aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Reduce number of locks required for http_header and http_client_body inspection.

Browse Source
remotes/origin/master-1.1.x
Victor Julien 15 years ago
parent 55ca988222
commit 2422c7471a
2 changed files with 34 additions and 38 deletions
Show Stats Download Patch File Download Diff File

39
src/detect-engine-hcbd.c
Unescape Escape View File

@ -266,6 +266,15 @@ static void DetectEngineBufferHttpClientBodies(DetectEngineCtx *de_ctx,
htp_tx_t *tx = NULL;
int i = 0;
if (det_ctx->hcbd_buffers_list_len > 0) {
SCReturn;
}
if (htp_state == NULL) {
SCLogDebug("no HTTP state");
goto end;
}
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
goto end;
@ -374,9 +383,12 @@ int DetectEngineRunHttpClientBodyMpm(DetectEngineCtx *de_ctx,
int i;
uint32_t cnt = 0;
SCMutexLock(&f->m);
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, htp_state);
SCMutexUnlock(&f->m);
/* bail before locking if we have nothing to do */
if (det_ctx->hcbd_buffers_list_len == 0) {
SCMutexLock(&f->m);
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, htp_state);
SCMutexUnlock(&f->m);
}
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
cnt += HttpClientBodyPatternSearch(det_ctx,
@ -407,24 +419,15 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx,
{
SCEnter();
int r = 0;
HtpState *htp_state = NULL;
int i = 0;
SCMutexLock(&f->m);
htp_state = (HtpState *)alstate;
if (htp_state == NULL) {
SCLogDebug("no HTTP state");
goto end;
}
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
goto end;
/* bail before locking if we have nothing to do */
if (det_ctx->hcbd_buffers_list_len == 0) {
SCMutexLock(&f->m);
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, alstate);
SCMutexUnlock(&f->m);
}
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, htp_state);
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
uint8_t *hcbd_buffer = det_ctx->hcbd_buffers[i];
uint32_t hcbd_buffer_len = det_ctx->hcbd_buffers_len[i];
@ -439,8 +442,6 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx,
}
}
end:
SCMutexUnlock(&f->m);
SCReturnInt(r);
}

33
src/detect-engine-hhd.c
Unescape Escape View File

@ -268,6 +268,11 @@ static void DetectEngineBufferHttpHeaders(DetectEngineThreadCtx *det_ctx, Flow *
htp_tx_t *tx = NULL;
int i = 0;
if (htp_state == NULL) {
SCLogDebug("no HTTP state");
goto end;
}
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
goto end;
@ -359,9 +364,11 @@ int DetectEngineRunHttpHeaderMpm(DetectEngineThreadCtx *det_ctx, Flow *f, HtpSta
int i;
uint32_t cnt = 0;
SCMutexLock(&f->m);
DetectEngineBufferHttpHeaders(det_ctx, f, htp_state);
SCMutexUnlock(&f->m);
if (det_ctx->hhd_buffers_list_len == 0) {
SCMutexLock(&f->m);
DetectEngineBufferHttpHeaders(det_ctx, f, htp_state);
SCMutexUnlock(&f->m);
}
for (i = 0; i < det_ctx->hhd_buffers_list_len; i++) {
cnt += HttpHeaderPatternSearch(det_ctx,
@ -392,24 +399,14 @@ int DetectEngineInspectHttpHeader(DetectEngineCtx *de_ctx,
{
SCEnter();
int r = 0;
HtpState *htp_state = NULL;
int i = 0;
SCMutexLock(&f->m);
htp_state = (HtpState *)alstate;
if (htp_state == NULL) {
SCLogDebug("no HTTP state");
goto end;
}
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
goto end;
if (det_ctx->hhd_buffers_list_len == 0) {
SCMutexLock(&f->m);
DetectEngineBufferHttpHeaders(det_ctx, f, alstate);
SCMutexUnlock(&f->m);
}
DetectEngineBufferHttpHeaders(det_ctx, f, htp_state);
for (i = 0; i < det_ctx->hhd_buffers_list_len; i++) {
uint8_t *hhd_buffer = det_ctx->hhd_buffers[i];
uint32_t hhd_buffer_len = det_ctx->hhd_buffers_len[i];
@ -424,8 +421,6 @@ int DetectEngineInspectHttpHeader(DetectEngineCtx *de_ctx,
}
}
end:
SCMutexUnlock(&f->m);
SCReturnInt(r);
}

Write Preview
Loading…
Cancel
Save