From: Victor Julien <victor@inliniac.net>
Date: Tue, 26 Nov 2013 17:30:04 +0000 (+0100)
Subject: lua: push correct length back through ScFlowvarGet, work around valgrind warning
X-Git-Tag: suricata-2.0beta2~72
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=81ee6f5aadeb;p=thirdparty%2Fsuricata.git

lua: push correct length back through ScFlowvarGet, work around valgrind warning
---

diff --git a/src/detect-engine-content-inspection.c b/src/detect-engine-content-inspection.c
index 1d5cb69795..bc05e8eb44 100644
--- a/src/detect-engine-content-inspection.c
+++ b/src/detect-engine-content-inspection.c
@@ -532,6 +532,7 @@ int DetectEngineContentInspection(DetectEngineCtx *de_ctx, DetectEngineThreadCtx
 #ifdef HAVE_LUAJIT
     }
     else if (sm->type == DETECT_LUAJIT) {
+        SCLogDebug("luajit starting");
         /* for flowvar gets and sets we need to know the flow's lock status */
         int need_flow_lock = 0;
         if (inspection_mode <= DETECT_ENGINE_CONTENT_INSPECTION_MODE_STREAM)
@@ -540,8 +541,10 @@ int DetectEngineContentInspection(DetectEngineCtx *de_ctx, DetectEngineThreadCtx
         if (DetectLuajitMatchBuffer(det_ctx, s, sm, buffer, buffer_len,
                     det_ctx->buffer_offset, f, need_flow_lock) != 1)
         {
+            SCLogDebug("luajit no_match");
             goto no_match;
         }
+        SCLogDebug("luajit match");
         goto match;
 #endif
     } else {
diff --git a/src/detect-luajit-extensions.c b/src/detect-luajit-extensions.c
index 0519da5bd1..10b74d4237 100644
--- a/src/detect-luajit-extensions.c
+++ b/src/detect-luajit-extensions.c
@@ -140,6 +140,7 @@ static int LuajitGetFlowvar(lua_State *luastate) {
      * invalid read errors in valgrind otherwise. Adding in a nul to be sure.
      *
      * Buffer size = len + 1 (for nul) + whatever makes it a multiple of 4 */
+    size_t reallen = fv->data.fv_str.value_len;
     size_t buflen = fv->data.fv_str.value_len + 1 + ((fv->data.fv_str.value_len + 1) % 4);
     uint8_t buf[buflen];
     memset(buf, 0x00, buflen);
@@ -150,7 +151,7 @@ static int LuajitGetFlowvar(lua_State *luastate) {
         FLOWLOCK_UNLOCK(f);
 
     /* return value through luastate, as a luastring */
-    lua_pushlstring(luastate, (char *)buf, buflen);
+    lua_pushlstring(luastate, (char *)buf, reallen);
 
     return 1;
 
diff --git a/src/detect-luajit.c b/src/detect-luajit.c
index 569980dc58..f9ad452bcd 100644
--- a/src/detect-luajit.c
+++ b/src/detect-luajit.c
@@ -273,7 +273,16 @@ int DetectLuajitMatchBuffer(DetectEngineThreadCtx *det_ctx, Signature *s, SigMat
     lua_settable(tluajit->luastate, -3);
 
     lua_pushstring (tluajit->luastate, luajit->buffername); /* stack at -2 */
-    lua_pushlstring (tluajit->luastate, (const char *)buffer, (size_t)buffer_len);
+    if (buffer_len % 4) {
+        size_t tmpbuflen = buffer_len + (buffer_len % 4);
+        uint8_t tmpbuf[tmpbuflen];
+        memset(tmpbuf, 0x00, tmpbuflen);
+        memcpy(tmpbuf, buffer, buffer_len);
+        tmpbuf[buffer_len] = '\0';
+        lua_pushlstring (tluajit->luastate, (const char *)tmpbuf, (size_t)buffer_len);
+    } else {
+        lua_pushlstring (tluajit->luastate, (const char *)buffer, (size_t)buffer_len);
+    }
     lua_settable(tluajit->luastate, -3);
 
     int retval = lua_pcall(tluajit->luastate, 1, 1, 0);