aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

rust: make cargo clippy clean

Browse Source 
Fixing single_match and manual_find intertwined with SCLogDebug
pull/10277/head
Philippe Antoine 2 years ago committed by Victor Julien
parent 89936b6530
commit 38db51b878
8 changed files with 88 additions and 133 deletions
Show Stats Download Patch File Download Diff File

13
rust/src/dcerpc/dcerpc_udp.rs
Unescape Escape View File

@ -141,13 +141,12 @@ impl DCERPCUDPState {
}
fn find_incomplete_tx(&mut self, hdr: &DCERPCHdrUdp) -> Option<&mut DCERPCTransaction> {
for tx in &mut self.transactions {
if tx.seqnum == hdr.seqnum && tx.activityuuid == hdr.activityuuid && ((hdr.pkt_type == DCERPC_TYPE_REQUEST && !tx.req_done) || (hdr.pkt_type == DCERPC_TYPE_RESPONSE && !tx.resp_done)) {
SCLogDebug!("found tx id {}, last tx_id {}, {} {}", tx.id, self.tx_id, tx.seqnum, tx.activityuuid[0]);
return Some(tx);
}
}
None
return self.transactions.iter_mut().find(|tx| {
tx.seqnum == hdr.seqnum
&& tx.activityuuid == hdr.activityuuid
&& ((hdr.pkt_type == DCERPC_TYPE_REQUEST && !tx.req_done)
|| (hdr.pkt_type == DCERPC_TYPE_RESPONSE && !tx.resp_done))
});
}
pub fn handle_fragment_data(&mut self, hdr: &DCERPCHdrUdp, input: &[u8]) -> bool {

10
rust/src/dns/dns.rs
Unescape Escape View File

@ -358,15 +358,7 @@ impl DNSState {
}
pub fn get_tx(&mut self, tx_id: u64) -> Option<&DNSTransaction> {
SCLogDebug!("get_tx: tx_id={}", tx_id);
for tx in &mut self.transactions {
if tx.id == tx_id + 1 {
SCLogDebug!("Found DNS TX with ID {}", tx_id);
return Some(tx);
}
}
SCLogDebug!("Failed to find DNS TX with ID {}", tx_id);
return None;
return self.transactions.iter().find(|&tx| tx.id == tx_id + 1);
}
/// Set an event. The event is set on the most recent transaction.

34
rust/src/nfs/nfs.rs
Unescape Escape View File

@ -462,27 +462,11 @@ impl NFSState {
}
pub fn get_tx_by_id(&mut self, tx_id: u64) -> Option<&NFSTransaction> {
SCLogDebug!("get_tx_by_id: tx_id={}", tx_id);
for tx in &mut self.transactions {
if tx.id == tx_id + 1 {
SCLogDebug!("Found NFS TX with ID {}", tx_id);
return Some(tx);
}
}
SCLogDebug!("Failed to find NFS TX with ID {}", tx_id);
return None;
return self.transactions.iter().find(|&tx| tx.id == tx_id + 1);
}
pub fn get_tx_by_xid(&mut self, tx_xid: u32) -> Option<&mut NFSTransaction> {
SCLogDebug!("get_tx_by_xid: tx_xid={}", tx_xid);
for tx in &mut self.transactions {
if !tx.is_file_tx && tx.xid == tx_xid {
SCLogDebug!("Found NFS TX with ID {} XID {:04X}", tx.id, tx.xid);
return Some(tx);
}
}
SCLogDebug!("Failed to find NFS TX with XID {:04X}", tx_xid);
return None;
return self.transactions.iter_mut().find(|tx| !tx.is_file_tx && tx.xid == tx_xid);
}
/// Set an event. The event is set on the most recent transaction.
@ -685,15 +669,11 @@ impl NFSState {
}
pub fn xidmap_handle2name(&mut self, xidmap: &mut NFSRequestXidMap) {
match self.namemap.get(&xidmap.file_handle) {
Some(n) => {
SCLogDebug!("xidmap_handle2name: name {:?}", n);
xidmap.file_name = n.to_vec();
},
_ => {
SCLogDebug!("xidmap_handle2name: object {:?} not found",
xidmap.file_handle);
},
if let Some(n) = self.namemap.get(&xidmap.file_handle) {
SCLogDebug!("xidmap_handle2name: name {:?}", n);
xidmap.file_name = n.to_vec();
} else {
SCLogDebug!("xidmap_handle2name: object {:?} not found", xidmap.file_handle);
}
}

29
rust/src/smb/auth.rs
Unescape Escape View File

@ -105,21 +105,20 @@ fn parse_secblob_spnego(blob: &[u8]) -> Option<SpnegoRequest>
BerObjectContent::Sequence(ref seq) => {
for se in seq {
SCLogDebug!("SEQ {:?}", se);
match se.content {
BerObjectContent::OID(ref oid) => {
SCLogDebug!("OID {:?}", oid);
match oid.to_string().as_str() {
"1.2.840.48018.1.2.2" => { SCLogDebug!("Microsoft Kerberos 5"); },
"1.2.840.113554.1.2.2" => { SCLogDebug!("Kerberos 5"); have_kerberos = true; },
"1.2.840.113554.1.2.2.1" => { SCLogDebug!("krb5-name"); },
"1.2.840.113554.1.2.2.2" => { SCLogDebug!("krb5-principal"); },
"1.2.840.113554.1.2.2.3" => { SCLogDebug!("krb5-user-to-user-mech"); },
"1.3.6.1.4.1.311.2.2.10" => { SCLogDebug!("NTLMSSP"); have_ntlmssp = true; },
"1.3.6.1.4.1.311.2.2.30" => { SCLogDebug!("NegoEx"); },
_ => { SCLogDebug!("unexpected OID {:?}", oid); },
}
},
_ => { SCLogDebug!("expected OID, got {:?}", se); },
if let BerObjectContent::OID(ref oid) = se.content {
SCLogDebug!("OID {:?}", oid);
match oid.to_string().as_str() {
"1.2.840.48018.1.2.2" => { SCLogDebug!("Microsoft Kerberos 5"); },
"1.2.840.113554.1.2.2" => { SCLogDebug!("Kerberos 5"); have_kerberos = true; },
"1.2.840.113554.1.2.2.1" => { SCLogDebug!("krb5-name"); },
"1.2.840.113554.1.2.2.2" => { SCLogDebug!("krb5-principal"); },
"1.2.840.113554.1.2.2.3" => { SCLogDebug!("krb5-user-to-user-mech"); },
"1.3.6.1.4.1.311.2.2.10" => { SCLogDebug!("NTLMSSP"); have_ntlmssp = true; },
"1.3.6.1.4.1.311.2.2.30" => { SCLogDebug!("NegoEx"); },
_ => { SCLogDebug!("unexpected OID {:?}", oid); },
}
} else {
SCLogDebug!("expected OID, got {:?}", se);
}
}
},

86
rust/src/smb/smb.rs
Unescape Escape View File

@ -2025,57 +2025,51 @@ fn smb_probe_tcp_midstream(direction: Direction, slice: &[u8], rdir: *mut u8, be
} else {
search_smb_record(slice)
};
match r {
Ok((_, data)) => {
SCLogDebug!("smb found");
match parse_smb_version(data) {
Ok((_, ref smb)) => {
SCLogDebug!("SMB {:?}", smb);
if smb.version == 0xff_u8 { // SMB1
SCLogDebug!("SMBv1 record");
if let Ok((_, ref smb_record)) = parse_smb_record(data) {
if smb_record.flags & 0x80 != 0 {
SCLogDebug!("RESPONSE {:02x}", smb_record.flags);
if direction == Direction::ToServer {
unsafe { *rdir = Direction::ToClient as u8; }
}
} else {
SCLogDebug!("REQUEST {:02x}", smb_record.flags);
if direction == Direction::ToClient {
unsafe { *rdir = Direction::ToServer as u8; }
}
}
return 1;
if let Ok((_, data)) = r {
SCLogDebug!("smb found");
if let Ok((_, ref smb)) = parse_smb_version(data) {
SCLogDebug!("SMB {:?}", smb);
if smb.version == 0xff_u8 { // SMB1
SCLogDebug!("SMBv1 record");
if let Ok((_, ref smb_record)) = parse_smb_record(data) {
if smb_record.flags & 0x80 != 0 {
SCLogDebug!("RESPONSE {:02x}", smb_record.flags);
if direction == Direction::ToServer {
unsafe { *rdir = Direction::ToClient as u8; }
}
} else if smb.version == 0xfe_u8 { // SMB2
SCLogDebug!("SMB2 record");
if let Ok((_, ref smb_record)) = parse_smb2_record_direction(data) {
if direction == Direction::ToServer {
SCLogDebug!("direction Direction::ToServer smb_record {:?}", smb_record);
if !smb_record.request {
unsafe { *rdir = Direction::ToClient as u8; }
}
} else {
SCLogDebug!("direction Direction::ToClient smb_record {:?}", smb_record);
if smb_record.request {
unsafe { *rdir = Direction::ToServer as u8; }
}
}
} else {
SCLogDebug!("REQUEST {:02x}", smb_record.flags);
if direction == Direction::ToClient {
unsafe { *rdir = Direction::ToServer as u8; }
}
}
else if smb.version == 0xfd_u8 { // SMB3 transform
SCLogDebug!("SMB3 record");
}
return 1;
},
_ => {
SCLogDebug!("smb not found in {:?}", slice);
},
}
} else if smb.version == 0xfe_u8 { // SMB2
SCLogDebug!("SMB2 record");
if let Ok((_, ref smb_record)) = parse_smb2_record_direction(data) {
if direction == Direction::ToServer {
SCLogDebug!("direction Direction::ToServer smb_record {:?}", smb_record);
if !smb_record.request {
unsafe { *rdir = Direction::ToClient as u8; }
}
} else {
SCLogDebug!("direction Direction::ToClient smb_record {:?}", smb_record);
if smb_record.request {
unsafe { *rdir = Direction::ToServer as u8; }
}
}
}
}
else if smb.version == 0xfd_u8 { // SMB3 transform
SCLogDebug!("SMB3 record");
}
},
_ => {
SCLogDebug!("no dice");
},
return 1;
} else {
SCLogDebug!("smb not found in {:?}", slice);
}
} else {
SCLogDebug!("no dice");
}
return 0;
}

23
rust/src/smb/smb1.rs
Unescape Escape View File

@ -725,19 +725,16 @@ fn smb1_response_record_one(state: &mut SMBState, r: &SmbRecord, command: u8, an
SCLogDebug!("Create AndX {:?}", cr);
let guid_key = SMBCommonHdr::from1(r, SMBHDR_TYPE_FILENAME);
match state.ssn2vec_map.remove(&guid_key) {
Some(mut p) => {
p.retain(|&i|i != 0x00);
let mut fid = cr.fid.to_vec();
fid.extend_from_slice(&u32_as_bytes(r.ssn_id));
SCLogDebug!("SMB1_COMMAND_NT_CREATE_ANDX fid {:?}", fid);
SCLogDebug!("fid {:?} name {:?}", fid, p);
state.guid2name_map.insert(fid, p);
},
_ => {
SCLogDebug!("SMBv1 response: GUID NOT FOUND");
},
if let Some(mut p) = state.ssn2vec_map.remove(&guid_key) {
p.retain(|&i|i != 0x00);
let mut fid = cr.fid.to_vec();
fid.extend_from_slice(&u32_as_bytes(r.ssn_id));
SCLogDebug!("SMB1_COMMAND_NT_CREATE_ANDX fid {:?}", fid);
SCLogDebug!("fid {:?} name {:?}", fid, p);
state.guid2name_map.insert(fid, p);
} else {
SCLogDebug!("SMBv1 response: GUID NOT FOUND");
}
let tx_hdr = SMBCommonHdr::from1(r, SMBHDR_TYPE_GENERICTX);

13
rust/src/smb/smb1_session.rs
Unescape Escape View File

@ -187,16 +187,13 @@ pub fn smb1_session_setup_response(state: &mut SMBState, r: &SmbRecord, andx_off
};
// otherwise try match with ssn id 0 (e.g. NTLMSSP_NEGOTIATE)
if !found {
match state.get_sessionsetup_tx(
if let Some(tx) = state.get_sessionsetup_tx(
SMBCommonHdr::new(SMBHDR_TYPE_HEADER, 0, 0, r.multiplex_id as u64))
{
Some(tx) => {
smb1_session_setup_update_tx(tx, r, andx_offset);
SCLogDebug!("smb1_session_setup_response: tx {:?}", tx);
},
None => {
SCLogDebug!("smb1_session_setup_response: tx not found for {:?}", r);
},
smb1_session_setup_update_tx(tx, r, andx_offset);
SCLogDebug!("smb1_session_setup_response: tx {:?}", tx);
} else {
SCLogDebug!("smb1_session_setup_response: tx not found for {:?}", r);
}
}
}

13
rust/src/smb/smb2_session.rs
Unescape Escape View File

@ -70,16 +70,13 @@ pub fn smb2_session_setup_response(state: &mut SMBState, r: &Smb2Record)
};
// otherwise try match with ssn id 0 (e.g. NTLMSSP_NEGOTIATE)
if !found {
match state.get_sessionsetup_tx(
if let Some(tx) = state.get_sessionsetup_tx(
SMBCommonHdr::new(SMBHDR_TYPE_HEADER, 0, 0, r.message_id))
{
Some(tx) => {
smb2_session_setup_update_tx(tx, r);
SCLogDebug!("smb2_session_setup_response: tx {:?}", tx);
},
None => {
SCLogDebug!("smb2_session_setup_response: tx not found for {:?}", r);
},
smb2_session_setup_update_tx(tx, r);
SCLogDebug!("smb2_session_setup_response: tx {:?}", tx);
} else {
SCLogDebug!("smb2_session_setup_response: tx not found for {:?}", r);
}
}
}

Write Preview
Loading…
Cancel
Save