From: Russ Combs (rucombs) Date: Thu, 26 Oct 2017 01:52:10 +0000 (-0400) Subject: Merge pull request #1052 in SNORT/snort3 from appid_missed_commit_of_appid_stats_fix... X-Git-Tag: 3.0.0-240~3 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=fd40032dafddd0f207442fdd3bd7f07ab3f2c1c6;p=thirdparty%2Fsnort3.git Merge pull request #1052 in SNORT/snort3 from appid_missed_commit_of_appid_stats_fix to master Squashed commit of the following: commit b9e6ac8a1ffaae7eb038faa64ec868b4a40b3309 Author: davis mcpherson Date: Mon Oct 23 21:51:19 2017 -0400 fix appid statistics counts to verify id is valid and also add a count for unknown app id (should not happen) --- diff --git a/src/network_inspectors/appid/app_info_table.cc b/src/network_inspectors/appid/app_info_table.cc index 60aecce95..8609fe2e9 100644 --- a/src/network_inspectors/appid/app_info_table.cc +++ b/src/network_inspectors/appid/app_info_table.cc @@ -581,7 +581,7 @@ void AppInfoManager::init_appid_info_table(AppIdModuleConfig* mod_config) if ((app_id = get_static_app_info_entry(entry->appId))) { app_info_table[app_id] = entry; - AppIdPegCounts::add_app_peg_info(*entry, app_id); + AppIdPegCounts::add_app_peg_info(entry->app_name_key, app_id); } if ((app_id = get_static_app_info_entry(entry->serviceId))) @@ -596,6 +596,7 @@ void AppInfoManager::init_appid_info_table(AppIdModuleConfig* mod_config) } fclose(tableFile); + AppIdPegCounts::add_unknown_app_peg(); snprintf(filepath, sizeof(filepath), "%s/odp/%s", mod_config->app_detector_dir, APP_CONFIG_FILE); load_appid_config (mod_config, filepath); diff --git a/src/network_inspectors/appid/appid_peg_counts.cc b/src/network_inspectors/appid/appid_peg_counts.cc index 780098881..d0c2c8dbb 100644 --- a/src/network_inspectors/appid/appid_peg_counts.cc +++ b/src/network_inspectors/appid/appid_peg_counts.cc @@ -62,9 +62,8 @@ void AppIdPegCounts::init_detector_peg_info(const std::string& app_name, const s appid_detectors_peg_info.push_back({CountType::SUM, snort_strdup(name.c_str()), snort_strdup(help.c_str())}); } -void AppIdPegCounts::add_app_peg_info(AppInfoTableEntry& entry, AppId app_id ) +void AppIdPegCounts::add_app_peg_info(std::string app_name, AppId app_id ) { - std::string app_name = entry.app_name_key; std::replace(app_name.begin(), app_name.end(), ' ', '_'); appid_detector_pegs_idx[app_id] = appid_detectors_peg_info.size() + NUM_APPID_GLOBAL_PEGS; @@ -75,6 +74,18 @@ void AppIdPegCounts::add_app_peg_info(AppInfoTableEntry& entry, AppId app_id ) init_detector_peg_info(app_name, "_misc", " misc detected"); } +void AppIdPegCounts::add_unknown_app_peg() +{ + std::string app_name = "unknown_app"; + + AppIdPegCounts::unknown_app_idx = appid_detectors_peg_info.size() + NUM_APPID_GLOBAL_PEGS; + init_detector_peg_info(app_name, "_flows", " services detected"); + init_detector_peg_info(app_name, "_clients", " clients detected"); + init_detector_peg_info(app_name, "_users", " users detected"); + init_detector_peg_info(app_name, "_payloads", " payloads detected"); + init_detector_peg_info(app_name, "_misc", " misc detected"); +} + PegCount* AppIdPegCounts::get_peg_counts() { if ( AppIdPegCounts::detectors_configured ) @@ -87,14 +98,6 @@ PegInfo* AppIdPegCounts::get_peg_info() { if ( AppIdPegCounts::detectors_configured ) { - std::string app_name = "unknown_app"; - - AppIdPegCounts::unknown_app_idx = appid_detectors_peg_info.size() + NUM_APPID_GLOBAL_PEGS; - init_detector_peg_info(app_name, "_flows", " services detected"); - init_detector_peg_info(app_name, "_clients", " clients detected"); - init_detector_peg_info(app_name, "_users", " users detected"); - init_detector_peg_info(app_name, "_payloads", " payloads detected"); - init_detector_peg_info(app_name, "_misc", " misc detected"); appid_pegs.insert( appid_pegs.end(), appid_detectors_peg_info.begin(), appid_detectors_peg_info.end()); // add the sentinel entry at the end diff --git a/src/network_inspectors/appid/appid_peg_counts.h b/src/network_inspectors/appid/appid_peg_counts.h index 0521a865d..ffafb5b35 100644 --- a/src/network_inspectors/appid/appid_peg_counts.h +++ b/src/network_inspectors/appid/appid_peg_counts.h @@ -62,7 +62,8 @@ public: NUM_APPID_DETECTOR_PEGS }; - static void add_app_peg_info(AppInfoTableEntry&, AppId); + static void add_app_peg_info(std::string app_name, AppId); + static void add_unknown_app_peg(); static PegCount* get_peg_counts(); static PegInfo* get_peg_info(); static void init_pegs(); diff --git a/src/network_inspectors/appid/test/app_info_table_test.cc b/src/network_inspectors/appid/test/app_info_table_test.cc index 3eb77ecac..0e926bb60 100644 --- a/src/network_inspectors/appid/test/app_info_table_test.cc +++ b/src/network_inspectors/appid/test/app_info_table_test.cc @@ -75,13 +75,11 @@ TEST_GROUP(app_info_table) void setup() { MemoryLeakWarningPlugin::turnOffNewDeleteOverloads(); - mock_init_appid_pegs(); } void teardown() { app_info_mgr.cleanup_appid_info_table(); - mock_cleanup_appid_pegs(); MemoryLeakWarningPlugin::turnOnNewDeleteOverloads(); } }; @@ -147,7 +145,9 @@ TEST(app_info_table, get_static_app_info_entry) int main(int argc, char** argv) { - int return_value = CommandLineTestRunner::RunAllTests(argc, argv); - return return_value; + mock_init_appid_pegs(); + int rc = CommandLineTestRunner::RunAllTests(argc, argv); + mock_cleanup_appid_pegs(); + return rc; } diff --git a/src/network_inspectors/appid/test/appid_api_test.cc b/src/network_inspectors/appid/test/appid_api_test.cc index 4557299b8..5910acc6e 100644 --- a/src/network_inspectors/appid/test/appid_api_test.cc +++ b/src/network_inspectors/appid/test/appid_api_test.cc @@ -76,7 +76,6 @@ TEST_GROUP(appid_api) void setup() override { MemoryLeakWarningPlugin::turnOffNewDeleteOverloads(); - mock_init_appid_pegs(); flow = new Flow; mock_session = new AppIdSession(IpProtocol::TCP, nullptr, 1492, appid_inspector); mock_session->hsession = init_http_session(mock_session); @@ -87,8 +86,6 @@ TEST_GROUP(appid_api) { delete mock_session; delete flow; - mock_cleanup_appid_pegs(); - MemoryLeakWarningPlugin::turnOnNewDeleteOverloads(); } }; @@ -741,6 +738,9 @@ TEST(appid_api, produce_ha_state) int main(int argc, char** argv) { - return CommandLineTestRunner::RunAllTests(argc, argv); + mock_init_appid_pegs(); + int rc = CommandLineTestRunner::RunAllTests(argc, argv); + mock_cleanup_appid_pegs(); + return rc; } diff --git a/src/network_inspectors/appid/test/appid_detector_test.cc b/src/network_inspectors/appid/test/appid_detector_test.cc index a4b6e3b63..4d6b10d5a 100644 --- a/src/network_inspectors/appid/test/appid_detector_test.cc +++ b/src/network_inspectors/appid/test/appid_detector_test.cc @@ -54,7 +54,6 @@ TEST_GROUP(appid_detector_tests) void setup() override { MemoryLeakWarningPlugin::turnOffNewDeleteOverloads(); - mock_init_appid_pegs(); flow = new Flow; mock_session = new AppIdSession(IpProtocol::TCP, nullptr, 1492, appid_inspector); mock_session->hsession = init_http_session(mock_session); @@ -65,7 +64,6 @@ TEST_GROUP(appid_detector_tests) { delete mock_session; delete flow; - mock_cleanup_appid_pegs(); MemoryLeakWarningPlugin::turnOnNewDeleteOverloads(); } }; @@ -97,7 +95,9 @@ TEST(appid_detector_tests, add_user) int main(int argc, char** argv) { - int return_value = CommandLineTestRunner::RunAllTests(argc, argv); - return return_value; + mock_init_appid_pegs(); + int rc = CommandLineTestRunner::RunAllTests(argc, argv); + mock_cleanup_appid_pegs(); + return rc; } diff --git a/src/network_inspectors/appid/test/appid_expected_flags_test.cc b/src/network_inspectors/appid/test/appid_expected_flags_test.cc index 9670a3ee4..63eac125d 100644 --- a/src/network_inspectors/appid/test/appid_expected_flags_test.cc +++ b/src/network_inspectors/appid/test/appid_expected_flags_test.cc @@ -54,7 +54,6 @@ TEST_GROUP(appid_expected_flags) void setup() { MemoryLeakWarningPlugin::turnOffNewDeleteOverloads(); - mock_init_appid_pegs(); parent = new AppIdSession(IpProtocol::TCP, nullptr, 1492, appid_inspector); expected = new AppIdSession(IpProtocol::TCP, nullptr, 1492, appid_inspector); } @@ -63,7 +62,6 @@ TEST_GROUP(appid_expected_flags) { delete parent; delete expected; - mock_cleanup_appid_pegs(); MemoryLeakWarningPlugin::turnOnNewDeleteOverloads(); } }; @@ -140,6 +138,9 @@ TEST(appid_expected_flags, test6) int main(int argc, char** argv) { - return CommandLineTestRunner::RunAllTests(argc, argv); + mock_init_appid_pegs(); + int rc = CommandLineTestRunner::RunAllTests(argc, argv); + mock_cleanup_appid_pegs(); + return rc; } diff --git a/src/network_inspectors/appid/test/appid_http_event_test.cc b/src/network_inspectors/appid/test/appid_http_event_test.cc index 5b5a73c5e..f623334c9 100644 --- a/src/network_inspectors/appid/test/appid_http_event_test.cc +++ b/src/network_inspectors/appid/test/appid_http_event_test.cc @@ -173,7 +173,6 @@ TEST_GROUP(appid_http_event) void setup() override { MemoryLeakWarningPlugin::turnOffNewDeleteOverloads(); - mock_init_appid_pegs(); flow = new Flow; mock_session = new AppIdSession(IpProtocol::TCP, nullptr, 1492, appid_inspector); flow->set_flow_data(mock_session); @@ -184,7 +183,6 @@ TEST_GROUP(appid_http_event) fake_msg_header = nullptr; delete mock_session; delete flow; - mock_cleanup_appid_pegs(); mock().clear(); MemoryLeakWarningPlugin::turnOnNewDeleteOverloads(); } @@ -459,7 +457,9 @@ TEST(appid_http_event, handle_msg_header_all_request_headers) int main(int argc, char** argv) { - int return_value = CommandLineTestRunner::RunAllTests(argc, argv); - return return_value; + mock_init_appid_pegs(); + int rc = CommandLineTestRunner::RunAllTests(argc, argv); + mock_cleanup_appid_pegs(); + return rc; } diff --git a/src/network_inspectors/appid/test/appid_mock_definitions.h b/src/network_inspectors/appid/test/appid_mock_definitions.h index 74df7941c..2eda06a62 100644 --- a/src/network_inspectors/appid/test/appid_mock_definitions.h +++ b/src/network_inspectors/appid/test/appid_mock_definitions.h @@ -99,6 +99,7 @@ int ServiceDiscovery::fail_service(AppIdSession*, Packet const*, int, ServiceDet void mock_init_appid_pegs() { AppIdPegCounts::set_detectors_configured(); + AppIdPegCounts::add_unknown_app_peg(); AppIdPegCounts::get_peg_info(); AppIdPegCounts::init_pegs(); }