classification: fix multi-tenant loading issues

Move pcre2 data structures used for parsing into the detect engine context, so that multiple tenant loading threads don't use the same data structures. Bug: #4797.
2 years ago · 2859eeae81
parent 24745b3a73
commit 2859eeae81
7 changed files with 31 additions and 26 deletions
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@ -2514,6 +2514,7 @@ static DetectEngineCtx *DetectEngineCtxInitReal(enum DetectEngineType type, cons
    /* init iprep... ignore errors for now */
    (void)SRepInit(de_ctx);

+    SCClassConfInit(de_ctx);
    if (!SCClassConfLoadClassificationConfigFile(de_ctx, NULL)) {
        if (RunmodeGetCurrent() == RUNMODE_CONF_TEST)
            goto error;
@ -2658,6 +2659,7 @@ void DetectEngineCtxFree(DetectEngineCtx *de_ctx)
    DetectBufferTypeFreeDetectEngine(de_ctx);
    /* freed our var name hash */
    VarNameStoreFree(de_ctx->version);
+    SCClassConfDeinit(de_ctx);

    SCFree(de_ctx);
    //DetectAddressGroupPrintMemory();
--- a/src/detect.h
+++ b/src/detect.h
@ -853,8 +853,6 @@ typedef struct DetectEngineCtx_ {
    /* used by the signature ordering module */
    struct SCSigOrderFunc_ *sc_sig_order_funcs;

-    /* hash table used for holding the classification config info */
-    HashTable *class_conf_ht;
    /* hash table used for holding the reference config info */
    HashTable *reference_conf_ht;

@ -1011,6 +1009,13 @@ typedef struct DetectEngineCtx_ {
     *  run. */
    bool sm_types_prefilter[DETECT_TBLSIZE];
    bool sm_types_silent_error[DETECT_TBLSIZE];
+
+    /* classification config parsing */
+
+    /* hash table used for holding the classification config info */
+    HashTable *class_conf_ht;
+    pcre2_code *class_conf_regex;
+    pcre2_match_data *class_conf_regex_match;
 } DetectEngineCtx;

 /* Engine groups profiles (low, medium, high, custom) */
--- a/src/runmode-unittests.c
+++ b/src/runmode-unittests.c
@ -254,7 +254,6 @@ void RunUnittests(int list_unittests, const char *regex_arg)

    TagInitCtx();
    SCReferenceConfInit();
-    SCClassConfInit();

    UtInitialize();

--- a/src/suricata.c
+++ b/src/suricata.c
@ -385,7 +385,6 @@ static void GlobalsDestroy(SCInstance *suri)
    TimeDeinit();
    if (!suri->disabled_detect) {
        SCReferenceConfDeinit();
-        SCClassConfDeinit();
    }
    TmqhCleanup();
    TmModuleRunDeInit();
@ -2550,7 +2549,6 @@ void PostConfLoadedDetectSetup(SCInstance *suri)
 {
    DetectEngineCtx *de_ctx = NULL;
    if (!suri->disabled_detect) {
-        SCClassConfInit();
        SCReferenceConfInit();
        SetupDelayedDetect(suri);
        int mt_enabled = 0;
--- a/src/tests/fuzz/fuzz_siginit.c
+++ b/src/tests/fuzz/fuzz_siginit.c
@ -29,7 +29,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
        EngineModeSetIDS();
        SigTableSetup();
        SCReferenceConfInit();
-        SCClassConfInit();
    }
    if (cnt++ == 1024) {
        DetectEngineCtxFree(de_ctx);
--- a/src/util-classification-config.c
+++ b/src/util-classification-config.c
@ -48,9 +48,6 @@
 #define SC_CLASS_CONF_DEF_CONF_FILEPATH CONFIG_DIR "/classification.config"
 #endif

-static pcre2_code *regex = NULL;
-static pcre2_match_data *regex_match = NULL;
-
 uint32_t SCClassConfClasstypeHashFunc(HashTable *ht, void *data, uint16_t datalen);
 char SCClassConfClasstypeHashCompareFunc(void *data1, uint16_t datalen1,
                                         void *data2, uint16_t datalen2);
@ -61,15 +58,15 @@ static SCClassConfClasstype *SCClassConfAllocClasstype(uint16_t classtype_id,
        const char *classtype, const char *classtype_desc, int priority);
 static void SCClassConfDeAllocClasstype(SCClassConfClasstype *ct);

-void SCClassConfInit(void)
+void SCClassConfInit(DetectEngineCtx *de_ctx)
 {
    int en;
    PCRE2_SIZE eo;
    int opts = 0;

-    regex = pcre2_compile(
+    de_ctx->class_conf_regex = pcre2_compile(
            (PCRE2_SPTR8)DETECT_CLASSCONFIG_REGEX, PCRE2_ZERO_TERMINATED, opts, &en, &eo, NULL);
-    if (regex == NULL) {
+    if (de_ctx->class_conf_regex == NULL) {
        PCRE2_UCHAR errbuffer[256];
        pcre2_get_error_message(en, errbuffer, sizeof(errbuffer));
        SCLogWarning("pcre2 compile of \"%s\" failed at "
@ -77,19 +74,20 @@ void SCClassConfInit(void)
                DETECT_CLASSCONFIG_REGEX, (int)eo, errbuffer);
        return;
    }
-    regex_match = pcre2_match_data_create_from_pattern(regex, NULL);
+    de_ctx->class_conf_regex_match =
+            pcre2_match_data_create_from_pattern(de_ctx->class_conf_regex, NULL);
    return;
 }

-void SCClassConfDeinit(void)
+void SCClassConfDeinit(DetectEngineCtx *de_ctx)
 {
-    if (regex != NULL) {
-        pcre2_code_free(regex);
-        regex = NULL;
+    if (de_ctx->class_conf_regex != NULL) {
+        pcre2_code_free(de_ctx->class_conf_regex);
+        de_ctx->class_conf_regex = NULL;
    }
-    if (regex_match != NULL) {
-        pcre2_match_data_free(regex_match);
-        regex_match = NULL;
+    if (de_ctx->class_conf_regex_match != NULL) {
+        pcre2_match_data_free(de_ctx->class_conf_regex_match);
+        de_ctx->class_conf_regex_match = NULL;
    }
 }

@ -248,7 +246,8 @@ int SCClassConfAddClasstype(DetectEngineCtx *de_ctx, char *rawstr, uint16_t inde

    int ret = 0;

-    ret = pcre2_match(regex, (PCRE2_SPTR8)rawstr, strlen(rawstr), 0, 0, regex_match, NULL);
+    ret = pcre2_match(de_ctx->class_conf_regex, (PCRE2_SPTR8)rawstr, strlen(rawstr), 0, 0,
+            de_ctx->class_conf_regex_match, NULL);
    if (ret < 0) {
        SCLogError("Invalid Classtype in "
                   "classification.config file %s: \"%s\"",
@ -258,7 +257,8 @@ int SCClassConfAddClasstype(DetectEngineCtx *de_ctx, char *rawstr, uint16_t inde

    size_t copylen = sizeof(ct_name);
    /* retrieve the classtype name */
-    ret = pcre2_substring_copy_bynumber(regex_match, 1, (PCRE2_UCHAR8 *)ct_name, &copylen);
+    ret = pcre2_substring_copy_bynumber(
+            de_ctx->class_conf_regex_match, 1, (PCRE2_UCHAR8 *)ct_name, &copylen);
    if (ret < 0) {
        SCLogInfo("pcre2_substring_copy_bynumber() failed");
        goto error;
@ -266,7 +266,8 @@ int SCClassConfAddClasstype(DetectEngineCtx *de_ctx, char *rawstr, uint16_t inde

    /* retrieve the classtype description */
    copylen = sizeof(ct_desc);
-    ret = pcre2_substring_copy_bynumber(regex_match, 2, (PCRE2_UCHAR8 *)ct_desc, &copylen);
+    ret = pcre2_substring_copy_bynumber(
+            de_ctx->class_conf_regex_match, 2, (PCRE2_UCHAR8 *)ct_desc, &copylen);
    if (ret < 0) {
        SCLogInfo("pcre2_substring_copy_bynumber() failed");
        goto error;
@ -274,7 +275,8 @@ int SCClassConfAddClasstype(DetectEngineCtx *de_ctx, char *rawstr, uint16_t inde

    /* retrieve the classtype priority */
    copylen = sizeof(ct_priority_str);
-    ret = pcre2_substring_copy_bynumber(regex_match, 3, (PCRE2_UCHAR8 *)ct_priority_str, &copylen);
+    ret = pcre2_substring_copy_bynumber(
+            de_ctx->class_conf_regex_match, 3, (PCRE2_UCHAR8 *)ct_priority_str, &copylen);
    if (ret < 0) {
        SCLogInfo("pcre2_substring_copy_bynumber() failed");
        goto error;
--- a/src/util-classification-config.h
+++ b/src/util-classification-config.h
@ -51,8 +51,8 @@ SCClassConfClasstype *SCClassConfGetClasstype(const char *,
                                              DetectEngineCtx *);
 void SCClassConfDeInitContext(DetectEngineCtx *);

-void SCClassConfInit(void);
-void SCClassConfDeinit(void);
+void SCClassConfInit(DetectEngineCtx *de_ctx);
+void SCClassConfDeinit(DetectEngineCtx *de_ctx);

 /* for unittests */
 #ifdef UNITTESTS