aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

byte-extract: switch to pcre_copy_substring

Browse Source 
Fixes memory leaks (str_ptr was never freed).
Fixes cppcheck warning:
    [src/detect-byte-extract.c:268]: (error) Uninitialized variable: str_ptr

Bug #1046.
pull/944/head
Victor Julien 12 years ago
parent a25f532ce7
commit 1de9256b18
1 changed files with 43 additions and 36 deletions
Show Stats Download Patch File Download Diff File

79
src/detect-byte-extract.c
Unescape Escape View File

@ -245,7 +245,6 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
#define MAX_SUBSTRINGS 100
int ret = 0, res = 0;
int ov[MAX_SUBSTRINGS];
char *str_ptr;
int i = 0;
ret = pcre_exec(parse_regex, parse_regex_study, arg,
@ -264,24 +263,26 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
memset(bed, 0, sizeof(DetectByteExtractData));
/* no of bytes to extract */
res = pcre_get_substring((char *)arg, ov,
MAX_SUBSTRINGS, 1, (const char **)&str_ptr);
char nbytes_str[64] = "";
res = pcre_copy_substring((char *)arg, ov,
MAX_SUBSTRINGS, 1, nbytes_str, sizeof(nbytes_str));
if (res < 0) {
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_get_substring failed "
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_copy_substring failed "
"for arg 1 for byte_extract");
goto error;
}
bed->nbytes = atoi(str_ptr);
bed->nbytes = atoi(nbytes_str);
/* offset */
res = pcre_get_substring((char *)arg, ov,
MAX_SUBSTRINGS, 2, (const char **)&str_ptr);
char offset_str[64] = "";
res = pcre_copy_substring((char *)arg, ov,
MAX_SUBSTRINGS, 2, offset_str, sizeof(offset_str));
if (res < 0) {
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_get_substring failed "
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_copy_substring failed "
"for arg 2 for byte_extract");
goto error;
}
int offset = atoi(str_ptr);
int offset = atoi(offset_str);
if (offset < -65535 || offset > 65535) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "byte_extract offset invalid - %d. "
"The right offset range is -65535 to 65535", offset);
@ -290,35 +291,37 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
bed->offset = offset;
/* var name */
res = pcre_get_substring((char *)arg, ov,
MAX_SUBSTRINGS, 3, (const char **)&str_ptr);
char varname_str[256] = "";
res = pcre_copy_substring((char *)arg, ov,
MAX_SUBSTRINGS, 3, varname_str, sizeof(varname_str));
if (res < 0) {
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_get_substring failed "
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_copy_substring failed "
"for arg 3 for byte_extract");
goto error;
}
bed->name = SCStrdup(str_ptr);
bed->name = SCStrdup(varname_str);
if (bed->name == NULL)
goto error;
/* check out other optional args */
for (i = 4; i < ret; i++) {
res = pcre_get_substring((char *)arg, ov,
MAX_SUBSTRINGS, i, (const char **)&str_ptr);
char opt_str[64] = "";
res = pcre_copy_substring((char *)arg, ov,
MAX_SUBSTRINGS, i, opt_str, sizeof(opt_str));
if (res < 0) {
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_get_substring failed "
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_copy_substring failed "
"for arg %d for byte_extract", i);
goto error;
}
if (strcmp("relative", str_ptr) == 0) {
if (strcmp("relative", opt_str) == 0) {
if (bed->flags & DETECT_BYTE_EXTRACT_FLAG_RELATIVE) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "relative specified more "
"than once for byte_extract");
goto error;
}
bed->flags |= DETECT_BYTE_EXTRACT_FLAG_RELATIVE;
} else if (strcmp("multiplier", str_ptr) == 0) {
} else if (strcmp("multiplier", opt_str) == 0) {
if (bed->flags & DETECT_BYTE_EXTRACT_FLAG_MULTIPLIER) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "multiplier specified more "
"than once for byte_extract");
@ -326,14 +329,16 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
}
bed->flags |= DETECT_BYTE_EXTRACT_FLAG_MULTIPLIER;
i++;
res = pcre_get_substring((char *)arg, ov,
MAX_SUBSTRINGS, i, (const char **)&str_ptr);
char multiplier_str[16] = "";
res = pcre_copy_substring((char *)arg, ov,
MAX_SUBSTRINGS, i, multiplier_str, sizeof(multiplier_str));
if (res < 0) {
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_get_substring failed "
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_copy_substring failed "
"for arg %d for byte_extract", i);
goto error;
}
int multiplier = atoi(str_ptr);
int multiplier = atoi(multiplier_str);
if (multiplier < DETECT_BYTE_EXTRACT_MULTIPLIER_MIN_LIMIT ||
multiplier > DETECT_BYTE_EXTRACT_MULTIPLIER_MAX_LIMIT) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "multipiler_value invalid "
@ -344,7 +349,7 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
goto error;
}
bed->multiplier_value = multiplier;
} else if (strcmp("big", str_ptr) == 0) {
} else if (strcmp("big", opt_str) == 0) {
if (bed->flags & DETECT_BYTE_EXTRACT_FLAG_ENDIAN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "endian option specified "
"more than once for byte_extract");
@ -352,7 +357,7 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
}
bed->flags |= DETECT_BYTE_EXTRACT_FLAG_ENDIAN;
bed->endian = DETECT_BYTE_EXTRACT_ENDIAN_BIG;
} else if (strcmp("little", str_ptr) == 0) {
} else if (strcmp("little", opt_str) == 0) {
if (bed->flags & DETECT_BYTE_EXTRACT_FLAG_ENDIAN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "endian option specified "
"more than once for byte_extract");
@ -360,7 +365,7 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
}
bed->flags |= DETECT_BYTE_EXTRACT_FLAG_ENDIAN;
bed->endian = DETECT_BYTE_EXTRACT_ENDIAN_LITTLE;
} else if (strcmp("dce", str_ptr) == 0) {
} else if (strcmp("dce", opt_str) == 0) {
if (bed->flags & DETECT_BYTE_EXTRACT_FLAG_ENDIAN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "endian option specified "
"more than once for byte_extract");
@ -368,7 +373,7 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
}
bed->flags |= DETECT_BYTE_EXTRACT_FLAG_ENDIAN;
bed->endian = DETECT_BYTE_EXTRACT_ENDIAN_DCE;
} else if (strcmp("string", str_ptr) == 0) {
} else if (strcmp("string", opt_str) == 0) {
if (bed->flags & DETECT_BYTE_EXTRACT_FLAG_STRING) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "string specified more "
"than once for byte_extract");
@ -381,7 +386,7 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
goto error;
}
bed->flags |= DETECT_BYTE_EXTRACT_FLAG_STRING;
} else if (strcmp("hex", str_ptr) == 0) {
} else if (strcmp("hex", opt_str) == 0) {
if (!(bed->flags & DETECT_BYTE_EXTRACT_FLAG_STRING)) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Base(hex) specified "
"without specifying string. The right way is "
@ -394,7 +399,7 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
goto error;
}
bed->base = DETECT_BYTE_EXTRACT_BASE_HEX;
} else if (strcmp("oct", str_ptr) == 0) {
} else if (strcmp("oct", opt_str) == 0) {
if (!(bed->flags & DETECT_BYTE_EXTRACT_FLAG_STRING)) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Base(oct) specified "
"without specifying string. The right way is "
@ -407,7 +412,7 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
goto error;
}
bed->base = DETECT_BYTE_EXTRACT_BASE_OCT;
} else if (strcmp("dec", str_ptr) == 0) {
} else if (strcmp("dec", opt_str) == 0) {
if (!(bed->flags & DETECT_BYTE_EXTRACT_FLAG_STRING)) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Base(dec) specified "
"without specifying string. The right way is "
@ -420,7 +425,7 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
goto error;
}
bed->base = DETECT_BYTE_EXTRACT_BASE_DEC;
} else if (strcmp("align", str_ptr) == 0) {
} else if (strcmp("align", opt_str) == 0) {
if (bed->flags & DETECT_BYTE_EXTRACT_FLAG_ALIGN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Align specified more "
"than once for byte_extract");
@ -428,24 +433,26 @@ static inline DetectByteExtractData *DetectByteExtractParse(char *arg)
}
bed->flags |= DETECT_BYTE_EXTRACT_FLAG_ALIGN;
i++;
res = pcre_get_substring((char *)arg, ov,
MAX_SUBSTRINGS, i, (const char **)&str_ptr);
char align_str[16] = "";
res = pcre_copy_substring((char *)arg, ov,
MAX_SUBSTRINGS, i, align_str, sizeof(align_str));
if (res < 0) {
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_get_substring failed "
SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_copy_substring failed "
"for arg %d in byte_extract", i);
goto error;
}
bed->align_value = atoi(str_ptr);
bed->align_value = atoi(align_str);
if (!(bed->align_value == 2 || bed->align_value == 4)) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid align_value for "
"byte_extract - \"%d\"", bed->align_value);
goto error;
}
} else if (strcmp("", str_ptr) == 0) {
} else if (strcmp("", opt_str) == 0) {
;
} else {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid option - \"%s\" "
"specified in byte_extract", str_ptr);
"specified in byte_extract", opt_str);
goto error;
}
} /* for (i = 4; i < ret; i++) */

Write Preview
Loading…
Cancel
Save