* Global hash of active IP's key=THD_IP_NODE_KEY, data=THD_IP_NODE */ - XHash* ip_gnodes; /* Global hash of active IP's key=THD_IP_GNODE_KEY, data=THD_IP_GNODE */ + snort::XHash* ip_nodes; /* Global hash of active IP's key=THD_IP_NODE_KEY, data=THD_IP_NODE */ + snort::XHash* ip_gnodes; /* Global hash of active IP's key=THD_IP_GNODE_KEY, data=THD_IP_GNODE */ }; struct ThresholdObjects { int count; /* Total number of thresholding/suppression objects */ - GHash* sfthd_array[THD_MAX_GENID]; /* Local Hash of THD_ITEM nodes, lookup by key=sig_id + snort::GHash* sfthd_array[THD_MAX_GENID]; /* Local Hash of THD_ITEM nodes, lookup by key=sig_id */ /* Double array of THD_NODE pointers. First index is policyId and therefore variable length. @@ -212,13 +213,13 @@ struct ThresholdObjects // lbytes = local threshold memcap // gbytes = global threshold memcap (0 to disable global) THD_STRUCT* sfthd_new(unsigned lbytes, unsigned gbytes); -XHash* sfthd_local_new(unsigned bytes); -XHash* sfthd_global_new(unsigned bytes); +snort::XHash* sfthd_local_new(unsigned bytes); +snort::XHash* sfthd_global_new(unsigned bytes); void sfthd_free(THD_STRUCT*); ThresholdObjects* sfthd_objs_new(); void sfthd_objs_free(ThresholdObjects*); -int sfthd_test_rule(XHash* rule_hash, THD_NODE* sfthd_node, +int sfthd_test_rule(snort::XHash* rule_hash, THD_NODE* sfthd_node, const snort::SfIp* sip, const snort::SfIp* dip, long curtime); THD_NODE* sfthd_create_rule_threshold( @@ -240,9 +241,9 @@ int sfthd_create_threshold(snort::SnortConfig*, ThresholdObjects*, unsigned gen_ int sfthd_test_threshold(ThresholdObjects*, THD_STRUCT*, unsigned gen_id, unsigned sig_id, const snort::SfIp* sip, const snort::SfIp* dip, long curtime); -XHash* sfthd_new_hash(unsigned, size_t, size_t); +snort::XHash* sfthd_new_hash(unsigned, size_t, size_t); -int sfthd_test_local(XHash* local_hash, THD_NODE* sfthd_node, const snort::SfIp* sip, +int sfthd_test_local(snort::XHash* local_hash, THD_NODE* sfthd_node, const snort::SfIp* sip, const snort::SfIp* dip, time_t curtime); #ifdef THD_DEBUG diff --git a/src/filters/sfthd_test.cc b/src/filters/sfthd_test.cc index bc99caf1a..d10b87d16 100644 --- a/src/filters/sfthd_test.cc +++ b/src/filters/sfthd_test.cc @@ -29,6 +29,8 @@ #include "sfthd.h" +using namespace snort; + //--------------------------------------------------------------- #define IP_ANY nullptr // used to get "unset" diff --git a/src/flow/ha_module.h b/src/flow/ha_module.h index 2e38066f3..9bf35fe4a 100644 --- a/src/flow/ha_module.h +++ b/src/flow/ha_module.h @@ -55,7 +55,7 @@ public: { return (PegCount*)&ha_stats; } const PegInfo* get_pegs() const override - { return simple_pegs; } + { return snort::simple_pegs; } snort::ProfileStats* get_profile() const override; diff --git a/src/flow/test/ha_module_test.cc b/src/flow/test/ha_module_test.cc index 68cf340df..71eebbc6c 100644 --- a/src/flow/test/ha_module_test.cc +++ b/src/flow/test/ha_module_test.cc @@ -35,8 +35,6 @@ using namespace snort; -void LogMessage(const char*,...) { } - THREAD_LOCAL SimpleStats ha_stats; THREAD_LOCAL ProfileStats ha_perf_stats; @@ -44,9 +42,12 @@ void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } +namespace snort +{ +void LogMessage(const char*,...) { } void ParseWarning(WarningGroup, const char*, ...) { } - char* snort_strdup(const char* str) { return strdup(str); } +} static bool s_port_1_set = false; static bool s_use_daq = false; diff --git a/src/flow/test/ha_test.cc b/src/flow/test/ha_test.cc index 5fd264458..f522f5ef1 100644 --- a/src/flow/test/ha_test.cc +++ b/src/flow/test/ha_test.cc @@ -152,8 +152,11 @@ void Stream::delete_flow(const FlowKey* flowkey) s_delete_session_called = true; } +namespace snort +{ void ErrorMessage(const char*,...) { } void LogMessage(const char*,...) { } +} void packet_gettimeofday(struct timeval* tv) { *tv = s_packet_time; } diff --git a/src/framework/counts.h b/src/framework/counts.h index fc109f326..b52a99926 100644 --- a/src/framework/counts.h +++ b/src/framework/counts.h @@ -49,7 +49,11 @@ struct PegInfo const char* help; }; + +namespace snort +{ SO_PUBLIC extern const struct PegInfo simple_pegs[]; +} // namespace snort #define array_size(a) (sizeof(a)/sizeof((a)[0])) diff --git a/src/framework/endianness.h b/src/framework/endianness.h index 72c9a6b38..59442d7fb 100644 --- a/src/framework/endianness.h +++ b/src/framework/endianness.h @@ -23,6 +23,8 @@ #include "main/snort_types.h" +namespace snort +{ class SO_PUBLIC Endianness { public: @@ -30,6 +32,6 @@ public: virtual ~Endianness() = default; virtual bool get_offset_endianness(int32_t offset, uint8_t& endian) = 0; }; - +} #endif diff --git a/src/framework/module.cc b/src/framework/module.cc index 5138007fe..c2cf7cdf0 100644 --- a/src/framework/module.cc +++ b/src/framework/module.cc @@ -196,15 +196,17 @@ bool Module::verified_end(const char* fqn, int idx, SnortConfig* c) return end(fqn, idx, c); } -const PegInfo simple_pegs[] = -{ - { CountType::SUM, "packets", "total packets" }, - { CountType::END, nullptr, nullptr } -}; - void Module::enable_trace() { if ( trace ) *trace = 1; } +namespace snort +{ +const PegInfo simple_pegs[] = +{ + { CountType::SUM, "packets", "total packets" }, + { CountType::END, nullptr, nullptr } +}; +} diff --git a/src/framework/range.cc b/src/framework/range.cc index a47696b4c..c65f7d5f1 100644 --- a/src/framework/range.cc +++ b/src/framework/range.cc @@ -32,6 +32,7 @@ #include "catch/snort_catch.h" #endif +using namespace snort; using namespace std; //-------------------------------------------------------------------------- diff --git a/src/framework/range.h b/src/framework/range.h index 01b9d23a9..fa324fab3 100644 --- a/src/framework/range.h +++ b/src/framework/range.h @@ -32,6 +32,8 @@ // <=> for dsize style and >< for icode style so rule options // can coerce <> if needed for backwards compatibility +namespace snort +{ class SO_PUBLIC RangeCheck { public: @@ -56,6 +58,6 @@ public: bool eval(long) const; bool validate(const char* s, const char* r); }; - +} #endif diff --git a/src/hash/ghash.cc b/src/hash/ghash.cc index be3b7aa41..20e259ed0 100644 --- a/src/hash/ghash.cc +++ b/src/hash/ghash.cc @@ -65,6 +65,8 @@ #include "hashfcn.h" #include "primetable.h" +namespace snort +{ /* * * Create a new hash table @@ -506,3 +508,4 @@ int ghash_set_keyops(GHash* h, return hashfcn_set_keyops(h->hashfcn, hash_fcn, keycmp_fcn); } +} diff --git a/src/hash/ghash.h b/src/hash/ghash.h index e85a2ec75..b0ef52772 100644 --- a/src/hash/ghash.h +++ b/src/hash/ghash.h @@ -28,6 +28,9 @@ struct HashFnc; +namespace snort +{ + #define GHASH_NOMEM (-2) #define GHASH_ERR (-1) #define GHASH_OK 0 @@ -74,6 +77,6 @@ SO_PUBLIC GHashNode* ghash_findnext(GHash*); SO_PUBLIC int ghash_set_keyops(GHash*, unsigned (* hash_fcn)(HashFnc* p, const unsigned char* d, int n), int (* keycmp_fcn)(const void* s1, const void* s2, size_t n)); - +} #endif diff --git a/src/hash/hashes.cc b/src/hash/hashes.cc index 9910f1522..28b3cf036 100644 --- a/src/hash/hashes.cc +++ b/src/hash/hashes.cc @@ -26,6 +26,8 @@ #include #include +namespace snort +{ void sha256(const unsigned char* data, size_t size, unsigned char* digest) { SHA256_CTX c; @@ -50,3 +52,4 @@ void md5(const unsigned char* data, size_t size, unsigned char* digest) MD5_Final(digest, &c); } +} diff --git a/src/hash/hashes.h b/src/hash/hashes.h index cbabf3054..9dba5bdbf 100644 --- a/src/hash/hashes.h +++ b/src/hash/hashes.h @@ -22,6 +22,8 @@ #include "main/snort_types.h" +namespace snort +{ #define MD5_HASH_SIZE 16 #define SHA256_HASH_SIZE 32 #define SHA512_HASH_SIZE 64 @@ -31,6 +33,6 @@ SO_PUBLIC void md5(const unsigned char* data, size_t size, unsigned char* digest); SO_PUBLIC void sha256(const unsigned char* data, size_t size, unsigned char* digest); SO_PUBLIC void sha512(const unsigned char* data, size_t size, unsigned char* digest); - +} #endif diff --git a/src/hash/hashfcn.cc b/src/hash/hashfcn.cc index 331679352..65b5b4935 100644 --- a/src/hash/hashfcn.cc +++ b/src/hash/hashfcn.cc @@ -114,6 +114,8 @@ int hashfcn_set_keyops(HashFnc* h, return -1; } +namespace snort +{ void mix_str( uint32_t& a, uint32_t& b, uint32_t& c, const char* s, unsigned n) @@ -204,4 +206,4 @@ size_t str_to_hash(const uint8_t *str, int length ) finalize(a,b,c); return c; } - +} //namespace snort diff --git a/src/hash/hashfcn.h b/src/hash/hashfcn.h index 6c2729a91..f88776b21 100644 --- a/src/hash/hashfcn.h +++ b/src/hash/hashfcn.h @@ -45,12 +45,15 @@ (c) ^= (b); (c) -= rot(b,24); \ } +namespace snort +{ SO_PUBLIC void mix_str( uint32_t& a, uint32_t& b, uint32_t& c, // n == 0 => strlen(s) const char* s, unsigned n = 0); SO_PUBLIC size_t str_to_hash(const uint8_t *str, int length); +} struct HashFnc { diff --git a/src/hash/xhash.cc b/src/hash/xhash.cc index cad27dd87..91860376d 100644 --- a/src/hash/xhash.cc +++ b/src/hash/xhash.cc @@ -97,6 +97,8 @@ #include "utils/util.h" #include "hashfcn.h" +using namespace snort; + /* * Implements XHash as specialized hash container */ @@ -124,6 +126,8 @@ static int xhash_nearest_powerof2(int nrows) return nrows; } +namespace snort +{ /* * Create a new hash table * @@ -1023,6 +1027,7 @@ void xhash_set_keyops(XHash* h, hash_func hash_fcn, keycmp_func keycmp_fcn) assert(h and hash_fcn and keycmp_fcn); hashfcn_set_keyops(h->hashfcn, hash_fcn, keycmp_fcn); } +} // namespace snort /* * ----------------------------------------------------------------------------------------- diff --git a/src/hash/xhash.h b/src/hash/xhash.h index 67c1d8c1f..6a3583d32 100644 --- a/src/hash/xhash.h +++ b/src/hash/xhash.h @@ -30,6 +30,8 @@ struct HashFnc; +namespace snort +{ #define XHASH_NOMEM (-2) #define XHASH_ERR (-1) #define XHASH_OK 0 @@ -155,6 +157,6 @@ SO_PUBLIC void xhash_set_keyops(XHash* h, hash_func, keycmp_func); SO_PUBLIC XHashNode* xhash_gfindfirst(XHash* t); SO_PUBLIC XHashNode* xhash_gfindnext(XHash* t); - +} // namespace snort #endif diff --git a/src/helpers/base64_encoder.cc b/src/helpers/base64_encoder.cc index 0b8ce6ddd..ca427fb06 100644 --- a/src/helpers/base64_encoder.cc +++ b/src/helpers/base64_encoder.cc @@ -34,6 +34,8 @@ #include "catch/snort_catch.h" #endif +using namespace snort; + static inline char b64(uint8_t idx) { static const char* encoding = diff --git a/src/helpers/base64_encoder.h b/src/helpers/base64_encoder.h index 78a414f07..1e7abf194 100644 --- a/src/helpers/base64_encoder.h +++ b/src/helpers/base64_encoder.h @@ -30,6 +30,8 @@ #include #include "main/snort_types.h" +namespace snort +{ class SO_PUBLIC Base64Encoder { public: @@ -47,6 +49,6 @@ private: Steps step; uint8_t state; }; - +} #endif diff --git a/src/helpers/chunk.cc b/src/helpers/chunk.cc index dced8fb61..33d2f52d9 100644 --- a/src/helpers/chunk.cc +++ b/src/helpers/chunk.cc @@ -45,21 +45,21 @@ bool init_chunk( if ( luaL_loadbuffer(L, chunk.c_str(), chunk.size(), name) ) { - ParseError("%s luajit failed to load chunk %s", name, lua_tostring(L, -1)); + snort::ParseError("%s luajit failed to load chunk %s", name, lua_tostring(L, -1)); return false; } // now exec the chunk to define functions etc in L if ( lua_pcall(L, 0, 0, 0) ) { - ParseError("%s luajit failed to init chunk %s", name, lua_tostring(L, -1)); + snort::ParseError("%s luajit failed to init chunk %s", name, lua_tostring(L, -1)); return false; } // load the args table if ( luaL_dostring(L, args.c_str()) ) { - ParseError("%s luajit failed to init args %s", name, lua_tostring(L, -1)); + snort::ParseError("%s luajit failed to init args %s", name, lua_tostring(L, -1)); return false; } @@ -71,10 +71,10 @@ bool init_chunk( return true; if ( lua_pcall(L, 0, 1, 0) || lua_type(L, -1) == LUA_TSTRING ) - ParseError("%s %s", name, lua_tostring(L, -1)); + snort::ParseError("%s %s", name, lua_tostring(L, -1)); else if ( !lua_toboolean(L, -1) ) - ParseError("%s init() returned false", name); + snort::ParseError("%s init() returned false", name); else return true; diff --git a/src/helpers/process.cc b/src/helpers/process.cc index cd253379d..69fdd04d7 100644 --- a/src/helpers/process.cc +++ b/src/helpers/process.cc @@ -41,6 +41,7 @@ #include "markup.h" #include "ring.h" +using namespace snort; using namespace std; #ifndef SIGNAL_SNORT_RELOAD diff --git a/src/host_tracker/test/host_cache_module_test.cc b/src/host_tracker/test/host_cache_module_test.cc index e1e2c03bb..213c13757 100644 --- a/src/host_tracker/test/host_cache_module_test.cc +++ b/src/host_tracker/test/host_cache_module_test.cc @@ -34,10 +34,15 @@ using namespace snort; +namespace snort +{ // Fakes to avoid bringing in a ton of dependencies. SnortProtocolId ProtocolReference::add(char const*) { return 0; } SnortProtocolId ProtocolReference::find(char const*) { return 0; } SnortConfig* SnortConfig::get_conf() { return nullptr; } +char* snort_strdup(const char* s) +{ return strdup(s); } +} void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } @@ -45,9 +50,6 @@ void show_stats(PegCount*, const PegInfo*, unsigned, const char*) void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } -char* snort_strdup(const char* s) -{ return strdup(s); } - #define FRAG_POLICY 33 #define STREAM_POLICY 100 diff --git a/src/host_tracker/test/host_cache_test.cc b/src/host_tracker/test/host_cache_test.cc index 18ab34239..d147f5388 100644 --- a/src/host_tracker/test/host_cache_test.cc +++ b/src/host_tracker/test/host_cache_test.cc @@ -32,18 +32,16 @@ using namespace snort; +namespace snort +{ SnortConfig s_conf; THREAD_LOCAL SnortConfig* snort_conf = &s_conf; - SnortConfig::SnortConfig(const SnortConfig* const) { } - SnortConfig::~SnortConfig() = default; - SnortConfig* SnortConfig::get_conf() { return snort_conf; } SnortProtocolId ProtocolReference::find(char const*) { return 0; } - SnortProtocolId ProtocolReference::add(const char* protocol) { if (!strcmp("servicename", protocol)) @@ -57,6 +55,7 @@ char* snort_strdup(const char* str) { return strdup(str); } +} TEST_GROUP(host_cache) { diff --git a/src/host_tracker/test/host_tracker_module_test.cc b/src/host_tracker/test/host_tracker_module_test.cc index 905520c5b..9660f2773 100644 --- a/src/host_tracker/test/host_tracker_module_test.cc +++ b/src/host_tracker/test/host_tracker_module_test.cc @@ -33,10 +33,10 @@ using namespace snort; +namespace snort +{ SnortConfig* SnortConfig::get_conf() { return nullptr; } - SnortProtocolId ProtocolReference::find(char const*) { return 0; } - SnortProtocolId ProtocolReference::add(const char* protocol) { if (!strcmp("servicename", protocol)) @@ -46,15 +46,13 @@ SnortProtocolId ProtocolReference::add(const char* protocol) return 1; } -// Fake show_stats to avoid bringing in a ton of dependencies. -void show_stats(PegCount*, const PegInfo*, unsigned, const char*) -{ } - -void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) -{ } - char* snort_strdup(const char* s) { return strdup(s); } +} + +// Fake show_stats to avoid bringing in a ton of dependencies. +void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } +void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } #define FRAG_POLICY 33 #define STREAM_POLICY 100 diff --git a/src/host_tracker/test/host_tracker_test.cc b/src/host_tracker/test/host_tracker_test.cc index 67fb15807..2a73c0251 100644 --- a/src/host_tracker/test/host_tracker_test.cc +++ b/src/host_tracker/test/host_tracker_test.cc @@ -30,10 +30,11 @@ using namespace snort; +namespace snort +{ // Fake snort_strdup() because sfutil dependencies suck char* snort_strdup(const char* str) -{ - return strdup(str); +{ return strdup(str); } } TEST_GROUP(host_tracker) diff --git a/src/ips_options/asn1_detect.cc b/src/ips_options/asn1_detect.cc index 0819d5f4b..fb7519640 100644 --- a/src/ips_options/asn1_detect.cc +++ b/src/ips_options/asn1_detect.cc @@ -325,9 +325,7 @@ int Asn1DoDetect(const uint8_t* data, uint16_t dsize, ASN1_CTXT* ctxt, const uin { case REL_OFFSET: if (!rel_ptr) - { return 0; - } /* ** Check that it is in bounds first. @@ -336,16 +334,12 @@ int Asn1DoDetect(const uint8_t* data, uint16_t dsize, ASN1_CTXT* ctxt, const uin ** Bound checked also after offset is applied */ if (!inBounds(start, end + 1, rel_ptr)) - { return 0; - } offset = rel_ptr+ctxt->offset; if (!inBounds(start, end, offset)) - { return 0; - } break; @@ -354,9 +348,7 @@ int Asn1DoDetect(const uint8_t* data, uint16_t dsize, ASN1_CTXT* ctxt, const uin offset = start+ctxt->offset; if (!inBounds(start, end, offset)) - { return 0; - } break; } @@ -369,9 +361,7 @@ int Asn1DoDetect(const uint8_t* data, uint16_t dsize, ASN1_CTXT* ctxt, const uin iRet = asn1_decode(offset, size, &asn1); if (iRet && !asn1) - { return 0; - } /* ** Let's do detection now. diff --git a/src/ips_options/extract.cc b/src/ips_options/extract.cc index 541cad150..abd20544c 100644 --- a/src/ips_options/extract.cc +++ b/src/ips_options/extract.cc @@ -36,6 +36,7 @@ #include "catch/snort_catch.h" #endif +using namespace snort; using namespace std; /* Storage for extracted variables */ @@ -43,6 +44,8 @@ static string variable_names[NUM_IPS_OPTIONS_VARS]; static THREAD_LOCAL uint32_t extracted_values[NUM_IPS_OPTIONS_VARS]; static THREAD_LOCAL uint8_t extracted_values_cnt = 0; +namespace snort +{ /* Given a variable name, retrieve its index.*/ int8_t GetVarByName(const char* name) { @@ -296,6 +299,8 @@ uint8_t numBytesInBitmask(uint32_t bitmask_value) return num_bytes; } +} // namespace snort + #ifdef UNIT_TEST TEST_CASE("ips options bitmask utils") { diff --git a/src/ips_options/extract.h b/src/ips_options/extract.h index a20064229..953902665 100644 --- a/src/ips_options/extract.h +++ b/src/ips_options/extract.h @@ -34,6 +34,8 @@ #define IPS_OPTIONS_NO_VAR (-1) #define INVALID_VAR_ERR_STR "%s uses an undefined rule option variable (%s)" +namespace snort +{ SO_PUBLIC int string_extract( int bytes_to_grab, int base, const uint8_t* ptr, const uint8_t* start, const uint8_t* end, uint32_t* value); @@ -55,6 +57,6 @@ SO_PUBLIC void ClearIpsOptionsVars(); // Used during eval SO_PUBLIC int GetVarValueByIndex(uint32_t* dst, uint8_t var_number); SO_PUBLIC int SetVarValueByIndex(uint32_t value, uint8_t var_number); - +} #endif diff --git a/src/ips_options/ips_content.cc b/src/ips_options/ips_content.cc index e45a83a6f..3c2bbbfc8 100644 --- a/src/ips_options/ips_content.cc +++ b/src/ips_options/ips_content.cc @@ -75,7 +75,7 @@ void ContentData::init() void ContentData::setup_bm() { - skip_stride = make_skip(pmd.pattern_buf, pmd.pattern_size); + skip_stride = snort::make_skip(pmd.pattern_buf, pmd.pattern_size); shift_stride = make_shift(pmd.pattern_buf, pmd.pattern_size); } diff --git a/src/ips_options/test/ips_regex_test.cc b/src/ips_options/test/ips_regex_test.cc index 87c3a70ea..24ac001a7 100644 --- a/src/ips_options/test/ips_regex_test.cc +++ b/src/ips_options/test/ips_regex_test.cc @@ -41,15 +41,12 @@ using namespace snort; // stubs, spies, etc. //------------------------------------------------------------------------- -extern const BaseApi* ips_regex; - -void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } +namespace snort +{ void mix_str(uint32_t& a, uint32_t&, uint32_t&, const char* s, unsigned) { a += strlen(s); } -namespace snort -{ SnortConfig s_conf; THREAD_LOCAL SnortConfig* snort_conf = &s_conf; @@ -80,10 +77,6 @@ SnortConfig* SnortConfig::get_conf() Packet::Packet(bool) { } Packet::~Packet() = default; -} - -Cursor::Cursor(Packet* p) -{ set("pkt_data", p->data, p->dsize); } static unsigned s_parse_errors = 0; @@ -93,13 +86,20 @@ void ParseError(const char*, ...) unsigned get_instance_id() { return 0; } +char* snort_strdup(const char* s) +{ return strdup(s); } + MemoryContext::MemoryContext(MemoryTracker&) { } MemoryContext::~MemoryContext() = default; +} -void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } +extern const BaseApi* ips_regex; -char* snort_strdup(const char* s) -{ return strdup(s); } +Cursor::Cursor(Packet* p) +{ set("pkt_data", p->data, p->dsize); } + +void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } +void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } //------------------------------------------------------------------------- // helpers @@ -275,8 +275,6 @@ TEST_GROUP(ips_regex_option) void setup() override { - // FIXIT-L cpputest hangs or crashes in the leak detector - MemoryLeakWarningPlugin::turnOffNewDeleteOverloads(); opt = get_option(" foo "); scratch_setup(snort_conf); } @@ -286,7 +284,6 @@ TEST_GROUP(ips_regex_option) api->dtor(opt); scratch_cleanup(snort_conf); api->pterm(snort_conf); - MemoryLeakWarningPlugin::turnOnNewDeleteOverloads(); } }; @@ -349,8 +346,6 @@ TEST_GROUP(ips_regex_option_relative) void setup() override { - // FIXIT-L cpputest hangs or crashes in the leak detector - MemoryLeakWarningPlugin::turnOffNewDeleteOverloads(); opt = get_option("\\bfoo", true); scratch_setup(snort_conf); } @@ -359,7 +354,6 @@ TEST_GROUP(ips_regex_option_relative) IpsApi* api = (IpsApi*)ips_regex; api->dtor(opt); scratch_cleanup(snort_conf); - MemoryLeakWarningPlugin::turnOnNewDeleteOverloads(); } }; @@ -383,6 +377,8 @@ TEST(ips_regex_option_relative, no_match) int main(int argc, char** argv) { + // FIXIT-L cpputest hangs or crashes in the leak detector + MemoryLeakWarningPlugin::turnOffNewDeleteOverloads(); return CommandLineTestRunner::RunAllTests(argc, argv); } diff --git a/src/log/messages.cc b/src/log/messages.cc index f244f66ab..cc97271cd 100644 --- a/src/log/messages.cc +++ b/src/log/messages.cc @@ -61,11 +61,13 @@ static void log_message(FILE* file, const char* type, const char* msg) get_parse_location(file_name, file_line); if ( file_line ) - LogMessage(file, "%s: %s:%d %s\n", type, file_name, file_line, msg); + snort::LogMessage(file, "%s: %s:%d %s\n", type, file_name, file_line, msg); else - LogMessage(file, "%s: %s\n", type, msg); + snort::LogMessage(file, "%s: %s\n", type, msg); } +namespace snort +{ void ParseMessage(const char* format, ...) { char buf[STD_BUF+1]; @@ -311,4 +313,5 @@ NORETURN_ASSERT void log_safec_error(const char* msg, void*, int e) assert(false); } +} //namespace snort diff --git a/src/log/messages.h b/src/log/messages.h index 6b304cdee..8df6155fc 100644 --- a/src/log/messages.h +++ b/src/log/messages.h @@ -48,6 +48,8 @@ enum WarningGroup unsigned get_parse_errors(); unsigned get_parse_warnings(); +namespace snort +{ SO_PUBLIC void ParseMessage(const char*, ...) __attribute__((format (printf, 1, 2))); SO_PUBLIC void ParseWarning(WarningGroup, const char*, ...) __attribute__((format (printf, 2, 3))); SO_PUBLIC void ParseError(const char*, ...) __attribute__((format (printf, 1, 2))); @@ -94,6 +96,7 @@ private: unsigned max; unsigned idx; }; +} #endif diff --git a/src/log/obfuscator.cc b/src/log/obfuscator.cc index 1f62a922b..b9062266f 100644 --- a/src/log/obfuscator.cc +++ b/src/log/obfuscator.cc @@ -24,6 +24,8 @@ #include "obfuscator.h" +using namespace snort; + bool Obfuscator::first(ObfuscatorBlock &b) { if ( blocks.empty() ) diff --git a/src/log/obfuscator.h b/src/log/obfuscator.h index f93e2e9ef..edc3e6860 100644 --- a/src/log/obfuscator.h +++ b/src/log/obfuscator.h @@ -27,6 +27,8 @@ #include "main/snort_types.h" +namespace snort +{ struct ObfuscatorBlock { // Only used by `class Obfuscator` @@ -74,6 +76,7 @@ private: iterator it; static const char mask_char = 'X'; }; +} #endif diff --git a/src/log/test/obfuscator_test.cc b/src/log/test/obfuscator_test.cc index 4cf7fa5ba..594d6443e 100644 --- a/src/log/test/obfuscator_test.cc +++ b/src/log/test/obfuscator_test.cc @@ -29,6 +29,8 @@ #include #include +using namespace snort; + TEST_GROUP(ObfuscatorTests) { }; diff --git a/src/log/text_log.cc b/src/log/text_log.cc index 1fcccb8df..b37c48df1 100644 --- a/src/log/text_log.cc +++ b/src/log/text_log.cc @@ -39,6 +39,8 @@ #include "log.h" +using namespace snort; + /* a reasonable minimum */ #define MIN_BUF (4* K_BYTES) #define STDLOG_FILENO 3 @@ -99,6 +101,8 @@ int TextLog_Tell(TextLog* const txt) return txt->pos; } +namespace snort +{ int TextLog_Avail(TextLog* const txt) { return txt->maxBuf - txt->pos - 1; @@ -306,4 +310,4 @@ bool TextLog_Quote(TextLog* const txt, const char* qs) return true; } - +} // namespace snort diff --git a/src/log/text_log.h b/src/log/text_log.h index 76ab7a5e7..94ba3dfad 100644 --- a/src/log/text_log.h +++ b/src/log/text_log.h @@ -46,6 +46,8 @@ // or some such to get stdout or syslog struct TextLog; +namespace snort +{ SO_PUBLIC TextLog* TextLog_Init( const char* name, unsigned int maxBuf = 0, size_t maxFile = 0); SO_PUBLIC void TextLog_Term(TextLog*); @@ -59,6 +61,7 @@ SO_PUBLIC bool TextLog_Flush(TextLog* const); SO_PUBLIC int TextLog_Tell(TextLog* const); SO_PUBLIC int TextLog_Avail(TextLog* const); SO_PUBLIC void TextLog_Reset(TextLog* const); +} // namespace snort /*------------------------------------------------------------------- * helper functions @@ -66,12 +69,12 @@ SO_PUBLIC void TextLog_Reset(TextLog* const); */ inline bool TextLog_NewLine(TextLog* const txt) { - return TextLog_Putc(txt, '\n'); + return snort::TextLog_Putc(txt, '\n'); } inline bool TextLog_Puts(TextLog* const txt, const char* str) { - return TextLog_Write(txt, str, strlen(str)); + return snort::TextLog_Write(txt, str, strlen(str)); } #endif diff --git a/src/lua/lua.cc b/src/lua/lua.cc index 682536776..da8be5ec7 100644 --- a/src/lua/lua.cc +++ b/src/lua/lua.cc @@ -35,7 +35,7 @@ State::State(bool openlibs) state = luaL_newstate(); if ( !state ) - FatalError("Lua state instantiation failed\n"); + snort::FatalError("Lua state instantiation failed\n"); if ( openlibs ) luaL_openlibs(state); diff --git a/src/main/analyzer_command.cc b/src/main/analyzer_command.cc index e50f022c0..06ce4d30e 100644 --- a/src/main/analyzer_command.cc +++ b/src/main/analyzer_command.cc @@ -96,7 +96,7 @@ ACSwap::~ACSwap() { delete ps; Swapper::set_reload_in_progress(false); - LogMessage("== reload complete\n"); + snort::LogMessage("== reload complete\n"); } void ACDAQSwap::execute(Analyzer& analyzer) @@ -106,6 +106,6 @@ void ACDAQSwap::execute(Analyzer& analyzer) ACDAQSwap::~ACDAQSwap() { - LogMessage("== daq module reload complete\n"); + snort::LogMessage("== daq module reload complete\n"); } diff --git a/src/main/control_mgmt.cc b/src/main/control_mgmt.cc index 76819be9e..62a90eb0c 100644 --- a/src/main/control_mgmt.cc +++ b/src/main/control_mgmt.cc @@ -34,6 +34,7 @@ #include "request.h" #include "snort_config.h" +using namespace snort; using namespace std; static int listener = -1; @@ -108,25 +109,25 @@ void ControlMgmt::delete_controls() int ControlMgmt::setup_socket_family() { int family = AF_UNSPEC; - if ( snort::SnortConfig::get_conf()->remote_control_port ) + if ( SnortConfig::get_conf()->remote_control_port ) { memset(&in_addr, 0, sizeof(in_addr)); in_addr.sin_family = AF_INET; in_addr.sin_addr.s_addr = htonl(0x7F000001); - in_addr.sin_port = htons(snort::SnortConfig::get_conf()->remote_control_port); + in_addr.sin_port = htons(SnortConfig::get_conf()->remote_control_port); sock_addr = (struct sockaddr*)&in_addr; sock_addr_size = sizeof(in_addr); family = AF_INET; } - else if ( !snort::SnortConfig::get_conf()->remote_control_socket.empty() ) + else if ( !SnortConfig::get_conf()->remote_control_socket.empty() ) { std::string fullpath; - const char* path_sep = strrchr(snort::SnortConfig::get_conf()->remote_control_socket.c_str(), '/'); + const char* path_sep = strrchr(SnortConfig::get_conf()->remote_control_socket.c_str(), '/'); if (path_sep != nullptr) - fullpath = snort::SnortConfig::get_conf()->remote_control_socket; + fullpath = SnortConfig::get_conf()->remote_control_socket; else - get_instance_file(fullpath, snort::SnortConfig::get_conf()->remote_control_socket.c_str()); + get_instance_file(fullpath, SnortConfig::get_conf()->remote_control_socket.c_str()); memset(&unix_addr, 0, sizeof(unix_addr)); unix_addr.sun_family = AF_UNIX; diff --git a/src/main/modules.cc b/src/main/modules.cc index 7f06a5e66..4cdad1d9f 100644 --- a/src/main/modules.cc +++ b/src/main/modules.cc @@ -266,7 +266,10 @@ static const Parameter search_engine_params[] = #define search_engine_help \ "configure fast pattern matcher" +namespace snort +{ THREAD_LOCAL PatMatQStat pmqs; +} const PegInfo mpse_pegs[] = { diff --git a/src/main/policy.h b/src/main/policy.h index c9be172e5..cc7d9718c 100644 --- a/src/main/policy.h +++ b/src/main/policy.h @@ -37,12 +37,17 @@ typedef unsigned char uuid_t[16]; #include "framework/data_bus.h" +namespace snort +{ +struct GHash; +} + struct PortTable; struct vartable_t; struct sfip_var_t; typedef unsigned int PolicyId; -typedef struct GHash PortVarTable; +typedef struct snort::GHash PortVarTable; enum PolicyMode { diff --git a/src/main/request.cc b/src/main/request.cc index 887c09564..efed766da 100644 --- a/src/main/request.cc +++ b/src/main/request.cc @@ -88,7 +88,7 @@ void Request::respond(const char* s, bool queue_response) { if ( fd < 1 ) { - LogMessage("%s", s); + snort::LogMessage("%s", s); return; } diff --git a/src/main/snort_config.h b/src/main/snort_config.h index 6546d9e83..8c0388e79 100644 --- a/src/main/snort_config.h +++ b/src/main/snort_config.h @@ -119,8 +119,7 @@ enum TunnelFlags struct ClassType; struct srmm_table_t; struct sopg_table_t; -struct GHash; -struct XHash; + struct MemoryConfig; struct LatencyConfig; struct PORT_RULE_MAP; @@ -136,13 +135,15 @@ struct RateFilterConfig; struct SFDAQConfig; class ThreadConfig; struct ReferenceSystemNode; -class ProtocolReference; struct VarNode; struct _IntelPmHandles; namespace snort { struct ProfilerConfig; +class ProtocolReference; +struct GHash; +struct XHash; struct SnortConfig; typedef void (* ScScratchFunc)(SnortConfig* sc); diff --git a/src/main/snort_debug.cc b/src/main/snort_debug.cc index 41274c7d6..2c82a0eaf 100644 --- a/src/main/snort_debug.cc +++ b/src/main/snort_debug.cc @@ -33,6 +33,8 @@ #include "snort_config.h" +using namespace snort; + bool trace_enabled(Trace mask, Trace flags) { return mask & flags; } diff --git a/src/main/thread.cc b/src/main/thread.cc index 8f7a31cbf..4b7364862 100644 --- a/src/main/thread.cc +++ b/src/main/thread.cc @@ -47,15 +47,9 @@ uint16_t get_run_num() void set_instance_id(unsigned id) { instance_id = id; } -unsigned get_instance_id() -{ return instance_id; } - void set_thread_type(SThreadType type) { thread_type = type; } -SThreadType get_thread_type() -{ return thread_type; } - //------------------------------------------------------------------------- // union rules - breaks are mandatory and must be taken in daq thread //------------------------------------------------------------------------- @@ -75,6 +69,15 @@ bool break_time() return true; } +namespace snort +{ +unsigned get_instance_id() +{ return instance_id; } + +SThreadType get_thread_type() +{ return thread_type; } + + //------------------------------------------------------------------------- // format is: // /[][][] @@ -124,3 +127,4 @@ const char* get_instance_file(std::string& file, const char* name) return file.c_str(); } +} diff --git a/src/main/thread.h b/src/main/thread.h index 539b2e2f0..eca181d97 100644 --- a/src/main/thread.h +++ b/src/main/thread.h @@ -49,6 +49,8 @@ void set_thread_type(SThreadType); void set_run_num(uint16_t); uint16_t get_run_num(); +namespace snort +{ SO_PUBLIC unsigned get_instance_id(); SO_PUBLIC SThreadType get_thread_type(); SO_PUBLIC inline bool is_packet_thread() @@ -60,6 +62,7 @@ SO_PUBLIC inline bool is_packet_thread() // get a packet thread specific path. name should be the module name or // derived therefrom. SO_PUBLIC const char* get_instance_file(std::string&, const char* name); +} void take_break(); bool break_time(); diff --git a/src/main/thread_config.cc b/src/main/thread_config.cc index 7e8d13523..0e343939c 100644 --- a/src/main/thread_config.cc +++ b/src/main/thread_config.cc @@ -136,7 +136,7 @@ void ThreadConfig::set_thread_affinity(SThreadType type, unsigned id, CpuSet* cp thread_affinity[key] = cpuset; } else - ParseWarning(WARN_CONF, "This platform does not support setting thread affinity.\n"); + snort::ParseWarning(WARN_CONF, "This platform does not support setting thread affinity.\n"); } void ThreadConfig::implement_thread_affinity(SThreadType type, unsigned id) @@ -158,13 +158,13 @@ void ThreadConfig::implement_thread_affinity(SThreadType type, unsigned id) current_cpuset = hwloc_bitmap_alloc(); hwloc_get_cpubind(topology, current_cpuset, HWLOC_CPUBIND_THREAD); if (!hwloc_bitmap_isequal(current_cpuset, desired_cpuset)) - LogMessage("Binding thread %u (type %u) to %s.\n", id, type, s); + snort::LogMessage("Binding thread %u (type %u) to %s.\n", id, type, s); hwloc_bitmap_free(current_cpuset); if (hwloc_set_cpubind(topology, desired_cpuset, HWLOC_CPUBIND_THREAD)) { - FatalError("Failed to pin thread %u (type %u) to %s: %s (%d)\n", - id, type, s, get_error(errno), errno); + snort::FatalError("Failed to pin thread %u (type %u) to %s: %s (%d)\n", + id, type, s, snort::get_error(errno), errno); } free(s); diff --git a/src/managers/so_manager.cc b/src/managers/so_manager.cc index 5415feb44..bf4c90cf1 100644 --- a/src/managers/so_manager.cc +++ b/src/managers/so_manager.cc @@ -55,7 +55,7 @@ void SoManager::release_plugins() void SoManager::dump_plugins() { - Dumper d("SO Rules"); + snort::Dumper d("SO Rules"); for ( auto* p : s_rules ) d.dump(p->base.name, p->base.version); diff --git a/src/memory/memory_cap.cc b/src/memory/memory_cap.cc index 802105142..ec8ca29d9 100644 --- a/src/memory/memory_cap.cc +++ b/src/memory/memory_cap.cc @@ -40,6 +40,8 @@ #include "catch/snort_catch.h" #endif +using namespace snort; + namespace memory { diff --git a/src/mime/decode_b64.cc b/src/mime/decode_b64.cc index 51b1ed825..f4b92b625 100644 --- a/src/mime/decode_b64.cc +++ b/src/mime/decode_b64.cc @@ -47,7 +47,7 @@ DecodeResult B64Decode::decode_data(const uint8_t* start, const uint8_t* end) uint32_t encode_avail = buffer->get_encode_avail() - buffer->get_prev_encoded_bytes(); - if (sf_strip_CRLF(start, (end-start), buffer->get_encode_buff() + buffer->get_prev_encoded_bytes(), + if (snort::sf_strip_CRLF(start, (end-start), buffer->get_encode_buff() + buffer->get_prev_encoded_bytes(), encode_avail, &act_encode_size) != 0) { reset_decode_state(); @@ -68,7 +68,7 @@ DecodeResult B64Decode::decode_data(const uint8_t* start, const uint8_t* end) else buffer->reset_saved(); - if (sf_base64decode(buffer->get_encode_buff(), act_encode_size, + if (snort::sf_base64decode(buffer->get_encode_buff(), act_encode_size, buffer->get_decode_buff(), buffer->get_decode_avail(), &act_decode_size) != 0) { reset_decode_state(); @@ -118,6 +118,8 @@ uint8_t sf_decode64tab[256] = 100,100,100,100,100,100,100,100,100,100,100,100,100,100,100,100 }; +namespace snort +{ /* base64decode assumes the input data terminates with '=' and/or at the end of the input buffer * at inbuf_size. If extra characters exist within inbuf before inbuf_size is reached, it will * happily decode what it can and skip over what it can't. This is consistent with other decoders @@ -212,4 +214,5 @@ int sf_base64decode(uint8_t* inbuf, uint32_t inbuf_size, uint8_t* outbuf, uint32 else return(0); } +} // namespace snort diff --git a/src/mime/decode_b64.h b/src/mime/decode_b64.h index d0802f9c3..2415f4ff8 100644 --- a/src/mime/decode_b64.h +++ b/src/mime/decode_b64.h @@ -40,12 +40,14 @@ private: class DecodeBuffer* buffer = nullptr; }; +namespace snort +{ // FIXIT-L inbuf should probably be const uint8_t* SO_PUBLIC int sf_base64decode( uint8_t* inbuf, uint32_t inbuf_size, uint8_t* outbuf, uint32_t outbuf_size, uint32_t* bytes_written ); - +} #endif diff --git a/src/mime/decode_qp.cc b/src/mime/decode_qp.cc index 7e261c765..8daf8968b 100644 --- a/src/mime/decode_qp.cc +++ b/src/mime/decode_qp.cc @@ -49,7 +49,7 @@ DecodeResult QPDecode::decode_data(const uint8_t* start, const uint8_t* end) uint32_t encode_avail = buffer->get_encode_avail() - buffer->get_prev_encoded_bytes(); - if (sf_strip_LWS(start, (end-start), buffer->get_encode_buff() + buffer->get_prev_encoded_bytes(), + if (snort::sf_strip_LWS(start, (end-start), buffer->get_encode_buff() + buffer->get_prev_encoded_bytes(), encode_avail, &act_encode_size) != 0) { reset_decode_state(); diff --git a/src/mime/decode_uu.cc b/src/mime/decode_uu.cc index 2f89fe063..d4fdecf7e 100644 --- a/src/mime/decode_uu.cc +++ b/src/mime/decode_uu.cc @@ -149,13 +149,13 @@ int sf_uudecode(uint8_t* src, uint32_t slen, uint8_t* dst, uint32_t dlen, uint32 } else { - const uint8_t* sod = (const uint8_t*)SnortStrnStr((const char*)src, 5, "begin"); + const uint8_t* sod = (const uint8_t*)snort::SnortStrnStr((const char*)src, 5, "begin"); if (sod) { *begin_found = true; /*begin str found. Move to the actual data*/ - ptr = (const uint8_t*)SnortStrnStr((const char*)(sod), (end - sod), "\n"); + ptr = (const uint8_t*)snort::SnortStrnStr((const char*)(sod), (end - sod), "\n"); if ( !ptr ) { *bytes_read = slen; diff --git a/src/mime/file_mime_config.cc b/src/mime/file_mime_config.cc index c05d9e238..2df9f8994 100644 --- a/src/mime/file_mime_config.cc +++ b/src/mime/file_mime_config.cc @@ -29,6 +29,8 @@ #include "log/messages.h" #include "file_api/file_service.h" +using namespace snort; + void DecodeConfig::set_ignore_data(bool ignored) { ignore_data = ignored; diff --git a/src/mime/file_mime_config.h b/src/mime/file_mime_config.h index d103559c3..5a641fb28 100644 --- a/src/mime/file_mime_config.h +++ b/src/mime/file_mime_config.h @@ -33,6 +33,8 @@ #define MAX_DEPTH 65535 #define MIN_DEPTH (-1) +namespace snort +{ class SO_PUBLIC DecodeConfig { public: @@ -66,6 +68,6 @@ private: int64_t file_depth = MIN_DEPTH; bool decode_enabled = true; }; - +} #endif diff --git a/src/mime/file_mime_decode.cc b/src/mime/file_mime_decode.cc index 6f3f87283..17afe3e0c 100644 --- a/src/mime/file_mime_decode.cc +++ b/src/mime/file_mime_decode.cc @@ -31,6 +31,8 @@ #include "decode_qp.h" #include "decode_uu.h" +using namespace snort; + void MimeDecode::reset_decoded_bytes() { if (decoder) @@ -131,7 +133,7 @@ DecodeType MimeDecode::get_decode_type() return decode_type; } -MimeDecode::MimeDecode(DecodeConfig* conf) +MimeDecode::MimeDecode(snort::DecodeConfig* conf) { config = conf; } diff --git a/src/mime/file_mime_decode.h b/src/mime/file_mime_decode.h index dcb4725df..6aece520e 100644 --- a/src/mime/file_mime_decode.h +++ b/src/mime/file_mime_decode.h @@ -51,7 +51,7 @@ struct MimeStats class MimeDecode { public: - MimeDecode(DecodeConfig* conf); + MimeDecode(snort::DecodeConfig* conf); ~MimeDecode(); // get the decode type from buffer @@ -73,7 +73,7 @@ public: private: DecodeType decode_type = DECODE_NONE; - DecodeConfig* config; + snort::DecodeConfig* config; DataDecode* decoder = nullptr; }; diff --git a/src/mime/file_mime_paf.cc b/src/mime/file_mime_paf.cc index 69416d79a..4dad8e825 100644 --- a/src/mime/file_mime_paf.cc +++ b/src/mime/file_mime_paf.cc @@ -30,6 +30,8 @@ #include "main/snort_debug.h" +using namespace snort; + static const char* boundary_str = "boundary="; /* Save the boundary string into paf state*/ @@ -138,6 +140,8 @@ static inline bool check_boundary(MimeDataPafInfo* data_info, uint8_t data) return false; } +namespace snort +{ void reset_mime_paf_state(MimeDataPafInfo* data_info) { data_info->boundary_search = nullptr; @@ -219,4 +223,4 @@ bool check_data_end(void* data_end_state, uint8_t val) *((DataEndState*)data_end_state) = state; return false; } - +} // namespace snort diff --git a/src/mime/file_mime_paf.h b/src/mime/file_mime_paf.h index 6a007f2ff..a6f842674 100644 --- a/src/mime/file_mime_paf.h +++ b/src/mime/file_mime_paf.h @@ -76,11 +76,14 @@ inline bool scanning_boundary(MimeDataPafInfo* mime_info, uint32_t boundary_star return false; } +namespace snort +{ SO_PUBLIC void reset_mime_paf_state(MimeDataPafInfo*); /* Process data boundary and flush each file based on boundary*/ SO_PUBLIC bool process_mime_paf_data(MimeDataPafInfo*, uint8_t val); SO_PUBLIC bool check_data_end(void* end_state, uint8_t val); +} #endif diff --git a/src/network_inspectors/appid/app_forecast.cc b/src/network_inspectors/appid/app_forecast.cc index 987fe156d..8b755c0df 100644 --- a/src/network_inspectors/appid/app_forecast.cc +++ b/src/network_inspectors/appid/app_forecast.cc @@ -110,7 +110,7 @@ void check_session_for_AF_indicator(Packet* p, AppidSessionDirection dir, AppId AFActVal* test_active_value; if ((test_active_value = (AFActVal*)xhash_find(AF_actives, &master_key))) { - test_active_value->last = packet_time(); + test_active_value->last = snort::packet_time(); test_active_value->target = ind_element->target; return; } diff --git a/src/network_inspectors/appid/app_info_table.cc b/src/network_inspectors/appid/app_info_table.cc index b020cab0e..b920485df 100644 --- a/src/network_inspectors/appid/app_info_table.cc +++ b/src/network_inspectors/appid/app_info_table.cc @@ -38,6 +38,8 @@ #include "target_based/snort_protocols.h" #include "utils/util_cstring.h" +using namespace snort; + static AppInfoTable app_info_table; static AppInfoTable app_info_service_table; static AppInfoTable app_info_client_table; diff --git a/src/network_inspectors/appid/appid_config.cc b/src/network_inspectors/appid/appid_config.cc index 4297b71ac..d1effb2b7 100644 --- a/src/network_inspectors/appid/appid_config.cc +++ b/src/network_inspectors/appid/appid_config.cc @@ -42,6 +42,8 @@ #include "tp_lib_handler.h" #endif +using namespace snort; + #define ODP_PORT_DETECTORS "odp/port/*" #define CUSTOM_PORT_DETECTORS "custom/port/*" #define MAX_DISPLAY_SIZE 65536 diff --git a/src/network_inspectors/appid/appid_http_session.cc b/src/network_inspectors/appid/appid_http_session.cc index db32a328c..aa69ef037 100644 --- a/src/network_inspectors/appid/appid_http_session.cc +++ b/src/network_inspectors/appid/appid_http_session.cc @@ -37,6 +37,8 @@ #include "tp_lib_handler.h" #endif +using namespace snort; + static const char* httpFieldName[ MAX_HTTP_FIELD_ID ] = // for use in debug messages { "useragent", diff --git a/src/network_inspectors/appid/appid_peg_counts.cc b/src/network_inspectors/appid/appid_peg_counts.cc index e78a0d0e8..5e1539c6a 100644 --- a/src/network_inspectors/appid/appid_peg_counts.cc +++ b/src/network_inspectors/appid/appid_peg_counts.cc @@ -135,7 +135,7 @@ void AppIdPegCounts::print() if (!print && unknown_pegs->all_zeros()) return; - LogLabel("Appid dynamic stats:"); + snort::LogLabel("Appid dynamic stats:"); for (unsigned i = 0; i < app_num; i++) { @@ -144,14 +144,14 @@ void AppIdPegCounts::print() continue; std::string app_name = AppIdPegCounts::appid_detectors_info[i]; - LogMessage("%s: ", app_name.c_str()); + snort::LogMessage("%s: ", app_name.c_str()); pegs->print(); } // Print unknown app stats if (!unknown_pegs->all_zeros()) { - LogMessage("unknown_app: flows: %" PRIu64 ", clients: %" PRIu64 ", users: %" PRIu64 ", payloads %" + snort::LogMessage("unknown_app: flows: %" PRIu64 ", clients: %" PRIu64 ", users: %" PRIu64 ", payloads %" PRIu64 ", misc: %" PRIu64 "\n", unknown_pegs->stats[0], unknown_pegs->stats[1], unknown_pegs->stats[2], unknown_pegs->stats[3], unknown_pegs->stats[4]); diff --git a/src/network_inspectors/appid/appid_peg_counts.h b/src/network_inspectors/appid/appid_peg_counts.h index c8c1c0691..f4246efba 100644 --- a/src/network_inspectors/appid/appid_peg_counts.h +++ b/src/network_inspectors/appid/appid_peg_counts.h @@ -70,7 +70,7 @@ public: void print() { - LogMessage("flows: %" PRIu64 ", clients: %" PRIu64 ", users: %" PRIu64 ", payloads %" PRIu64 + snort::LogMessage("flows: %" PRIu64 ", clients: %" PRIu64 ", users: %" PRIu64 ", payloads %" PRIu64 ", misc: %" PRIu64 ", incompatible: %" PRIu64 ", failed: %" PRIu64 "\n", stats[0], stats[1], stats[2], stats[3], stats[4], stats[5], stats[6]); } diff --git a/src/network_inspectors/appid/appid_session.h b/src/network_inspectors/appid/appid_session.h index bcd005cea..0f0f41747 100644 --- a/src/network_inspectors/appid/appid_session.h +++ b/src/network_inspectors/appid/appid_session.h @@ -136,22 +136,22 @@ struct TlsSession void set_tls_host(const char* new_tls_host, uint32_t len) { if (tls_host) snort_free(tls_host); - tls_host=snort_strndup(new_tls_host,len); - tls_host_strlen=len; + tls_host = snort::snort_strndup(new_tls_host,len); + tls_host_strlen = len; } void set_tls_cname(const char* new_tls_cname, uint32_t len) { if (tls_cname) snort_free(tls_cname); - tls_cname=snort_strndup(new_tls_cname,len); - tls_cname_strlen=len; + tls_cname = snort::snort_strndup(new_tls_cname,len); + tls_cname_strlen = len; } void set_tls_org_unit(const char* new_tls_org_unit, uint32_t len) { if (tls_orgUnit) snort_free(tls_orgUnit); - tls_orgUnit=snort_strndup(new_tls_org_unit,len); - tls_orgUnit_strlen=len; + tls_orgUnit = snort::snort_strndup(new_tls_org_unit,len); + tls_orgUnit_strlen = len; } }; diff --git a/src/network_inspectors/appid/appid_stats.cc b/src/network_inspectors/appid/appid_stats.cc index 22f2dad6d..ec63de7c5 100644 --- a/src/network_inspectors/appid/appid_stats.cc +++ b/src/network_inspectors/appid/appid_stats.cc @@ -33,6 +33,8 @@ #include "app_info_table.h" #include "appid_session.h" +using namespace snort; + #define URLCATBUCKETS 100 #define URLREPBUCKETS 5 @@ -245,7 +247,7 @@ static void update_stats(AppIdSession& asd, AppId app_id, StatsBucket* bucket) } else { - WarningMessage("Error saving statistics record for app id: %d", app_id); + snort::WarningMessage("Error saving statistics record for app id: %d", app_id); snort_free(record); record = nullptr; } diff --git a/src/network_inspectors/appid/client_plugins/client_detector.cc b/src/network_inspectors/appid/client_plugins/client_detector.cc index b12d04915..0622c83da 100644 --- a/src/network_inspectors/appid/client_plugins/client_detector.cc +++ b/src/network_inspectors/appid/client_plugins/client_detector.cc @@ -47,7 +47,7 @@ void ClientDetector::register_appid(AppId appId, unsigned extractsInfo) { if ( AppInfoManager::get_instance().configured() ) { - ParseWarning(WARN_RULES, + snort::ParseWarning(WARN_RULES, "appid: no entry for %d in appMapping.data; no rule support for this ID.", appId); } @@ -55,9 +55,7 @@ void ClientDetector::register_appid(AppId appId, unsigned extractsInfo) } extractsInfo &= (APPINFO_FLAG_CLIENT_ADDITIONAL | APPINFO_FLAG_CLIENT_USER); if (!extractsInfo) - { return; - } pEntry->client_detector = this; pEntry->flags |= extractsInfo; diff --git a/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc b/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc index 8bd6d0923..2172ae92a 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc @@ -30,6 +30,8 @@ #include "protocols/packet.h" +using namespace snort; + enum KerberosState { KRB_STATE_TCP_LENGTH, diff --git a/src/network_inspectors/appid/detector_plugins/detector_pattern.cc b/src/network_inspectors/appid/detector_plugins/detector_pattern.cc index 84f2bdf2a..b70f872e0 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_pattern.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_pattern.cc @@ -30,6 +30,7 @@ #include "protocols/packet.h" #include "search_engines/search_tool.h" +using namespace snort; static THREAD_LOCAL PatternServiceDetector* service_pattern_detector; static THREAD_LOCAL PatternClientDetector* client_pattern_detector; @@ -125,7 +126,7 @@ static void register_pattern(snort::SearchTool** patterns, Pattern* pattern) *patterns = new snort::SearchTool("ac_full", true); if (!*patterns) { - ErrorMessage("Error initializing the pattern table\n"); + snort::ErrorMessage("Error initializing the pattern table\n"); return; } } diff --git a/src/network_inspectors/appid/detector_plugins/detector_pop3.cc b/src/network_inspectors/appid/detector_plugins/detector_pop3.cc index 5ab1628f7..2e1b0f0c6 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_pop3.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_pop3.cc @@ -29,6 +29,8 @@ #include "app_info_table.h" +using namespace snort; + enum POP3ClientState { POP3_CLIENT_STATE_AUTH, // POP3 - AUTHORIZATION state diff --git a/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc b/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc index e3cb5898a..2545027aa 100644 --- a/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc +++ b/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc @@ -33,6 +33,8 @@ #include "log/messages.h" #include "protocols/packet.h" +using namespace snort; + static const char* const FP_OPERATION_AND = "%&%"; static const unsigned PATTERN_PART_MAX = 10; @@ -1840,7 +1842,7 @@ uint32_t HttpPatternMatchers::parse_multiple_http_patterns(const char* pattern, for (unsigned i = 0; i <= partNum; i++) snort_free((void*)parts[i].pattern); - ErrorMessage("Failed to allocate memory"); + snort::ErrorMessage("Failed to allocate memory"); return 0; } partNum++; diff --git a/src/network_inspectors/appid/detector_plugins/http_url_patterns.h b/src/network_inspectors/appid/detector_plugins/http_url_patterns.h index 28c760cdc..5c636ac9c 100644 --- a/src/network_inspectors/appid/detector_plugins/http_url_patterns.h +++ b/src/network_inspectors/appid/detector_plugins/http_url_patterns.h @@ -94,18 +94,18 @@ struct DetectorHTTPPattern { if( !pat ) { - ErrorMessage("HTTP pattern string is NULL."); + snort::ErrorMessage("HTTP pattern string is NULL."); return false; } if (seq < SINGLE || seq > USER_AGENT_HEADER) { - ErrorMessage("Invalid HTTP DHP Sequence."); + snort::ErrorMessage("Invalid HTTP DHP Sequence."); return false; } pattern_size = len; - pattern = (const uint8_t*)snort_strdup((const char*)pat); + pattern = (const uint8_t*)snort::snort_strdup((const char*)pat); sequence = seq; service_id = service; client_id = client; @@ -255,7 +255,7 @@ class HostUrlDetectorPattern public: HostUrlDetectorPattern(const uint8_t* host_pattern, unsigned length) { - host.pattern = (const uint8_t*)snort_strdup((const char*)host_pattern); + host.pattern = (const uint8_t*)snort::snort_strdup((const char*)host_pattern); host.patternSize = length; } diff --git a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h index 4db9ba5cc..0050405ca 100644 --- a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h +++ b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h @@ -20,14 +20,18 @@ #ifndef DETECTOR_PLUGINS_MOCK_H #define DETECTOR_PLUGINS_MOCK_H +namespace snort +{ // Stubs for messages void ErrorMessage(const char*,...) {} void WarningMessage(const char*,...) {} void LogMessage(const char*,...) {} void ParseWarning(WarningGroup, const char*, ...) {} -namespace snort -{ +// Stubs for appid sessions +FlowData::FlowData(unsigned, Inspector*) {} +FlowData::~FlowData() = default; + // Stubs for packet Packet::Packet(bool) { } Packet::~Packet() = default; @@ -37,8 +41,51 @@ Inspector::~Inspector() = default; bool Inspector::likes(Packet*) { return true; } bool Inspector::get_buf(const char*, Packet*, InspectionBuffer&) { return true; } class StreamSplitter* Inspector::get_splitter(bool) { return nullptr; } + +// Stubs for search_tool.cc +SearchTool::SearchTool(const char*, bool) {} +SearchTool::~SearchTool() = default; +void SearchTool::add(const char*, unsigned, int, bool) {} +void SearchTool::add(const char*, unsigned, void*, bool) {} +void SearchTool::add(const uint8_t*, unsigned, int, bool) {} +void SearchTool::add(const uint8_t*, unsigned, void*, bool) {} +void SearchTool::prep() {} +static bool test_find_all_done = false; +static bool test_find_all_enabled = false; +static MatchedPatterns* mock_mp = nullptr; +int SearchTool::find_all(const char*, unsigned, MpseMatch, bool, void* mp_arg) +{ + test_find_all_done = true; + if (test_find_all_enabled) + memcpy(mp_arg, &mock_mp, sizeof(MatchedPatterns*)); + return 0; } +// Stubs for util.cc +char* snort_strndup(const char* src, size_t dst_size) +{ + char* dup = (char*)snort_calloc(dst_size + 1); + if ( SnortStrncpy(dup, src, dst_size + 1) == SNORT_STRNCPY_ERROR ) + { + snort_free(dup); + return nullptr; + } + return dup; +} +char* snort_strdup(const char* str) +{ + assert(str); + size_t n = strlen(str) + 1; + char* p = (char*)snort_alloc(n); + memcpy(p, str, n); + return p; +} +} + +void show_stats(PegCount*, const PegInfo*, unsigned, const char*) {} +void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) {} +void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) {} + class AppIdInspector : public snort::Inspector { public: @@ -85,13 +132,6 @@ snort::ProfileStats* AppIdModule::get_profile() const { return nullptr; } -void show_stats(PegCount*, const PegInfo*, unsigned, const char*) {} -void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) {} -void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) {} - -// Stubs for appid sessions -snort::FlowData::FlowData(unsigned, Inspector*) {} -snort::FlowData::~FlowData() = default; // Stubs for inspectors unsigned AppIdSession::inspector_id = 0; @@ -112,28 +152,6 @@ THREAD_LOCAL AppIdStats appid_stats; void AppIdModule::sum_stats(bool) {} void AppIdModule::show_dynamic_stats() {} -namespace snort -{ -// Stubs for search_tool.cc -SearchTool::SearchTool(const char*, bool) {} -SearchTool::~SearchTool() = default; -void SearchTool::add(const char*, unsigned, int, bool) {} -void SearchTool::add(const char*, unsigned, void*, bool) {} -void SearchTool::add(const uint8_t*, unsigned, int, bool) {} -void SearchTool::add(const uint8_t*, unsigned, void*, bool) {} -void SearchTool::prep() {} -static bool test_find_all_done = false; -static bool test_find_all_enabled = false; -static MatchedPatterns* mock_mp = nullptr; -int SearchTool::find_all(const char*, unsigned, MpseMatch, bool, void* mp_arg) -{ - test_find_all_done = true; - if (test_find_all_enabled) - memcpy(mp_arg, &mock_mp, sizeof(MatchedPatterns*)); - return 0; -} -} - // Stubs for appid_session.cc static bool test_service_strstr_enabled = false; const uint8_t* service_strstr(const uint8_t* p, unsigned, @@ -162,25 +180,5 @@ AppInfoTableEntry* AppInfoManager::get_app_info_entry(AppId, const AppInfoTable& return nullptr; } -// Stubs for util.cc -char* snort_strndup(const char* src, size_t dst_size) -{ - char* dup = (char*)snort_calloc(dst_size + 1); - if ( SnortStrncpy(dup, src, dst_size + 1) == SNORT_STRNCPY_ERROR ) - { - snort_free(dup); - return nullptr; - } - return dup; -} -char* snort_strdup(const char* str) -{ - assert(str); - size_t n = strlen(str) + 1; - char* p = (char*)snort_alloc(n); - memcpy(p, str, n); - return p; -} - #endif diff --git a/src/network_inspectors/appid/length_app_cache.cc b/src/network_inspectors/appid/length_app_cache.cc index b67aa9c8e..16a3965a5 100644 --- a/src/network_inspectors/appid/length_app_cache.cc +++ b/src/network_inspectors/appid/length_app_cache.cc @@ -30,6 +30,8 @@ #include "log/messages.h" #include "main/thread.h" +using namespace snort; + #define HASH_NUM_ROWS (1024) static THREAD_LOCAL XHash* lengthCache = nullptr; diff --git a/src/network_inspectors/appid/lua_detector_module.cc b/src/network_inspectors/appid/lua_detector_module.cc index 889634c89..3395dcc75 100644 --- a/src/network_inspectors/appid/lua_detector_module.cc +++ b/src/network_inspectors/appid/lua_detector_module.cc @@ -39,6 +39,8 @@ #include "utils/sflsq.h" #include "log/messages.h" +using namespace snort; + #define MAX_LUA_DETECTOR_FILENAME_LEN 1024 #define MAX_DEFAULT_NUM_LUA_TRACKERS 10000 #define AVG_LUA_TRACKER_SIZE_IN_BYTES 740 diff --git a/src/network_inspectors/appid/service_plugins/service_rshell.cc b/src/network_inspectors/appid/service_plugins/service_rshell.cc index 1abbc5786..8b83e6c20 100644 --- a/src/network_inspectors/appid/service_plugins/service_rshell.cc +++ b/src/network_inspectors/appid/service_plugins/service_rshell.cc @@ -113,7 +113,7 @@ int RshellServiceDetector::validate(AppIdDiscoveryArgs& args) } if (appidDebug->is_active()) - LogMessage("AppIdDbg %s RSHELL state %d\n", appidDebug->get_debug_session(), rd->state); + snort::LogMessage("AppIdDbg %s RSHELL state %d\n", appidDebug->get_debug_session(), rd->state); switch (rd->state) { diff --git a/src/network_inspectors/appid/service_plugins/service_snmp.cc b/src/network_inspectors/appid/service_plugins/service_snmp.cc index 8af0a4b34..3f99f1a4f 100644 --- a/src/network_inspectors/appid/service_plugins/service_snmp.cc +++ b/src/network_inspectors/appid/service_plugins/service_snmp.cc @@ -421,7 +421,7 @@ int SnmpServiceDetector::validate(AppIdDiscoveryArgs& args) if (snmp_verify_packet(&data, data+size, &pdu, &version)) { if (appidDebug->is_active()) - LogMessage("AppIdDbg %s SNMP payload verify failed\n", appidDebug->get_debug_session()); + snort::LogMessage("AppIdDbg %s SNMP payload verify failed\n", appidDebug->get_debug_session()); if (args.asd.get_session_flags(APPID_SESSION_UDP_REVERSED)) { if (args.dir == APP_ID_FROM_RESPONDER) @@ -439,7 +439,7 @@ int SnmpServiceDetector::validate(AppIdDiscoveryArgs& args) } if (appidDebug->is_active()) - LogMessage("AppIdDbg %s SNMP state %d\n", appidDebug->get_debug_session(), sd->state); + snort::LogMessage("AppIdDbg %s SNMP state %d\n", appidDebug->get_debug_session(), sd->state); switch (sd->state) { diff --git a/src/network_inspectors/appid/service_plugins/service_tftp.cc b/src/network_inspectors/appid/service_plugins/service_tftp.cc index c99ff1732..70e1d0027 100644 --- a/src/network_inspectors/appid/service_plugins/service_tftp.cc +++ b/src/network_inspectors/appid/service_plugins/service_tftp.cc @@ -31,6 +31,8 @@ #include "appid_debug.h" #include "appid_inspector.h" +using namespace snort; + #define TFTP_PORT 69 #define TFTP_COUNT_THRESHOLD 1 #define TFTP_MAX_PACKET_SIZE 512 diff --git a/src/network_inspectors/appid/test/appid_debug_test.cc b/src/network_inspectors/appid/test/appid_debug_test.cc index db1d4ef0a..a5b56a977 100644 --- a/src/network_inspectors/appid/test/appid_debug_test.cc +++ b/src/network_inspectors/appid/test/appid_debug_test.cc @@ -37,17 +37,20 @@ // Mocks +namespace snort +{ unsigned get_instance_id() { return 3; } +FlowData::FlowData(unsigned, Inspector*) { } +FlowData::~FlowData() = default; +} + class AppIdInspector { public: AppIdInspector() = default; }; -FlowData::FlowData(unsigned, Inspector*) { } -FlowData::~FlowData() = default; - AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector& inspector) : FlowData(0), inspector(inspector) { } AppIdSession::~AppIdSession() = default; diff --git a/src/network_inspectors/appid/test/appid_mock_definitions.h b/src/network_inspectors/appid/test/appid_mock_definitions.h index c4f72c744..c51260d7a 100644 --- a/src/network_inspectors/appid/test/appid_mock_definitions.h +++ b/src/network_inspectors/appid/test/appid_mock_definitions.h @@ -29,6 +29,8 @@ struct ThirdPartyAppIDModule; AppIdConfig* pAppidActiveConfig = nullptr; ThirdPartyAppIDModule* tp_appid_module = nullptr; +namespace snort +{ char* snort_strndup(const char* src, size_t dst_size) { return strndup(src, dst_size); @@ -43,6 +45,14 @@ char* snort_strdup(const char* str) return p; } +void ErrorMessage(const char*,...) { } +void WarningMessage(const char*,...) { } +void LogMessage(const char*,...) { } +void ParseWarning(WarningGroup, const char*, ...) { } + +void LogLabel(const char*, FILE*) {} +} + void Field::set(int32_t length, const uint8_t* start, bool own_the_buffer_) { strt = start; @@ -52,12 +62,6 @@ void Field::set(int32_t length, const uint8_t* start, bool own_the_buffer_) Field global_field; -void ErrorMessage(const char*,...) { } -void WarningMessage(const char*,...) { } -void LogMessage(const char*,...) { } -void ParseWarning(WarningGroup, const char*, ...) { } - -void LogLabel(const char*, FILE*) {} int ServiceDiscovery::add_ftp_service_state(AppIdSession&) { diff --git a/src/network_inspectors/appid/test/log_message_mock.h b/src/network_inspectors/appid/test/log_message_mock.h index 57c114b5b..a1327b656 100644 --- a/src/network_inspectors/appid/test/log_message_mock.h +++ b/src/network_inspectors/appid/test/log_message_mock.h @@ -9,6 +9,8 @@ using namespace std; +namespace snort +{ // Note: without SO_PUBLIC this is not being exported so tp_mock.so won't // load because of undefined symbol error. SO_PUBLIC void ErrorMessage(const char* format,...) @@ -41,6 +43,6 @@ SO_PUBLIC void LogMessage(const char* format,...) vfprintf(stdout, format, ap); va_end(ap); } - +} #endif diff --git a/src/network_inspectors/appid/test/service_state_test.cc b/src/network_inspectors/appid/test/service_state_test.cc index 49fb85725..68b25918d 100644 --- a/src/network_inspectors/appid/test/service_state_test.cc +++ b/src/network_inspectors/appid/test/service_state_test.cc @@ -26,10 +26,8 @@ #include #include -// Stubs for AppIdDebug -THREAD_LOCAL AppIdDebug* appidDebug = nullptr; -void AppIdDebug::activate(const Flow*, const AppIdSession*, bool) { active = true; } - +namespace snort +{ // Stubs for logs char test_log[256]; void LogMessage(const char* format,...) @@ -41,7 +39,6 @@ void LogMessage(const char* format,...) } void ErrorMessage(const char*,...) {} void LogLabel(const char*, FILE*) {} -THREAD_LOCAL AppIdStats appid_stats; // Stubs for utils char* snort_strdup(const char* str) @@ -53,6 +50,7 @@ char* snort_strdup(const char* str) return p; } time_t packet_time() { return std::time(0); } +} // Stubs for AppInfoManager AppInfoTableEntry* AppInfoManager::get_app_info_entry(AppId) @@ -64,6 +62,13 @@ AppInfoTableEntry* AppInfoManager::get_app_info_entry(AppId) class AppIdInspector{}; FlowData::FlowData(unsigned, Inspector*) {} FlowData::~FlowData() = default; + +// Stubs for AppIdDebug +THREAD_LOCAL AppIdDebug* appidDebug = nullptr; +THREAD_LOCAL AppIdStats appid_stats; + +void AppIdDebug::activate(const Flow*, const AppIdSession*, bool) { active = true; } + AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector& inspector) : FlowData(0), inspector(inspector) {} AppIdSession::~AppIdSession() = default; diff --git a/src/network_inspectors/arp_spoof/arp_module.cc b/src/network_inspectors/arp_spoof/arp_module.cc index 41eea07d9..bf5b27352 100644 --- a/src/network_inspectors/arp_spoof/arp_module.cc +++ b/src/network_inspectors/arp_spoof/arp_module.cc @@ -135,7 +135,7 @@ bool ArpSpoofModule::end(const char*, int idx, SnortConfig*) } const PegInfo* ArpSpoofModule::get_pegs() const -{ return simple_pegs; } +{ return snort::simple_pegs; } PegCount* ArpSpoofModule::get_counts() const { return (PegCount*)&asstats; } diff --git a/src/network_inspectors/perf_monitor/cpu_tracker.cc b/src/network_inspectors/perf_monitor/cpu_tracker.cc index 55b908168..cd8b7dbf9 100644 --- a/src/network_inspectors/perf_monitor/cpu_tracker.cc +++ b/src/network_inspectors/perf_monitor/cpu_tracker.cc @@ -47,7 +47,7 @@ static inline uint64_t get_microseconds(struct timeval t) CPUTracker::CPUTracker(PerfConfig *perf) : PerfTracker(perf, TRACKER_NAME) { - formatter->register_section("thread_" + to_string(get_instance_id())); + formatter->register_section("thread_" + to_string(snort::get_instance_id())); formatter->register_field("cpu_user", &user_stat); formatter->register_field("cpu_system", &system_stat); formatter->register_field("cpu_wall", &wall_stat); diff --git a/src/network_inspectors/perf_monitor/flow_ip_tracker.h b/src/network_inspectors/perf_monitor/flow_ip_tracker.h index 5e6e54672..eaccf2cbf 100644 --- a/src/network_inspectors/perf_monitor/flow_ip_tracker.h +++ b/src/network_inspectors/perf_monitor/flow_ip_tracker.h @@ -71,7 +71,7 @@ public: private: FlowStateValue stats; - XHash* ip_map; + snort::XHash* ip_map; char ip_a[41], ip_b[41]; FlowStateValue* find_stats(const snort::SfIp* src_addr, const snort::SfIp* dst_addr, int* swapped); diff --git a/src/network_inspectors/perf_monitor/perf_module.cc b/src/network_inspectors/perf_monitor/perf_module.cc index 0fa271029..6a3eb6dcc 100644 --- a/src/network_inspectors/perf_monitor/perf_module.cc +++ b/src/network_inspectors/perf_monitor/perf_module.cc @@ -202,7 +202,7 @@ PerfConfig& PerfMonModule::get_config() { return config; } const PegInfo* PerfMonModule::get_pegs() const -{ return simple_pegs; } +{ return snort::simple_pegs; } PegCount* PerfMonModule::get_counts() const { return (PegCount*)&pmstats; } diff --git a/src/network_inspectors/perf_monitor/perf_tracker.cc b/src/network_inspectors/perf_monitor/perf_tracker.cc index eeda5d17c..2d2b44f79 100644 --- a/src/network_inspectors/perf_monitor/perf_tracker.cc +++ b/src/network_inspectors/perf_monitor/perf_tracker.cc @@ -41,6 +41,7 @@ #include "json_formatter.h" #include "text_formatter.h" +using namespace snort; using namespace std; static inline bool check_file_size(FILE* fh, uint64_t max_file_size) diff --git a/src/network_inspectors/perf_monitor/text_formatter.cc b/src/network_inspectors/perf_monitor/text_formatter.cc index 0328528c1..697dccab4 100644 --- a/src/network_inspectors/perf_monitor/text_formatter.cc +++ b/src/network_inspectors/perf_monitor/text_formatter.cc @@ -36,6 +36,7 @@ #include "utils/util.h" #endif +using namespace snort; using namespace std; void TextFormatter::write(FILE* fh, time_t) diff --git a/src/network_inspectors/port_scan/ps_module.cc b/src/network_inspectors/port_scan/ps_module.cc index e37b468ab..8b2a3885e 100644 --- a/src/network_inspectors/port_scan/ps_module.cc +++ b/src/network_inspectors/port_scan/ps_module.cc @@ -198,7 +198,7 @@ ProfileStats* PortScanModule::get_profile() const { return &psPerfStats; } const PegInfo* PortScanModule::get_pegs() const -{ return simple_pegs; } +{ return snort::simple_pegs; } PegCount* PortScanModule::get_counts() const { return (PegCount*)&spstats; } diff --git a/src/network_inspectors/reputation/reputation_parse.cc b/src/network_inspectors/reputation/reputation_parse.cc index 0043665b5..0351aa80b 100644 --- a/src/network_inspectors/reputation/reputation_parse.cc +++ b/src/network_inspectors/reputation/reputation_parse.cc @@ -36,6 +36,7 @@ #include "utils/util.h" #include "utils/util_cstring.h" +using namespace snort; using namespace std; enum diff --git a/src/packet_io/intf.cc b/src/packet_io/intf.cc index 14e097743..a77ffe20c 100644 --- a/src/packet_io/intf.cc +++ b/src/packet_io/intf.cc @@ -41,7 +41,7 @@ void PrintAllInterfaces() int j = 1; if (pcap_findalldevs(&alldevs, errorbuf) == -1) - FatalError("Could not get device list: %s.", errorbuf); + snort::FatalError("Could not get device list: %s.", errorbuf); printf("Index\tDevice\tPhysical Address\tIP Address\tDescription\n"); printf("-----\t------\t----------------\t----------\t-----------\n"); diff --git a/src/packet_io/trough.cc b/src/packet_io/trough.cc index 4dc9b5eef..375c54317 100644 --- a/src/packet_io/trough.cc +++ b/src/packet_io/trough.cc @@ -35,6 +35,8 @@ #include "main/snort_config.h" #include "utils/util.h" +using namespace snort; + std::vector Trough::pcap_object_list; std::vector Trough::pcap_queue; std::string Trough::pcap_filter; diff --git a/src/parser/config_file.cc b/src/parser/config_file.cc index f0da3777f..107b707ea 100644 --- a/src/parser/config_file.cc +++ b/src/parser/config_file.cc @@ -67,7 +67,7 @@ static int GetChecksumFlags(const char* args) if (args == nullptr) return CHECKSUM_FLAG__ALL; - toks = mSplit(args, " \t", 10, &num_toks, 0); + toks = snort::mSplit(args, " \t", 10, &num_toks, 0); for (i = 0; i < num_toks; i++) { if (strcasecmp(toks[i], CHECKSUM_MODE_OPT__ALL) == 0) @@ -132,7 +132,7 @@ static int GetChecksumFlags(const char* args) } else { - ParseError("unknown command line checksum option: %s.", toks[i]); + snort::ParseError("unknown command line checksum option: %s.", toks[i]); return ret_flags; } } @@ -160,7 +160,7 @@ static int GetChecksumFlags(const char* args) ret_flags = negative_flags; } - mSplitFree(&toks, num_toks); + snort::mSplitFree(&toks, num_toks); return ret_flags; } diff --git a/src/parser/mstring.cc b/src/parser/mstring.cc index e5976724d..8b3452ab6 100644 --- a/src/parser/mstring.cc +++ b/src/parser/mstring.cc @@ -28,6 +28,8 @@ #include "utils/util.h" +namespace snort +{ static char* mSplitAddTok(const char*, const int, const char*, const char); /**************************************************************** @@ -422,4 +424,4 @@ void mSplitFree(char*** pbuf, int num_toks) snort_free(buf); *pbuf = nullptr; } - +} // namespace snort diff --git a/src/parser/mstring.h b/src/parser/mstring.h index fd6c86d16..14bda7ebc 100644 --- a/src/parser/mstring.h +++ b/src/parser/mstring.h @@ -28,8 +28,10 @@ #define TOKS_BUF_SIZE 100 +namespace snort +{ SO_PUBLIC char** mSplit(const char*, const char*, const int, int*, const char); SO_PUBLIC void mSplitFree(char*** toks, int numtoks); - +} #endif diff --git a/src/parser/parse_ip.cc b/src/parser/parse_ip.cc index d0cc3db26..08b91d19c 100644 --- a/src/parser/parse_ip.cc +++ b/src/parser/parse_ip.cc @@ -42,19 +42,19 @@ sfip_var_t* sfip_var_from_string(const char* addr) { if (ret_code == SFIP_LOOKUP_FAILURE) { - ParseError("Undefined variable in the string: %s", addr); + snort::ParseError("Undefined variable in the string: %s", addr); return ret; } else if (ret_code == SFIP_CONFLICT) { - ParseError("Negated IP ranges that equal to or are" + snort::ParseError("Negated IP ranges that equal to or are" " more-specific than non-negated ranges are not allowed." " Consider inverting the logic: %s.", addr); return ret; } else { - ParseError("Unable to process the IP address: %s", addr); + snort::ParseError("Unable to process the IP address: %s", addr); return ret; } } diff --git a/src/parser/parse_ports.cc b/src/parser/parse_ports.cc index 3242143e3..f453aa211 100644 --- a/src/parser/parse_ports.cc +++ b/src/parser/parse_ports.cc @@ -26,6 +26,8 @@ #include "protocols/packet.h" #include "utils/util.h" +using namespace snort; + static int POParserInit(POParser* pop, const char* s, PortVarTable* pvTable) { memset(pop,0,sizeof(POParser)); @@ -172,7 +174,7 @@ static char* POParserName(POParser* pop) } /* -* Read an unsigned short (a port) +* read an unsigned short (a port) */ static uint16_t POParserGetShort(POParser* pop) { diff --git a/src/parser/parse_stream.cc b/src/parser/parse_stream.cc index e07ecb441..eeeb52deb 100644 --- a/src/parser/parse_stream.cc +++ b/src/parser/parse_stream.cc @@ -32,6 +32,7 @@ #include "parse_conf.h" #include "parse_rule.h" +using namespace snort; using namespace std; static unsigned chars = 0, tokens = 0; diff --git a/src/parser/parse_utils.cc b/src/parser/parse_utils.cc index 227417911..dadd9ad85 100644 --- a/src/parser/parse_utils.cc +++ b/src/parser/parse_utils.cc @@ -29,6 +29,7 @@ #include "log/messages.h" #include "utils/util_cstring.h" +using namespace snort; using namespace std; static inline int xton(int c) diff --git a/src/piglet/piglet_api.h b/src/piglet/piglet_api.h index e1e8a02f6..e90a1e5a4 100644 --- a/src/piglet/piglet_api.h +++ b/src/piglet/piglet_api.h @@ -34,7 +34,7 @@ namespace snort { class Module; struct SnortConfig; -} +} // namespace snort #define PIGLET_API_VERSION 1 @@ -108,7 +108,7 @@ inline void error(std::string fmt, Args&&... args) { fmt.insert(0, "piglet: "); fmt.append("\n"); - ErrorMessage(fmt.c_str(), std::forward(args)...); + snort::ErrorMessage(fmt.c_str(), std::forward(args)...); } } // namespace Piglet diff --git a/src/piglet/piglet_manager.h b/src/piglet/piglet_manager.h index d46598e83..aafcec30f 100644 --- a/src/piglet/piglet_manager.h +++ b/src/piglet/piglet_manager.h @@ -35,10 +35,7 @@ namespace Piglet struct Chunk; struct Api; class BasePlugin; -} -namespace Piglet -{ class Manager { public: diff --git a/src/piglet/piglet_runner.cc b/src/piglet/piglet_runner.cc index ec06ba9a3..17f7eba7a 100644 --- a/src/piglet/piglet_runner.cc +++ b/src/piglet/piglet_runner.cc @@ -34,6 +34,8 @@ #include "piglet_output.h" #include "piglet_utils.h" +using namespace snort; + namespace Piglet { using namespace std; diff --git a/src/piglet/piglet_runner.h b/src/piglet/piglet_runner.h index b14887945..940bad3eb 100644 --- a/src/piglet/piglet_runner.h +++ b/src/piglet/piglet_runner.h @@ -29,10 +29,7 @@ namespace Piglet struct Chunk; struct Test; struct Output; -} -namespace Piglet -{ struct Summary { unsigned passed = 0; diff --git a/src/ports/port_item.cc b/src/ports/port_item.cc index caa2a390d..4606f3a80 100644 --- a/src/ports/port_item.cc +++ b/src/ports/port_item.cc @@ -28,6 +28,8 @@ #include "utils/util.h" #include "utils/util_cstring.h" +using namespace snort; + /* * Create a new PortObjectItem */ diff --git a/src/ports/port_object.cc b/src/ports/port_object.cc index ea59de9e4..cb4d851b2 100644 --- a/src/ports/port_object.cc +++ b/src/ports/port_object.cc @@ -34,6 +34,8 @@ #include "port_item.h" #include "port_utils.h" +using namespace snort; + //------------------------------------------------------------------------- // PortObject - public //------------------------------------------------------------------------- @@ -115,7 +117,7 @@ int PortObjectAddItem(PortObject* po, PortObjectItem* poi, int* errflag) p=(PortObjectItem*)sflist_next(&pos) ) { if ((p->lport == poi->lport) && (p->hport == poi->hport)) - ParseWarning(WARN_RULES, "duplicate ports in list"); + snort::ParseWarning(WARN_RULES, "duplicate ports in list"); } sflist_add_tail(po->item_list, poi); @@ -551,7 +553,7 @@ void PortObjectPrintPortsRaw(PortObject* po) SnortSnprintfAppend(buf, bufsize, " ]"); - LogMessage("%s", buf); + snort::LogMessage("%s", buf); snort_free(buf); } @@ -638,7 +640,7 @@ void PortObjectPrintEx(PortObject* po, po_print_f print_index_map) } SnortSnprintfAppend(po_print_buf, bufsize, " ]\n }\n"); - LogMessage("%s", po_print_buf); + snort::LogMessage("%s", po_print_buf); snort_free(rlist); } diff --git a/src/ports/port_object2.cc b/src/ports/port_object2.cc index d83b3795b..435b1631b 100644 --- a/src/ports/port_object2.cc +++ b/src/ports/port_object2.cc @@ -34,6 +34,8 @@ #include "port_object.h" #include "port_utils.h" +using namespace snort; + #define PO_EXTRA_RULE_CNT 25 //------------------------------------------------------------------------- diff --git a/src/ports/port_object2.h b/src/ports/port_object2.h index a83558f77..22c946d53 100644 --- a/src/ports/port_object2.h +++ b/src/ports/port_object2.h @@ -30,6 +30,7 @@ // PortObject2 is similar to PortObject //------------------------------------------------------------------------- + struct PortObject; struct PortObject2 @@ -40,7 +41,7 @@ struct PortObject2 int id; /* internal tracking - compiling sets this value */ SF_LIST* item_list; /* list of port and port-range items */ - GHash* rule_hash; /* hash of rule (rule-indexes) in use */ + snort::GHash* rule_hash; /* hash of rule (rule-indexes) in use */ PortBitSet* port_list; /* for collecting ports that use this object */ struct PortGroup* group; /* PortGroup based on rule_hash */ diff --git a/src/ports/port_table.cc b/src/ports/port_table.cc index 39a919de6..27a3e9d07 100644 --- a/src/ports/port_table.cc +++ b/src/ports/port_table.cc @@ -33,6 +33,8 @@ #include "port_utils.h" +using namespace snort; + #define PTBL_LRC_DEFAULT 10 #define PO_INIT_ID 1000000 #define PO_HASH_TBL_ROWS 10000 diff --git a/src/ports/port_table.h b/src/ports/port_table.h index 89600ae4d..24f02a6ba 100644 --- a/src/ports/port_table.h +++ b/src/ports/port_table.h @@ -49,8 +49,8 @@ struct PortTable int pt_poid; /* Compiled / merged port object hash table */ - GHash* pt_mpo_hash; - GHash* pt_mpxo_hash; + snort::GHash* pt_mpo_hash; + snort::GHash* pt_mpxo_hash; /* * Final Port/Rule Groupings, one port object per port, or null diff --git a/src/ports/port_utils.cc b/src/ports/port_utils.cc index d606f218f..77a14cccd 100644 --- a/src/ports/port_utils.cc +++ b/src/ports/port_utils.cc @@ -28,6 +28,8 @@ #include "port_item.h" #include "port_object.h" +using namespace snort; + //------------------------------------------------------------------------- // bitset conversions //------------------------------------------------------------------------- diff --git a/src/ports/port_var_table.cc b/src/ports/port_var_table.cc index f123b0563..807e244dd 100644 --- a/src/ports/port_var_table.cc +++ b/src/ports/port_var_table.cc @@ -23,6 +23,8 @@ #include "port_var_table.h" +using namespace snort; + //------------------------------------------------------------------------- // PortVarTable //------------------------------------------------------------------------- diff --git a/src/ports/port_var_table.h b/src/ports/port_var_table.h index d5b7f3a43..46331d901 100644 --- a/src/ports/port_var_table.h +++ b/src/ports/port_var_table.h @@ -32,7 +32,7 @@ // PortVars are internally stored in PortObjects //------------------------------------------------------------------------- -typedef GHash PortVarTable; +typedef snort::GHash PortVarTable; PortVarTable* PortVarTableCreate(); int PortVarTableFree(PortVarTable* pvt); diff --git a/src/ports/rule_port_tables.cc b/src/ports/rule_port_tables.cc index fed8034ff..a7bc90fbf 100644 --- a/src/ports/rule_port_tables.cc +++ b/src/ports/rule_port_tables.cc @@ -39,7 +39,7 @@ PortProto::PortProto() nfp = PortObjectNew(); if ( !src or !dst or !any or !nfp ) - ParseAbort("can't allocate port structs"); + snort::ParseAbort("can't allocate port structs"); // someday these could be read from snort.conf, something like... // 'config portlist: large-rule-count ' @@ -70,7 +70,7 @@ RulePortTables* PortTablesNew() RulePortTables* rpt = new RulePortTables; if ( !(rpt->svc_any = PortObjectNew()) ) - ParseAbort("ParseRulesFile udp any-any PortObjectNew() failed"); + snort::ParseAbort("ParseRulesFile udp any-any PortObjectNew() failed"); PortObjectAddPortAny(rpt->svc_any); diff --git a/src/profiler/memory_defs.h b/src/profiler/memory_defs.h index 34c7f2854..8e225356a 100644 --- a/src/profiler/memory_defs.h +++ b/src/profiler/memory_defs.h @@ -113,7 +113,7 @@ struct CombinedMemoryStats inline void CombinedMemoryStats::update_allocs(size_t n) { - if ( is_packet_thread() ) + if ( snort::is_packet_thread() ) runtime.update_allocs(n); else startup.update_allocs(n); @@ -121,7 +121,7 @@ inline void CombinedMemoryStats::update_allocs(size_t n) inline void CombinedMemoryStats::update_deallocs(size_t n) { - if ( is_packet_thread() ) + if ( snort::is_packet_thread() ) runtime.update_deallocs(n); else startup.update_deallocs(n); diff --git a/src/profiler/profiler_printer.h b/src/profiler/profiler_printer.h index e8bbf3bef..b888e8492 100644 --- a/src/profiler/profiler_printer.h +++ b/src/profiler/profiler_printer.h @@ -91,7 +91,7 @@ public: table << StatsTable::HEADER; } - LogMessage("%s", ss.str().c_str()); + snort::LogMessage("%s", ss.str().c_str()); print_recursive(root, root, 1, count, max_depth); print_row(root, root, 0, 0); @@ -159,7 +159,7 @@ public: table << cur.view.pct_caller() << cur.view.pct_of(root.view.get_stats()); } - LogMessage("%s", ss.str().c_str()); + snort::LogMessage("%s", ss.str().c_str()); } private: diff --git a/src/profiler/time_profiler_defs.h b/src/profiler/time_profiler_defs.h index d51da3b68..fbb506d44 100644 --- a/src/profiler/time_profiler_defs.h +++ b/src/profiler/time_profiler_defs.h @@ -40,6 +40,8 @@ struct TimeProfilerConfig int max_depth = -1; }; +namespace snort +{ struct SO_PUBLIC TimeProfilerStats { hr_duration elapsed; @@ -138,4 +140,5 @@ private: TimeContext ctx; }; +} // namespace snort #endif diff --git a/src/protocols/packet.h b/src/protocols/packet.h index b57199195..4f5769db9 100644 --- a/src/protocols/packet.h +++ b/src/protocols/packet.h @@ -27,13 +27,13 @@ #include "main/snort_types.h" #include "target_based/snort_protocols.h" -class Endianness; -class Obfuscator; namespace snort { +class Endianness; class Flow; class IpsContext; +class Obfuscator; /* packet status flags */ #define PKT_REBUILT_FRAG 0x00000001 /* is a rebuilt fragment */ diff --git a/src/protocols/ssl.cc b/src/protocols/ssl.cc index bd1904a1e..e62616edf 100644 --- a/src/protocols/ssl.cc +++ b/src/protocols/ssl.cc @@ -40,65 +40,6 @@ #define SSL2_CHELLO_BYTE 0x01 #define SSL2_SHELLO_BYTE 0x04 -/* very simplistic - just enough to say this is binary data - the rules will make a final -* judgement. Should maybe add an option to the imap configuration to enable the -* continuing of command inspection like ftptelnet. */ -bool IsTlsClientHello(const uint8_t* ptr, const uint8_t* end) -{ - /* at least 3 bytes of data - see below */ - if ((end - ptr) < 3) - return false; - - if ((ptr[0] == SSL3_FIRST_BYTE) && (ptr[1] == SSL3_SECOND_BYTE)) - { - /* TLS v1 or SSLv3 */ - return true; - } - else if ((ptr[2] == SSL2_CHELLO_BYTE) || (ptr[3] == SSL2_CHELLO_BYTE)) - { - /* SSLv2 */ - return true; - } - - return false; -} - -/* this may at least tell us whether the server accepted the client hello by the presence - * of binary data */ - -bool IsTlsServerHello(const uint8_t* ptr, const uint8_t* end) -{ - /* at least 3 bytes of data - see below */ - if ((end - ptr) < 3) - return false; - - if ((ptr[0] == SSL3_FIRST_BYTE) && (ptr[1] == SSL3_SECOND_BYTE)) - { - /* TLS v1 or SSLv3 */ - return true; - } - else if (ptr[2] == SSL2_SHELLO_BYTE) - { - /* SSLv2 */ - return true; - } - - return false; -} - -bool IsSSL(const uint8_t* ptr, int len, int pkt_flags) -{ - uint32_t ssl_flags = SSL_decode(ptr, len, pkt_flags, 0, nullptr, nullptr, 0); - - if ((ssl_flags != SSL_ARG_ERROR_FLAG) && - !(ssl_flags & SSL_ERROR_FLAGS)) - { - return true; - } - - return false; -} - static uint32_t SSL_decode_version_v3(uint8_t major, uint8_t minor) { /* Should only be called internally and by functions which have previously @@ -480,6 +421,8 @@ static uint32_t SSL_decode_v2(const uint8_t* pkt, int size, uint32_t pkt_flags) return retval | SSL_VER_SSLV2_FLAG; } +namespace snort +{ uint32_t SSL_decode( const uint8_t* pkt, int size, uint32_t pkt_flags, uint32_t prev_flags, uint8_t* alert_flags, uint16_t* partial_rec_len, int max_hb_len) @@ -553,3 +496,63 @@ uint32_t SSL_decode( return SSL_decode_v3(pkt, size, pkt_flags, alert_flags, partial_rec_len, max_hb_len); } +/* very simplistic - just enough to say this is binary data - the rules will make a final +* judgement. Should maybe add an option to the imap configuration to enable the +* continuing of command inspection like ftptelnet. */ +bool IsTlsClientHello(const uint8_t* ptr, const uint8_t* end) +{ + /* at least 3 bytes of data - see below */ + if ((end - ptr) < 3) + return false; + + if ((ptr[0] == SSL3_FIRST_BYTE) && (ptr[1] == SSL3_SECOND_BYTE)) + { + /* TLS v1 or SSLv3 */ + return true; + } + else if ((ptr[2] == SSL2_CHELLO_BYTE) || (ptr[3] == SSL2_CHELLO_BYTE)) + { + /* SSLv2 */ + return true; + } + + return false; +} + +/* this may at least tell us whether the server accepted the client hello by the presence + * of binary data */ + +bool IsTlsServerHello(const uint8_t* ptr, const uint8_t* end) +{ + /* at least 3 bytes of data - see below */ + if ((end - ptr) < 3) + return false; + + if ((ptr[0] == SSL3_FIRST_BYTE) && (ptr[1] == SSL3_SECOND_BYTE)) + { + /* TLS v1 or SSLv3 */ + return true; + } + else if (ptr[2] == SSL2_SHELLO_BYTE) + { + /* SSLv2 */ + return true; + } + + return false; +} + +bool IsSSL(const uint8_t* ptr, int len, int pkt_flags) +{ + uint32_t ssl_flags = SSL_decode(ptr, len, pkt_flags, 0, nullptr, nullptr, 0); + + if ((ssl_flags != SSL_ARG_ERROR_FLAG) && + !(ssl_flags & SSL_ERROR_FLAGS)) + { + return true; + } + + return false; +} + +} // namespace snort diff --git a/src/protocols/ssl.h b/src/protocols/ssl.h index 5bb29c3c1..7df10a20a 100644 --- a/src/protocols/ssl.h +++ b/src/protocols/ssl.h @@ -213,6 +213,8 @@ struct SSLv2_shello_t #define SSL_HEARTBLEED_RESPONSE 0x02 #define SSL_HEARTBLEED_UNKNOWN 0x04 +namespace snort +{ SO_PUBLIC uint32_t SSL_decode( const uint8_t* pkt, int size, uint32_t pktflags, uint32_t prevflags, uint8_t* alert_flags, uint16_t* partial_rec_len, int hblen); @@ -220,6 +222,6 @@ SO_PUBLIC uint32_t SSL_decode( SO_PUBLIC bool IsTlsClientHello(const uint8_t* ptr, const uint8_t* end); SO_PUBLIC bool IsTlsServerHello(const uint8_t* ptr, const uint8_t* end); SO_PUBLIC bool IsSSL(const uint8_t* ptr, int len, int pkt_flags); - +} #endif diff --git a/src/pub_sub/http_events.cc b/src/pub_sub/http_events.cc index 4c6daefa6..63e894ad3 100644 --- a/src/pub_sub/http_events.cc +++ b/src/pub_sub/http_events.cc @@ -29,6 +29,8 @@ #include "service_inspectors/http_inspect/http_msg_header.h" #include "service_inspectors/http_inspect/http_msg_request.h" +using namespace snort; + const uint8_t* HttpEvent::get_header(unsigned id, uint64_t sub_id, int32_t& length) { const Field& field = http_msg_header->get_classic_buffer(id, sub_id, 0); diff --git a/src/pub_sub/http_events.h b/src/pub_sub/http_events.h index e6327c1a3..bc5ff1a1b 100644 --- a/src/pub_sub/http_events.h +++ b/src/pub_sub/http_events.h @@ -31,6 +31,8 @@ class HttpMsgHeader; +namespace snort +{ class SO_PUBLIC HttpEvent : public snort::DataEvent { public: @@ -59,6 +61,6 @@ private: const uint8_t* get_header(unsigned, uint64_t, int32_t&); }; - +} #endif diff --git a/src/search_engines/acsmx2.cc b/src/search_engines/acsmx2.cc index 84d42e12b..3f29fc554 100644 --- a/src/search_engines/acsmx2.cc +++ b/src/search_engines/acsmx2.cc @@ -124,9 +124,11 @@ #include "utils/stats.h" #include "utils/util.h" +using namespace snort; + #define printf LogMessage -#define MEMASSERT(p,s) if (!(p)) { FatalError("ACSM-No Memory: %s\n",s); } +#define MEMASSERT(p,s) if (!(p)) { snort::FatalError("ACSM-No Memory: %s\n",s); } static int acsm2_total_memory = 0; static int acsm2_pattern_memory = 0; diff --git a/src/search_engines/bnfa_search.cc b/src/search_engines/bnfa_search.cc index c31c01e20..193cab2d1 100644 --- a/src/search_engines/bnfa_search.cc +++ b/src/search_engines/bnfa_search.cc @@ -152,6 +152,8 @@ #include "utils/stats.h" #include "utils/util.h" +using namespace snort; + /* * Used to initialize last state, states are limited to 0-16M * so this will not conflict. diff --git a/src/search_engines/pat_stats.h b/src/search_engines/pat_stats.h index 84209bc0e..0d8fcc9b5 100644 --- a/src/search_engines/pat_stats.h +++ b/src/search_engines/pat_stats.h @@ -37,7 +37,9 @@ struct PatMatQStat PegCount matched_bytes; }; +namespace snort +{ SO_PUBLIC extern THREAD_LOCAL PatMatQStat pmqs; - +} #endif diff --git a/src/search_engines/test/hyperscan_test.cc b/src/search_engines/test/hyperscan_test.cc index b32c503ee..c2cb7e2a4 100644 --- a/src/search_engines/test/hyperscan_test.cc +++ b/src/search_engines/test/hyperscan_test.cc @@ -83,6 +83,16 @@ int SnortConfig::request_scratch(ScScratchFunc setup, ScScratchFunc cleanup) SnortConfig* SnortConfig::get_conf() { return snort_conf; } +static unsigned parse_errors = 0; +void ParseError(const char*, ...) +{ parse_errors++; } + +void LogCount(char const*, uint64_t, FILE*) +{ } + +unsigned get_instance_id() +{ return 0; } + } //------------------------------------------------------------------------- // stubs, spies, etc. @@ -91,22 +101,11 @@ SnortConfig* SnortConfig::get_conf() extern const BaseApi* se_hyperscan; static unsigned hits = 0; -static unsigned parse_errors = 0; - -void ParseError(const char*, ...) -{ parse_errors++; } - -void LogCount(char const*, uint64_t, FILE*) -{ } static int match( void* /*user*/, void* /*tree*/, int /*index*/, void* /*context*/, void* /*list*/) { ++hits; return 0; } - -unsigned get_instance_id() -{ return 0; } - static void* s_user = (void*)"user"; static void* s_tree = (void*)"tree"; static void* s_list = (void*)"list"; diff --git a/src/search_engines/test/search_tool_test.cc b/src/search_engines/test/search_tool_test.cc index 0bf7084b3..c886ca74b 100644 --- a/src/search_engines/test/search_tool_test.cc +++ b/src/search_engines/test/search_tool_test.cc @@ -64,34 +64,18 @@ SnortConfig::~SnortConfig() = default; SnortConfig* SnortConfig::get_conf() { return snort_conf; } -} unsigned get_instance_id() { return 0; } -void LogValue(const char*, const char*, FILE*) -{ -} - -SO_PUBLIC void LogMessage(const char*, ...) -{ -} - -[[noreturn]] void FatalError(const char*,...) -{ - exit(1); -} - -void LogCount(char const*, uint64_t, FILE*) -{ } - -void LogStat(const char*, double, FILE*) -{} +void LogValue(const char*, const char*, FILE*) { } +SO_PUBLIC void LogMessage(const char*, ...) { } +[[noreturn]] void FatalError(const char*,...) { exit(1); } +void LogCount(char const*, uint64_t, FILE*) { } +void LogStat(const char*, double, FILE*) { } static void* s_tree = (void*)"tree"; static void* s_list = (void*)"list"; -namespace snort -{ static MpseAgent s_agent = { [](struct SnortConfig* sc, void*, void** ppt) diff --git a/src/service_inspectors/back_orifice/back_orifice.cc b/src/service_inspectors/back_orifice/back_orifice.cc index 7bfbb83a8..c374a168f 100644 --- a/src/service_inspectors/back_orifice/back_orifice.cc +++ b/src/service_inspectors/back_orifice/back_orifice.cc @@ -198,7 +198,7 @@ public: }; const PegInfo* BoModule::get_pegs() const -{ return simple_pegs; } +{ return snort::simple_pegs; } PegCount* BoModule::get_counts() const { return (PegCount*)&bostats; } diff --git a/src/service_inspectors/dce_rpc/dce_common.h b/src/service_inspectors/dce_rpc/dce_common.h index 616ce004a..8cb5454e5 100644 --- a/src/service_inspectors/dce_rpc/dce_common.h +++ b/src/service_inspectors/dce_rpc/dce_common.h @@ -210,7 +210,7 @@ struct DCE2_SsnData uint32_t srv_nseq; }; -class DceEndianness : public Endianness +class DceEndianness : public snort::Endianness { public: int hdr_byte_order; /* Set to sentinel if not applicable */ diff --git a/src/service_inspectors/dce_rpc/dce_smb.cc b/src/service_inspectors/dce_rpc/dce_smb.cc index bd332c4c3..cd8ae025b 100644 --- a/src/service_inspectors/dce_rpc/dce_smb.cc +++ b/src/service_inspectors/dce_rpc/dce_smb.cc @@ -384,9 +384,7 @@ void Dce2Smb::eval(snort::Packet* p) assert(p->flow); if (p->flow->get_session_flags() & SSNFLAG_MIDSTREAM) - { return; - } dce2_smb_sess = dce2_handle_smb_session(p, &config); @@ -395,7 +393,7 @@ void Dce2Smb::eval(snort::Packet* p) p->packet_flags |= PKT_ALLOW_MULTIPLE_DETECT; dce2_detected = 0; - p->endianness = (Endianness*)new DceEndianness(); + p->endianness = (snort::Endianness*)new DceEndianness(); DCE2_SmbProcess(dce2_smb_sess); diff --git a/src/service_inspectors/dce_rpc/dce_smb_commands.cc b/src/service_inspectors/dce_rpc/dce_smb_commands.cc index 46eb12410..c6ea3f379 100644 --- a/src/service_inspectors/dce_rpc/dce_smb_commands.cc +++ b/src/service_inspectors/dce_rpc/dce_smb_commands.cc @@ -32,6 +32,8 @@ #include "dce_smb_module.h" #include "dce_smb_transaction_utils.h" +using namespace snort; + #define SMB_DIALECT_NT_LM_012 "NT LM 0.12" // NT LAN Manager #define SERVICE_0 (0) // IPC start diff --git a/src/service_inspectors/dce_rpc/dce_smb_transaction.cc b/src/service_inspectors/dce_rpc/dce_smb_transaction.cc index 5edafdc5a..68f13997d 100644 --- a/src/service_inspectors/dce_rpc/dce_smb_transaction.cc +++ b/src/service_inspectors/dce_rpc/dce_smb_transaction.cc @@ -30,6 +30,8 @@ #include "dce_smb_module.h" #include "dce_smb_transaction_utils.h" +using namespace snort; + #define DCE2_SMB_TRANS__NONE 0x00 #define DCE2_SMB_TRANS__DATA 0x01 #define DCE2_SMB_TRANS__PARAMS 0x02 diff --git a/src/service_inspectors/ftp_telnet/ft_main.cc b/src/service_inspectors/ftp_telnet/ft_main.cc index 709b6b0bf..eb30e5fd0 100644 --- a/src/service_inspectors/ftp_telnet/ft_main.cc +++ b/src/service_inspectors/ftp_telnet/ft_main.cc @@ -125,7 +125,7 @@ static int CheckFTPCmdOptions(FTP_SERVER_PROTO_CONF* serverConf) if ( cmdConf->check_validity && !len ) { - ErrorMessage("FTPConfigCheck() configuration for server, " + snort::ErrorMessage("FTPConfigCheck() configuration for server, " "command '%s' has max length of 0 and parameters to validate\n", cmdConf->cmd_name); config_error = 1; @@ -150,7 +150,7 @@ int CheckFTPServerConfigs(snort::SnortConfig*, FTP_SERVER_PROTO_CONF* serverConf { if (CheckFTPCmdOptions(serverConf)) { - ErrorMessage("FTPConfigCheck(): invalid configuration for FTP commands\n"); + snort::ErrorMessage("FTPConfigCheck(): invalid configuration for FTP commands\n"); return -1; } return 0; @@ -163,7 +163,7 @@ int FTPCheckConfigs(snort::SnortConfig* sc, void* pData) if ( !config ) { - ErrorMessage("FTP configuration requires " + snort::ErrorMessage("FTP configuration requires " "default client and default server configurations.\n"); return -1; } @@ -175,13 +175,13 @@ int FTPCheckConfigs(snort::SnortConfig* sc, void* pData) // Verify that FTP client and FTP data inspectors are initialized. if(!snort::InspectorManager::get_inspector(FTP_CLIENT_NAME, false)) { - ParseError("ftp_server requires that %s also be configured.", FTP_CLIENT_NAME); + snort::ParseError("ftp_server requires that %s also be configured.", FTP_CLIENT_NAME); return -1; } if(!snort::InspectorManager::get_inspector(FTP_DATA_NAME, false)) { - ParseError("ftp_server requires that %s also be configured.", FTP_DATA_NAME); + snort::ParseError("ftp_server requires that %s also be configured.", FTP_DATA_NAME); return -1; } diff --git a/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.cc b/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.cc index f1212aefc..b4658802e 100644 --- a/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.cc +++ b/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.cc @@ -44,6 +44,8 @@ #include "ft_main.h" #include "ftpp_return_codes.h" +using namespace snort; + /* * Function: ftp_bounce_lookup_init(BOUNCE_LOOKUP **BounceLookup) * diff --git a/src/service_inspectors/ftp_telnet/ftp_cmd_lookup.cc b/src/service_inspectors/ftp_telnet/ftp_cmd_lookup.cc index 8589a59f7..4d05bf28b 100644 --- a/src/service_inspectors/ftp_telnet/ftp_cmd_lookup.cc +++ b/src/service_inspectors/ftp_telnet/ftp_cmd_lookup.cc @@ -43,6 +43,8 @@ #include "ft_main.h" #include "ftpp_return_codes.h" +using namespace snort; + /* * Function: ftp_cmd_lookup_init(CMD_LOOKUP **CmdLookup) * diff --git a/src/service_inspectors/ftp_telnet/ftp_data.cc b/src/service_inspectors/ftp_telnet/ftp_data.cc index a631f38ba..b8aeeb744 100644 --- a/src/service_inspectors/ftp_telnet/ftp_data.cc +++ b/src/service_inspectors/ftp_telnet/ftp_data.cc @@ -251,7 +251,7 @@ public: }; const PegInfo* FtpDataModule::get_pegs() const -{ return simple_pegs; } +{ return snort::simple_pegs; } PegCount* FtpDataModule::get_counts() const { return (PegCount*)&fdstats; } diff --git a/src/service_inspectors/ftp_telnet/ftp_parse.cc b/src/service_inspectors/ftp_telnet/ftp_parse.cc index 83d7e50e2..94c8bac89 100644 --- a/src/service_inspectors/ftp_telnet/ftp_parse.cc +++ b/src/service_inspectors/ftp_telnet/ftp_parse.cc @@ -413,7 +413,7 @@ static int DoNextFormat(FTP_PARAM_FMT* ThisFmt, int allocated, { /* explicit check that we have enough room for copy */ if (numChoices <= ThisFmt->numChoices) - ParseError("Can't do memcpy - index out of range "); + snort::ParseError("Can't do memcpy - index out of range "); memcpy(tmpChoices, ThisFmt->choices, sizeof(FTP_PARAM_FMT*) * ThisFmt->numChoices); @@ -646,7 +646,7 @@ int ProcessFTPAllowBounce( if (iRet) { - ParseError("Failed to add configuration for Bounce object '%s'.", ALLOW_BOUNCE); + snort::ParseError("Failed to add configuration for Bounce object '%s'.", ALLOW_BOUNCE); snort_free(newBounce); return FTPP_FATAL_ERR; } diff --git a/src/service_inspectors/ftp_telnet/ftp_print.cc b/src/service_inspectors/ftp_telnet/ftp_print.cc index 4d2fd71c3..02af001ed 100644 --- a/src/service_inspectors/ftp_telnet/ftp_print.cc +++ b/src/service_inspectors/ftp_telnet/ftp_print.cc @@ -40,6 +40,8 @@ #include "ftp_parse.h" #include "ftpp_return_codes.h" +using namespace snort; + int PrintConfOpt(bool on, const char* Option) { LogMessage(" %s: %s\n", Option, on ? "ON" : "OFF"); diff --git a/src/service_inspectors/gtp/gtp_parser.cc b/src/service_inspectors/gtp/gtp_parser.cc index f1476a4f4..f0c878121 100644 --- a/src/service_inspectors/gtp/gtp_parser.cc +++ b/src/service_inspectors/gtp/gtp_parser.cc @@ -37,6 +37,8 @@ #include "gtp_inspect.h" #include "gtp_module.h" +using namespace snort; + #pragma pack(1) static inline void alert(int sid) { diff --git a/src/service_inspectors/http2_inspect/http2_inspect.h b/src/service_inspectors/http2_inspect/http2_inspect.h index ae0a9de14..4d9601f4f 100644 --- a/src/service_inspectors/http2_inspect/http2_inspect.h +++ b/src/service_inspectors/http2_inspect/http2_inspect.h @@ -44,7 +44,7 @@ public: bool get_fp_buf(snort::InspectionBuffer::Type ibt, snort::Packet* p, snort::InspectionBuffer& b) override; bool configure(snort::SnortConfig*) override; - void show(snort::SnortConfig*) override { LogMessage("Http2Inspect\n"); } + void show(snort::SnortConfig*) override { snort::LogMessage("Http2Inspect\n"); } void eval(snort::Packet* p) override; void clear(snort::Packet* p) override; void tinit() override { } diff --git a/src/service_inspectors/http_inspect/http_event_gen.h b/src/service_inspectors/http_inspect/http_event_gen.h index 168813683..7005538e8 100644 --- a/src/service_inspectors/http_inspect/http_event_gen.h +++ b/src/service_inspectors/http_inspect/http_event_gen.h @@ -52,7 +52,7 @@ public: void generate_misformatted_http(const uint8_t* buffer, uint32_t length) { - if ( SnortStrnStr((const char*)buffer, length, "HTTP/") != nullptr ) + if ( snort::SnortStrnStr((const char*)buffer, length, "HTTP/") != nullptr ) create_event(HttpEnums::EVENT_MISFORMATTED_HTTP); else create_event(HttpEnums::EVENT_LOSS_OF_SYNC); diff --git a/src/service_inspectors/http_inspect/http_flow_data.cc b/src/service_inspectors/http_inspect/http_flow_data.cc index 6da55d977..00e216040 100644 --- a/src/service_inspectors/http_inspect/http_flow_data.cc +++ b/src/service_inspectors/http_inspect/http_flow_data.cc @@ -29,6 +29,7 @@ #include "http_test_manager.h" #include "http_transaction.h" +using namespace snort; using namespace HttpEnums; unsigned HttpFlowData::inspector_id = 0; diff --git a/src/service_inspectors/http_inspect/http_flow_data.h b/src/service_inspectors/http_inspect/http_flow_data.h index dde8cbc3b..19f8a2723 100644 --- a/src/service_inspectors/http_inspect/http_flow_data.h +++ b/src/service_inspectors/http_inspect/http_flow_data.h @@ -131,7 +131,7 @@ private: int64_t detect_depth_remaining[2] = { HttpEnums::STAT_NOT_PRESENT, HttpEnums::STAT_NOT_PRESENT }; snort::MimeSession* mime_state[2] = { nullptr, nullptr }; - UtfDecodeSession* utf_state = nullptr; // SRC_SERVER only + snort::UtfDecodeSession* utf_state = nullptr; // SRC_SERVER only fd_session_t* fd_state = nullptr; // SRC_SERVER only struct FdCallbackContext { diff --git a/src/service_inspectors/http_inspect/http_inspect.h b/src/service_inspectors/http_inspect/http_inspect.h index 69250ba52..7c1204f91 100644 --- a/src/service_inspectors/http_inspect/http_inspect.h +++ b/src/service_inspectors/http_inspect/http_inspect.h @@ -46,7 +46,7 @@ public: snort::InspectionBuffer& b); bool get_fp_buf(snort::InspectionBuffer::Type ibt, snort::Packet* p, snort::InspectionBuffer& b) override; bool configure(snort::SnortConfig*) override; - void show(snort::SnortConfig*) override { LogMessage("HttpInspect\n"); } + void show(snort::SnortConfig*) override { snort::LogMessage("HttpInspect\n"); } void eval(snort::Packet* p) override; void clear(snort::Packet* p) override; void tinit() override { } diff --git a/src/service_inspectors/http_inspect/http_js_norm.cc b/src/service_inspectors/http_inspect/http_js_norm.cc index 787d8bfe3..7ed3d5441 100644 --- a/src/service_inspectors/http_inspect/http_js_norm.cc +++ b/src/service_inspectors/http_inspect/http_js_norm.cc @@ -27,6 +27,7 @@ #include "utils/safec.h" using namespace HttpEnums; +using namespace snort; HttpJsNorm::HttpJsNorm(int max_javascript_whitespaces_, const HttpParaList::UriParam& uri_param_) : max_javascript_whitespaces(max_javascript_whitespaces_), uri_param(uri_param_), diff --git a/src/service_inspectors/http_inspect/http_msg_body.cc b/src/service_inspectors/http_inspect/http_msg_body.cc index 9d3b3c7d6..a654c4d6f 100644 --- a/src/service_inspectors/http_inspect/http_msg_body.cc +++ b/src/service_inspectors/http_inspect/http_msg_body.cc @@ -29,6 +29,7 @@ #include "http_js_norm.h" #include "http_msg_request.h" +using namespace snort; using namespace HttpEnums; HttpMsgBody::HttpMsgBody(const uint8_t* buffer, const uint16_t buf_size, diff --git a/src/service_inspectors/http_inspect/http_msg_header.h b/src/service_inspectors/http_inspect/http_msg_header.h index 7265e1caf..28daf2a5c 100644 --- a/src/service_inspectors/http_inspect/http_msg_header.h +++ b/src/service_inspectors/http_inspect/http_msg_header.h @@ -47,7 +47,7 @@ public: private: // Dummy configurations to support MIME processing MailLogConfig mime_conf; - DecodeConfig decode_conf; + snort::DecodeConfig decode_conf; void prepare_body(); void setup_file_processing(); diff --git a/src/service_inspectors/http_inspect/http_uri.cc b/src/service_inspectors/http_inspect/http_uri.cc index 6bc2e91f9..c56b0c1aa 100644 --- a/src/service_inspectors/http_inspect/http_uri.cc +++ b/src/service_inspectors/http_inspect/http_uri.cc @@ -317,7 +317,7 @@ size_t HttpUri::get_file_proc_hash() if (abs_path.length() > 0 ) { - abs_path_hash = str_to_hash(abs_path.start(), abs_path.length()); + abs_path_hash = snort::str_to_hash(abs_path.start(), abs_path.length()); } return abs_path_hash; diff --git a/src/service_inspectors/http_inspect/http_uri_norm.cc b/src/service_inspectors/http_inspect/http_uri_norm.cc index d3f72baf3..068169fdb 100644 --- a/src/service_inspectors/http_inspect/http_uri_norm.cc +++ b/src/service_inspectors/http_inspect/http_uri_norm.cc @@ -633,21 +633,21 @@ void UriNormalizer::load_unicode_map(uint8_t map[65536], const char* filename, i FILE* file = fopen(filename, "r"); if (file == nullptr) { - ParseError("Cannot open unicode map file %s", filename); + snort::ParseError("Cannot open unicode map file %s", filename); return; } // Advance file to the desired code page if (!advance_to_code_page(file, code_page)) { - ParseError("Did not find code page %d in unicode map file %s", code_page, filename); + snort::ParseError("Did not find code page %d in unicode map file %s", code_page, filename); fclose(file); return; } if (!map_code_points(file, map)) { - ParseError("Error while reading code page %d in unicode map file %s", code_page, filename); + snort::ParseError("Error while reading code page %d in unicode map file %s", code_page, filename); fclose(file); return; } diff --git a/src/service_inspectors/http_inspect/test/http_module_test.cc b/src/service_inspectors/http_inspect/test/http_module_test.cc index 3a76f4632..b4e8c96d1 100644 --- a/src/service_inspectors/http_inspect/test/http_module_test.cc +++ b/src/service_inspectors/http_inspect/test/http_module_test.cc @@ -37,17 +37,20 @@ using namespace snort; using namespace HttpEnums; +namespace snort +{ // Stubs whose sole purpose is to make the test code link void ParseWarning(WarningGroup, const char*, ...) {} void ParseError(const char*, ...) {} +void Value::get_bits(std::bitset<256ul>&) const {} +int DetectionEngine::queue_event(unsigned int, unsigned int, Actions::Type) { return 0; } +} + void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } void show_stats(SimpleStats*, const char*) { } -void Value::get_bits(std::bitset<256ul>&) const {} -int DetectionEngine::queue_event(unsigned int, unsigned int, Actions::Type) { return 0; } - int32_t str_to_code(const uint8_t*, const int32_t, const StrCode []) { return 0; } int32_t substr_to_code(const uint8_t*, const int32_t, const StrCode []) { return 0; } long HttpTestManager::print_amount {}; diff --git a/src/service_inspectors/http_inspect/test/http_transaction_test.cc b/src/service_inspectors/http_inspect/test/http_transaction_test.cc index 1a37de231..fd0942324 100644 --- a/src/service_inspectors/http_inspect/test/http_transaction_test.cc +++ b/src/service_inspectors/http_inspect/test/http_transaction_test.cc @@ -35,13 +35,17 @@ using namespace snort; using namespace HttpEnums; +namespace snort +{ // Stubs whose sole purpose is to make the test code link unsigned FlowData::flow_data_id = 0; FlowData::FlowData(unsigned, Inspector*) {} FlowData::~FlowData() = default; int DetectionEngine::queue_event(unsigned int, unsigned int, Actions::Type) { return 0; } -THREAD_LOCAL PegCount HttpModule::peg_counts[1]; fd_status_t File_Decomp_StopFree(fd_session_t*) { return File_Decomp_OK; } +} + +THREAD_LOCAL PegCount HttpModule::peg_counts[1]; class HttpUnitTestSetup { diff --git a/src/service_inspectors/http_inspect/test/http_uri_norm_test.cc b/src/service_inspectors/http_inspect/test/http_uri_norm_test.cc index ed00b1d1e..472ffab19 100644 --- a/src/service_inspectors/http_inspect/test/http_uri_norm_test.cc +++ b/src/service_inspectors/http_inspect/test/http_uri_norm_test.cc @@ -33,17 +33,19 @@ using namespace snort; +namespace snort +{ // Stubs whose sole purpose is to make the test code link void ParseWarning(WarningGroup, const char*, ...) {} void ParseError(const char*, ...) {} +void Value::get_bits(std::bitset<256ul>&) const {} +int DetectionEngine::queue_event(unsigned int, unsigned int, Actions::Type) { return 0; } +} void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } void show_stats( PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } void show_stats(SimpleStats*, const char*) { } -void Value::get_bits(std::bitset<256ul>&) const {} -int DetectionEngine::queue_event(unsigned int, unsigned int, Actions::Type) { return 0; } - HttpJsNorm::HttpJsNorm(int, const HttpParaList::UriParam& uri_param_) : max_javascript_whitespaces(0), uri_param(uri_param_), javascript_search_mpse(nullptr), htmltype_search_mpse(nullptr) {} diff --git a/src/service_inspectors/imap/imap_config.h b/src/service_inspectors/imap/imap_config.h index 0a00fecb8..1f5d1e08e 100644 --- a/src/service_inspectors/imap/imap_config.h +++ b/src/service_inspectors/imap/imap_config.h @@ -25,7 +25,7 @@ struct IMAP_PROTO_CONF { - DecodeConfig decode_conf; + snort::DecodeConfig decode_conf; MailLogConfig log_config; }; diff --git a/src/service_inspectors/pop/pop_config.h b/src/service_inspectors/pop/pop_config.h index 042c00e36..133c9a705 100644 --- a/src/service_inspectors/pop/pop_config.h +++ b/src/service_inspectors/pop/pop_config.h @@ -25,7 +25,7 @@ struct POP_PROTO_CONF { - DecodeConfig decode_conf; + snort::DecodeConfig decode_conf; MailLogConfig log_config; }; diff --git a/src/service_inspectors/sip/sip_config.cc b/src/service_inspectors/sip/sip_config.cc index 9d536c2b0..bffaae5e8 100644 --- a/src/service_inspectors/sip/sip_config.cc +++ b/src/service_inspectors/sip/sip_config.cc @@ -29,6 +29,8 @@ #include "main/snort_debug.h" #include "utils/util.h" +using namespace snort; + #define SIP_SEPERATORS "()<>@,;:\\/[]?={}\" " static SIPMethodNode* SIP_AddMethodToList( diff --git a/src/service_inspectors/smtp/smtp_config.h b/src/service_inspectors/smtp/smtp_config.h index 25a33ab90..b579553a2 100644 --- a/src/service_inspectors/smtp/smtp_config.h +++ b/src/service_inspectors/smtp/smtp_config.h @@ -130,7 +130,7 @@ struct SMTP_PROTO_CONF int max_response_line_len = 0; int xlink2state; MailLogConfig log_config; - DecodeConfig decode_conf; + snort::DecodeConfig decode_conf; uint32_t xtra_filename_id; uint32_t xtra_mfrom_id; diff --git a/src/sfip/sf_ip.h b/src/sfip/sf_ip.h index d7a370adc..00f0bad2a 100644 --- a/src/sfip/sf_ip.h +++ b/src/sfip/sf_ip.h @@ -471,6 +471,6 @@ inline std::ostream& operator<<(std::ostream& os, const SfIp* addr) // FIXIT-L X This should be in utils_net if anywhere, but that makes it way harder to link into unit tests SO_PUBLIC const char* snort_inet_ntop(int family, const void* ip_raw, char* buf, int bufsize); -} +} // namespace snort #endif diff --git a/src/sfip/sf_vartable.cc b/src/sfip/sf_vartable.cc index a942997fa..e156f125d 100644 --- a/src/sfip/sf_vartable.cc +++ b/src/sfip/sf_vartable.cc @@ -39,6 +39,8 @@ #include "catch/snort_catch.h" #endif +using namespace snort; + vartable_t* sfvt_alloc_table() { vartable_t* table = (vartable_t*)snort_calloc(sizeof(vartable_t)); @@ -193,7 +195,7 @@ SfIpRet sfvt_define(vartable_t* table, const char* name, const char* value) len = strlen(name) + strlen(value) + 2; buf = (char*)snort_alloc(len); - SnortSnprintf(buf, len, "%s %s", name, value); + snort::SnortSnprintf(buf, len, "%s %s", name, value); ret = sfvt_add_str(table, buf, &ipret); if ((ret == SFIP_SUCCESS) || (ret == SFIP_DUPLICATE)) diff --git a/src/side_channel/side_channel_module.h b/src/side_channel/side_channel_module.h index a57927286..73267516f 100644 --- a/src/side_channel/side_channel_module.h +++ b/src/side_channel/side_channel_module.h @@ -49,7 +49,7 @@ public: { return (PegCount*)&sc_stats; } const PegInfo* get_pegs() const override - { return simple_pegs; } + { return snort::simple_pegs; } snort::ProfileStats* get_profile() const override; diff --git a/src/side_channel/test/side_channel_module_test.cc b/src/side_channel/test/side_channel_module_test.cc index 3984cf9e4..02fef7365 100644 --- a/src/side_channel/test/side_channel_module_test.cc +++ b/src/side_channel/test/side_channel_module_test.cc @@ -60,10 +60,13 @@ void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) { } void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { } +namespace snort +{ void ParseWarning(WarningGroup, const char*, ...) { } char* snort_strdup(const char* s) { return strdup(s); } +} TEST_GROUP(side_channel_module) { }; diff --git a/src/stream/tcp/segment_overlap_editor.cc b/src/stream/tcp/segment_overlap_editor.cc index 71902e9e4..0918acb3a 100644 --- a/src/stream/tcp/segment_overlap_editor.cc +++ b/src/stream/tcp/segment_overlap_editor.cc @@ -488,12 +488,12 @@ int SegmentOverlapEditor::full_right_overlap_os5(TcpReassemblerState& trs) void SegmentOverlapEditor::print(TcpReassemblerState& trs) { - LogMessage(" seglist_base_seq: %X\n", trs.sos.seglist_base_seq); - LogMessage(" seglist head: %p\n", (void*)trs.sos.seglist.head); - LogMessage(" seglist tail: %p\n", (void*)trs.sos.seglist.tail); - LogMessage(" seglist next: %p\n", (void*)trs.sos.seglist.next); - LogMessage(" seg_count: %d\n", trs.sos.seg_count); - LogMessage(" seg_bytes_total: %d\n", trs.sos.seg_bytes_total); - LogMessage(" seg_bytes_logical: %d\n", trs.sos.seg_bytes_logical); + snort::LogMessage(" seglist_base_seq: %X\n", trs.sos.seglist_base_seq); + snort::LogMessage(" seglist head: %p\n", (void*)trs.sos.seglist.head); + snort::LogMessage(" seglist tail: %p\n", (void*)trs.sos.seglist.tail); + snort::LogMessage(" seglist next: %p\n", (void*)trs.sos.seglist.next); + snort::LogMessage(" seg_count: %d\n", trs.sos.seg_count); + snort::LogMessage(" seg_bytes_total: %d\n", trs.sos.seg_bytes_total); + snort::LogMessage(" seg_bytes_logical: %d\n", trs.sos.seg_bytes_logical); } diff --git a/src/stream/tcp/tcp_debug_trace.h b/src/stream/tcp/tcp_debug_trace.h index 15eaebef2..665c16da6 100644 --- a/src/stream/tcp/tcp_debug_trace.h +++ b/src/stream/tcp/tcp_debug_trace.h @@ -70,7 +70,7 @@ inline void TraceEvent( uint32_t rack = ( rxd ) ? h->ack() - rxd : h->ack(); fprintf(stdout, "\n" FMTu64("-3") " %s=0x%02x Seq=%-4u Ack=%-4u Win=%-4hu Len=%-4hu%s\n", //"\n" FMTu64("-3") " %s=0x%02x Seq=%-4u Ack=%-4u Win=%-4u Len=%-4u End=%-4u%s\n", - get_packet_number(), flags, h->th_flags, rseq, rack, h->win(), p->dsize, order); + snort::get_packet_number(), flags, h->th_flags, rseq, rack, h->win(), p->dsize, order); } inline void TraceSession(const snort::Flow* lws) diff --git a/src/stream/tcp/tcp_stream_config.cc b/src/stream/tcp/tcp_stream_config.cc index 7c0cab21f..cb0b45a08 100644 --- a/src/stream/tcp/tcp_stream_config.cc +++ b/src/stream/tcp/tcp_stream_config.cc @@ -27,6 +27,8 @@ #include "log/messages.h" +using namespace snort; + static const char* const reassembly_policy_names[] = { "no policy", "first", "last", "linux", "old_linux", "bsd", "macos", "solaris", "irix", "hpux11", "hpux10", "windows", "win_2003", "vista", "proxy" }; diff --git a/src/target_based/snort_protocols.h b/src/target_based/snort_protocols.h index 2d7b460f9..56696106e 100644 --- a/src/target_based/snort_protocols.h +++ b/src/target_based/snort_protocols.h @@ -58,6 +58,8 @@ inline bool is_service_protocol(SnortProtocolId proto) { return proto > SNORT_PROTO_UDP; } // A mapping between names and IDs. +namespace snort +{ class SO_PUBLIC ProtocolReference { public: @@ -88,6 +90,6 @@ private: void init(ProtocolReference* old_proto_ref); }; - +} #endif diff --git a/src/time/packet_time.cc b/src/time/packet_time.cc index 844e9d761..826721f69 100644 --- a/src/time/packet_time.cc +++ b/src/time/packet_time.cc @@ -40,6 +40,14 @@ static THREAD_LOCAL struct timeval s_recent_packet = { 0, 0 }; static THREAD_LOCAL uint32_t s_first_packet = 0; +namespace snort +{ +time_t packet_time() +{ + return s_recent_packet.tv_sec; +} +} + void packet_time_update(const struct timeval* cur_tv) { if ( !s_first_packet ) @@ -53,11 +61,6 @@ uint32_t packet_first_time() return s_first_packet; } -time_t packet_time() -{ - return s_recent_packet.tv_sec; -} - void packet_gettimeofday(struct timeval* tv) { *tv = s_recent_packet; diff --git a/src/time/packet_time.h b/src/time/packet_time.h index 135f35c4a..67b0bdc3b 100644 --- a/src/time/packet_time.h +++ b/src/time/packet_time.h @@ -24,8 +24,12 @@ #include "main/snort_types.h" -void packet_time_update(const struct timeval* cur_tv); +namespace snort +{ SO_PUBLIC time_t packet_time(); +} + +void packet_time_update(const struct timeval* cur_tv); uint32_t packet_first_time(); void packet_gettimeofday(struct timeval* tv); diff --git a/src/utils/boyer_moore.cc b/src/utils/boyer_moore.cc index c676e1aff..6312f2ae4 100644 --- a/src/utils/boyer_moore.cc +++ b/src/utils/boyer_moore.cc @@ -49,6 +49,8 @@ #include "util.h" +namespace snort +{ /**************************************************************** * * Function: make_skip(char *, int) @@ -218,4 +220,4 @@ int mSearchCI( return -1; } - +} diff --git a/src/utils/boyer_moore.h b/src/utils/boyer_moore.h index 7d5cecb75..54e16f3fb 100644 --- a/src/utils/boyer_moore.h +++ b/src/utils/boyer_moore.h @@ -25,12 +25,14 @@ #include "main/snort_types.h" +namespace snort +{ // FIXIT-M no associated resource destructor for make_skip & make_shift :( SO_PUBLIC int* make_skip(const char*, int); SO_PUBLIC int* make_shift(const char*, int); SO_PUBLIC int mSearch(const char*, int, const char*, int, const int*, const int*); SO_PUBLIC int mSearchCI(const char*, int, const char*, int, const int*, const int*); - +} #endif diff --git a/src/utils/kmap.cc b/src/utils/kmap.cc index ba440255b..c5f65e353 100644 --- a/src/utils/kmap.cc +++ b/src/utils/kmap.cc @@ -31,6 +31,8 @@ #include "util.h" +namespace snort +{ KMAP* KMapNew(KMapUserFreeFunc userfree) { KMAP* km = (KMAP*)snort_calloc(sizeof(KMAP)); @@ -404,10 +406,13 @@ void* KMapFindNext(KMAP* km) return km->keynext->userdata; } +} //namespace snort + #ifdef KMAP_MAIN /* * */ +using namespace snort; int main(int argc, char** argv) { int i,n=10; diff --git a/src/utils/kmap.h b/src/utils/kmap.h index 364152e88..07729b05d 100644 --- a/src/utils/kmap.h +++ b/src/utils/kmap.h @@ -72,6 +72,8 @@ typedef struct _kmap int nocase; } KMAP; +namespace snort +{ SO_PUBLIC KMAP* KMapNew(KMapUserFreeFunc userfree); SO_PUBLIC void KMapDelete(KMAP* km); @@ -81,6 +83,6 @@ SO_PUBLIC int KMapAdd(KMAP* km, void* key, int ksize, void* userdata); SO_PUBLIC void* KMapFind(KMAP* km, void* key, int ksize); SO_PUBLIC void* KMapFindFirst(KMAP* km); SO_PUBLIC void* KMapFindNext(KMAP* km); - +} #endif diff --git a/src/utils/sflsq.cc b/src/utils/sflsq.cc index f42e12ad9..741d52f41 100644 --- a/src/utils/sflsq.cc +++ b/src/utils/sflsq.cc @@ -37,9 +37,7 @@ #include "util.h" -/* -* private alloc -*/ +// private alloc static void* s_alloc(size_t n) { return snort_calloc(n); @@ -54,18 +52,8 @@ static void s_free(void* p) snort_free(p); } -/* -* INIT - called by the NEW functions -*/ -void sflist_init(SF_LIST* s) +namespace snort { - s->count=0; - s->head = s->tail = nullptr; -} - -/* -* NEW -*/ SF_LIST* sflist_new() { SF_LIST* s; @@ -74,14 +62,12 @@ SF_LIST* sflist_new() return s; } -SF_QUEUE* sfqueue_new() +void sflist_init(SF_LIST* s) { - return (SF_QUEUE*)sflist_new(); + s->count=0; + s->head = s->tail = nullptr; } -/* -* Add-before Item -*/ void sflist_add_before(SF_LIST* s, SF_LNODE* lnode, NODE_DATA ndata) { SF_LNODE* q; @@ -104,12 +90,6 @@ void sflist_add_before(SF_LIST* s, SF_LNODE* lnode, NODE_DATA ndata) } } -/* -* ADD to List/Queue/Dictionary -*/ -/* -* Add-Head Item -*/ void sflist_add_head(SF_LIST* s, NODE_DATA ndata) { SF_LNODE* q; @@ -132,9 +112,6 @@ void sflist_add_head(SF_LIST* s, NODE_DATA ndata) s->count++; } -/* -* Add-Tail Item -*/ void sflist_add_tail(SF_LIST* s, NODE_DATA ndata) { SF_LNODE* q; @@ -157,14 +134,6 @@ void sflist_add_tail(SF_LIST* s, NODE_DATA ndata) s->count++; } -void sfqueue_add(SF_QUEUE* s, NODE_DATA ndata) -{ - sflist_add_tail (s, ndata); -} - -/* -* List walk - First/Next - return the node data or NULL -*/ NODE_DATA sflist_first(SF_LIST* s, SF_LNODE** v) { if ( !s ) @@ -191,9 +160,6 @@ NODE_DATA sflist_next(SF_LNODE** v) return nullptr; } -/* -* Remove Head Item from list -*/ NODE_DATA sflist_remove_head(SF_LIST* s) { NODE_DATA ndata = nullptr; @@ -215,9 +181,6 @@ NODE_DATA sflist_remove_head(SF_LIST* s) return (NODE_DATA)ndata; } -/* -* Remove tail Item from list -*/ NODE_DATA sflist_remove_tail(SF_LIST* s) { NODE_DATA ndata = nullptr; @@ -287,34 +250,22 @@ void sflist_remove_node(SF_LIST* s, SF_LNODE* n) } } -/* -* Remove Head Item from queue -*/ -NODE_DATA sfqueue_remove(SF_QUEUE* s) -{ - return (NODE_DATA)sflist_remove_head(s); -} - -/* -* COUNT -*/ -int sfqueue_count(SF_QUEUE* s) +int sflist_count(SF_LIST* s) { if (!s) return 0; return s->count; } -int sflist_count(SF_LIST* s) +void sflist_free(SF_LIST* s) { - if (!s) - return 0; - return s->count; + while ( sflist_count(s) ) + { + sflist_remove_head(s); + } + s_free(s); } -/* -* Free List + Free it's data nodes using 'nfree' -*/ void sflist_free_all(SF_LIST* s, void (* nfree)(void*) ) { if (!s) @@ -330,11 +281,6 @@ void sflist_free_all(SF_LIST* s, void (* nfree)(void*) ) s_free(s); } -void sfqueue_free_all(SF_QUEUE* s,void (* nfree)(void*) ) -{ - sflist_free_all(s, nfree); -} - void sflist_static_free_all(SF_LIST* s, void (* nfree)(void*) ) { if (!s) @@ -349,17 +295,38 @@ void sflist_static_free_all(SF_LIST* s, void (* nfree)(void*) ) } } -/* -* FREE List/Queue/Dictionary -* -* This does not free a nodes data -*/ -void sflist_free(SF_LIST* s) +} + +// ----- queue methods ----- + +using namespace snort; + +SF_QUEUE* sfqueue_new() { - while ( sflist_count(s) ) - { - sflist_remove_head(s); - } - s_free(s); + return (SF_QUEUE*)sflist_new(); } +void sfqueue_add(SF_QUEUE* s, NODE_DATA ndata) +{ + sflist_add_tail (s, ndata); +} + + +NODE_DATA sfqueue_remove(SF_QUEUE* s) +{ + return (NODE_DATA)sflist_remove_head(s); +} + +int sfqueue_count(SF_QUEUE* s) +{ + if (!s) + return 0; + return s->count; +} + +void sfqueue_free_all(SF_QUEUE* s,void (* nfree)(void*) ) +{ + sflist_free_all(s, nfree); +} + + diff --git a/src/utils/sflsq.h b/src/utils/sflsq.h index 977ab4ae5..8ac145864 100644 --- a/src/utils/sflsq.h +++ b/src/utils/sflsq.h @@ -74,6 +74,8 @@ typedef sf_list SF_LIST; // ----------------------------------------------------------------------------- // Linked List Interface // ----------------------------------------------------------------------------- +namespace snort +{ SO_PUBLIC SF_LIST* sflist_new(); SO_PUBLIC void sflist_init(SF_LIST*); SO_PUBLIC void sflist_add_tail(SF_LIST*, NODE_DATA); @@ -88,6 +90,7 @@ SO_PUBLIC NODE_DATA sflist_next(SF_LNODE**); SO_PUBLIC void sflist_free(SF_LIST*); SO_PUBLIC void sflist_free_all(SF_LIST*, void (* free)(void*) ); SO_PUBLIC void sflist_static_free_all(SF_LIST*, void (* nfree)(void*)); +} // ----------------------------------------------------------------------------- // Queue Interface ( FIFO - First in, First out ) diff --git a/src/utils/stats.cc b/src/utils/stats.cc index b89a02f72..50d085b3a 100644 --- a/src/utils/stats.cc +++ b/src/utils/stats.cc @@ -40,37 +40,19 @@ #include "util.h" -using namespace snort; - #define STATS_SEPARATOR \ "--------------------------------------------------" THREAD_LOCAL AuxCount aux_counts; -THREAD_LOCAL PacketCount pc; ProcessCount proc_stats; -PegCount get_packet_number() -{ return pc.total_from_daq; } - -//------------------------------------------------------------------------- - -double CalcPct(uint64_t cnt, uint64_t total) +namespace snort { - double pct = 0.0; - if (total == 0.0) - { - pct = (double)cnt; - } - else - { - pct = (double)cnt / (double)total; - } - - pct *= 100.0; +THREAD_LOCAL PacketCount pc; - return pct; -} +PegCount get_packet_number() +{ return pc.total_from_daq; } //------------------------------------------------------------------------- @@ -114,6 +96,29 @@ void LogStat(const char* s, double d, FILE* fh) if ( d ) LogMessage(fh, "%25.25s: %g\n", s, d); } +} + +using namespace snort; + +//------------------------------------------------------------------------- + +double CalcPct(uint64_t cnt, uint64_t total) +{ + double pct = 0.0; + + if (total == 0.0) + { + pct = (double)cnt; + } + else + { + pct = (double)cnt / (double)total; + } + + pct *= 100.0; + + return pct; +} //------------------------------------------------------------------------- @@ -324,4 +329,3 @@ void show_percent_stats( LogStat(s, c, pegs[0], stdout); } } - diff --git a/src/utils/stats.h b/src/utils/stats.h index 41127e3c5..3509c8d28 100644 --- a/src/utils/stats.h +++ b/src/utils/stats.h @@ -79,12 +79,15 @@ struct AuxCount extern ProcessCount proc_stats; extern THREAD_LOCAL AuxCount aux_counts; -extern SO_PUBLIC THREAD_LOCAL PacketCount pc; extern const PegInfo daq_names[]; extern const PegInfo pc_names[]; extern const PegInfo proc_names[]; +namespace snort +{ +extern SO_PUBLIC THREAD_LOCAL PacketCount pc; + SO_PUBLIC PegCount get_packet_number(); SO_PUBLIC void LogLabel(const char*, FILE* = stdout); @@ -93,6 +96,7 @@ SO_PUBLIC void LogCount(const char*, uint64_t, FILE* = stdout); SO_PUBLIC void LogStat(const char*, uint64_t n, uint64_t tot, FILE* = stdout); SO_PUBLIC void LogStat(const char*, double, FILE* = stdout); +} void sum_stats(PegCount* sums, PegCount* counts, unsigned n); void show_stats(PegCount*, const PegInfo*, const char* module_name = nullptr); diff --git a/src/utils/util.cc b/src/utils/util.cc index e47af72e8..a26f0a2d1 100644 --- a/src/utils/util.cc +++ b/src/utils/util.cc @@ -65,8 +65,6 @@ extern "C" { using namespace snort; -char** protocol_names = nullptr; - /**************************************************************************** * Store interesting data in memory that would not otherwise be visible * in a CORE(5) file @@ -496,28 +494,6 @@ std::string read_infile(const char* key, const char* fname) return line; } -char* snort_strndup(const char* src, size_t dst_size) -{ - char* dup = (char*)snort_calloc(dst_size + 1); - - if ( SnortStrncpy(dup, src, dst_size + 1) == SNORT_STRNCPY_ERROR ) - { - snort_free(dup); - return nullptr; - } - - return dup; -} - -char* snort_strdup(const char* str) -{ - assert(str); - size_t n = strlen(str) + 1; - char* p = (char*)snort_alloc(n); - memcpy(p, str, n); - return p; -} - typedef char PathBuf[PATH_MAX+1]; static const char* CurrentWorkingDir(PathBuf& buf) @@ -621,6 +597,10 @@ void SetNoCores() } #endif +namespace snort +{ +char** protocol_names = nullptr; + const char* get_error(int errnum) { static THREAD_LOCAL char buf[128]; @@ -634,3 +614,28 @@ const char* get_error(int errnum) #endif } +char* snort_strndup(const char* src, size_t dst_size) +{ + char* dup = (char*)snort_calloc(dst_size + 1); + + if ( SnortStrncpy(dup, src, dst_size + 1) == SNORT_STRNCPY_ERROR ) + { + snort_free(dup); + return nullptr; + } + + return dup; +} + +char* snort_strdup(const char* str) +{ + assert(str); + size_t n = strlen(str) + 1; + char* p = (char*)snort_alloc(n); + memcpy(p, str, n); + return p; +} + +} + + diff --git a/src/utils/util.h b/src/utils/util.h index 79b1d1a35..2361220fc 100644 --- a/src/utils/util.h +++ b/src/utils/util.h @@ -51,9 +51,6 @@ (x)[8] = (y)[8]; (x)[9] = (y)[9]; (x)[10] = (y)[10]; (x)[11] = (y)[11]; \ (x)[12] = (y)[12]; (x)[13] = (y)[13]; (x)[14] = (y)[14]; (x)[15] = (y)[15]; -// FIXIT-M provide getter function to for standardized access into the protocol_names array -SO_PUBLIC extern char** protocol_names; - void StoreSnortInfoStrings(); int DisplayBanner(); int gmt2local(time_t); @@ -71,9 +68,6 @@ void InitProtoNames(); void SetNoCores(); #endif -SO_PUBLIC char* snort_strdup(const char*); -SO_PUBLIC char* snort_strndup(const char*, size_t); - inline void* snort_alloc(size_t sz) { return new uint8_t[sz]; } @@ -103,7 +97,15 @@ inline pid_t gettid() #endif } +namespace snort +{ +// FIXIT-M provide getter function to for standardized access into the protocol_names array +SO_PUBLIC extern char** protocol_names; + SO_PUBLIC const char* get_error(int errnum); +SO_PUBLIC char* snort_strdup(const char*); +SO_PUBLIC char* snort_strndup(const char*, size_t); +} #endif diff --git a/src/utils/util_cstring.cc b/src/utils/util_cstring.cc index f652e2a4a..f97661ade 100644 --- a/src/utils/util_cstring.cc +++ b/src/utils/util_cstring.cc @@ -29,6 +29,8 @@ #include #include +namespace snort +{ /* Guaranteed to be '\0' terminated even if truncation occurs. * * returns SNORT_SNPRINTF_SUCCESS if successful @@ -346,3 +348,5 @@ int safe_snprintf(char* s, size_t n, const char* format, ... ) return len; } +} + diff --git a/src/utils/util_cstring.h b/src/utils/util_cstring.h index 488b08889..6f0349345 100644 --- a/src/utils/util_cstring.h +++ b/src/utils/util_cstring.h @@ -29,6 +29,8 @@ #include "main/snort_types.h" +namespace snort +{ #define SNORT_SNPRINTF_SUCCESS 0 #define SNORT_SNPRINTF_TRUNCATION 1 #define SNORT_SNPRINTF_ERROR (-1) @@ -131,6 +133,6 @@ inline int SnortStrToU32(const char* buffer, char** endptr, return 0; } - +} #endif diff --git a/src/utils/util_jsnorm.cc b/src/utils/util_jsnorm.cc index 21f99c55d..50ddbd09f 100644 --- a/src/utils/util_jsnorm.cc +++ b/src/utils/util_jsnorm.cc @@ -29,6 +29,8 @@ #include "main/thread.h" +namespace snort +{ #define INVALID_HEX_VAL (-1) #define MAX_BUF 8 #define NON_ASCII_CHAR 0xff @@ -1330,3 +1332,4 @@ int main(int argc, char *argv[]) }*/ +} diff --git a/src/utils/util_jsnorm.h b/src/utils/util_jsnorm.h index 7578c123d..3a86acacd 100644 --- a/src/utils/util_jsnorm.h +++ b/src/utils/util_jsnorm.h @@ -25,6 +25,8 @@ #include "main/snort_types.h" +namespace snort +{ #define ALERT_SPACES_EXCEEDED 0x1 #define ALERT_LEVELS_EXCEEDED 0x2 #define ALERT_MIXED_ENCODINGS 0x4 @@ -40,6 +42,6 @@ struct JSState SO_PUBLIC int JSNormalizeDecode( const char*, uint16_t, char*, uint16_t destlen, const char**, int*, JSState*, uint8_t*); - +} #endif diff --git a/src/utils/util_unfold.cc b/src/utils/util_unfold.cc index 3c3d29e43..ec1663d01 100644 --- a/src/utils/util_unfold.cc +++ b/src/utils/util_unfold.cc @@ -24,6 +24,8 @@ #include "util_unfold.h" +namespace snort +{ /* Given a string, removes header folding (\r\n followed by linear whitespace) * and exits when the end of a header is found, defined as \n followed by a * non-whitespace. This is especially helpful for HTML. @@ -187,3 +189,5 @@ int sf_strip_LWS(const uint8_t* inbuf, uint32_t inbuf_size, uint8_t* outbuf, return(0); } +} + diff --git a/src/utils/util_unfold.h b/src/utils/util_unfold.h index 7890df20c..daee32813 100644 --- a/src/utils/util_unfold.h +++ b/src/utils/util_unfold.h @@ -25,9 +25,11 @@ #include "main/snort_types.h" +namespace snort +{ SO_PUBLIC int sf_unfold_header(const uint8_t*, uint32_t, uint8_t*, uint32_t, uint32_t*, int, int*); SO_PUBLIC int sf_strip_CRLF(const uint8_t*, uint32_t, uint8_t*, uint32_t, uint32_t*); SO_PUBLIC int sf_strip_LWS(const uint8_t*, uint32_t, uint8_t*, uint32_t, uint32_t*); - +} #endif diff --git a/src/utils/util_utf.cc b/src/utils/util_utf.cc index c3ff1d07b..e89721d67 100644 --- a/src/utils/util_utf.cc +++ b/src/utils/util_utf.cc @@ -37,6 +37,8 @@ #define DSTATE_THIRD 2 #define DSTATE_FOURTH 3 +using namespace snort; + UtfDecodeSession::UtfDecodeSession() { init_decode_utf_state(); diff --git a/src/utils/util_utf.h b/src/utils/util_utf.h index 01afb019f..9ac11e211 100644 --- a/src/utils/util_utf.h +++ b/src/utils/util_utf.h @@ -47,6 +47,8 @@ struct decode_utf_state_t CharsetCode charset; }; +namespace snort +{ class SO_PUBLIC UtfDecodeSession { public: @@ -69,4 +71,6 @@ private: bool DecodeUTF32BE(const uint8_t* src, unsigned int src_len, uint8_t* dst, unsigned int dst_len, int* bytes_copied); void determine_charset(const uint8_t** src, unsigned int* src_len); }; +} + #endif