ipv4: store ipopts as flags, not bools

10 years ago · 8c37906cf9
parent be5a5df1f7
commit 8c37906cf9
3 changed files with 36 additions and 33 deletions
--- a/src/decode-ipv4.c
+++ b/src/decode-ipv4.c
@ -331,7 +331,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
            /** \todo What if more data exist after EOL (possible covert channel or data leakage)? */
            SCLogDebug("IPV4OPT %" PRIu16 " len 1 @ %" PRIu16 "/%" PRIu16 "",
                   *pkt, (len - plen), (len - 1));
-            p->ip4vars.eol = TRUE;
+            p->ip4vars.opts_set |= IPV4_OPT_FLAG_EOL;
            break;
        } else if (*pkt == IPV4_OPT_NOP) {
            SCLogDebug("IPV4OPT %" PRIu16 " len 1 @ %" PRIu16 "/%" PRIu16 "",
@ -339,7 +339,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
            pkt++;
            plen--;

-            p->ip4vars.nop = TRUE;
+            p->ip4vars.opts_set |= IPV4_OPT_FLAG_NOP;

        /* multibyte options */
        } else {
@ -379,7 +379,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
                        return -1;
                    }
                    opts->o_ts = opt;
-                    p->ip4vars.ts = TRUE;
+                    p->ip4vars.opts_set |= IPV4_OPT_FLAG_TS;
                    break;
                case IPV4_OPT_RR:
                    if (opts->o_rr.type != 0) {
@ -390,7 +390,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
                        return -1;
                    }
                    opts->o_rr = opt;
-                    p->ip4vars.rr = TRUE;
+                    p->ip4vars.opts_set |= IPV4_OPT_FLAG_RR;
                    break;
                case IPV4_OPT_QS:
                    if (opts->o_qs.type != 0) {
@ -401,7 +401,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
                        return -1;
                    }
                    opts->o_qs = opt;
-                    p->ip4vars.qs = TRUE;
+                    p->ip4vars.opts_set |= IPV4_OPT_FLAG_QS;
                    break;
                case IPV4_OPT_SEC:
                    if (opts->o_sec.type != 0) {
@ -412,7 +412,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
                        return -1;
                    }
                    opts->o_sec = opt;
-                    p->ip4vars.sec = TRUE;
+                    p->ip4vars.opts_set |= IPV4_OPT_FLAG_SEC;
                    break;
                case IPV4_OPT_LSRR:
                    if (opts->o_lsrr.type != 0) {
@ -423,7 +423,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
                        return -1;
                    }
                    opts->o_lsrr = opt;
-                    p->ip4vars.lsrr = TRUE;
+                    p->ip4vars.opts_set |= IPV4_OPT_FLAG_LSRR;
                    break;
                case IPV4_OPT_CIPSO:
                    if (opts->o_cipso.type != 0) {
@ -434,7 +434,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
                        return -1;
                    }
                    opts->o_cipso = opt;
-                    p->ip4vars.cipso = TRUE;
+                    p->ip4vars.opts_set |= IPV4_OPT_FLAG_CIPSO;
                    break;
                case IPV4_OPT_SID:
                    if (opts->o_sid.type != 0) {
@ -445,7 +445,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
                        return -1;
                    }
                    opts->o_sid = opt;
-                    p->ip4vars.sid = TRUE;
+                    p->ip4vars.opts_set |= IPV4_OPT_FLAG_SID;
                    break;
                case IPV4_OPT_SSRR:
                    if (opts->o_ssrr.type != 0) {
@ -456,7 +456,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
                        return -1;
                    }
                    opts->o_ssrr = opt;
-                    p->ip4vars.ssrr = TRUE;
+                    p->ip4vars.opts_set |= IPV4_OPT_FLAG_SSRR;
                    break;
                case IPV4_OPT_RTRALT:
                    if (opts->o_rtralt.type != 0) {
@ -467,7 +467,7 @@ static int DecodeIPV4Options(Packet *p, uint8_t *pkt, uint16_t len, IPV4Options
                        return -1;
                    }
                    opts->o_rtralt = opt;
-                    p->ip4vars.rtralt = TRUE;
+                    p->ip4vars.opts_set |= IPV4_OPT_FLAG_RTRALT;
                    break;
                default:
                    SCLogDebug("IPV4OPT <unknown> (%" PRIu8 ") len %" PRIu8,
--- a/src/decode-ipv4.h
+++ b/src/decode-ipv4.h
@ -154,6 +154,20 @@ typedef struct IPV4Hdr_
    memset(&p->ip4vars, 0x00, sizeof(p->ip4vars)); \
 } while (0)

+enum IPV4OptionFlags {
+    IPV4_OPT_FLAG_EOL = 0,
+    IPV4_OPT_FLAG_NOP,
+    IPV4_OPT_FLAG_RR,
+    IPV4_OPT_FLAG_TS,
+    IPV4_OPT_FLAG_QS,
+    IPV4_OPT_FLAG_LSRR,
+    IPV4_OPT_FLAG_SSRR,
+    IPV4_OPT_FLAG_SID,
+    IPV4_OPT_FLAG_SEC,
+    IPV4_OPT_FLAG_CIPSO,
+    IPV4_OPT_FLAG_RTRALT,
+};
+
 /* helper structure with parsed ipv4 info */
 typedef struct IPV4Vars_
 {
@ -162,18 +176,7 @@ typedef struct IPV4Vars_
    uint32_t ip_dst_u32;   /* dest IP */

    uint16_t opt_cnt;
-    _Bool rr;
-    _Bool lsrr;
-    _Bool eol;
-    _Bool nop;
-    _Bool ts;
-    _Bool sec;
-    _Bool sid;
-    _Bool qs;
-    _Bool cipso;
-    _Bool rtralt;
-    _Bool ssrr;
-
+    uint16_t opts_set;
 } IPV4Vars;


--- a/src/detect-ipopts.c
+++ b/src/detect-ipopts.c
@ -94,28 +94,28 @@ int DetectIpOptsMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p,

    switch (de->ipopt) {
        case IPV4_OPT_RR:
-            return (p->ip4vars.rr);
+            return (p->ip4vars.opts_set & IPV4_OPT_FLAG_RR);
            break;
        case IPV4_OPT_LSRR:
-            return (p->ip4vars.lsrr);
+            return (p->ip4vars.opts_set & IPV4_OPT_FLAG_LSRR);
            break;
        case IPV4_OPT_EOL:
-            return (p->ip4vars.eol);
+            return (p->ip4vars.opts_set & IPV4_OPT_FLAG_EOL);
            break;
        case IPV4_OPT_NOP:
-            return (p->ip4vars.nop);
+            return (p->ip4vars.opts_set & IPV4_OPT_FLAG_NOP);
            break;
        case IPV4_OPT_TS:
-            return (p->ip4vars.ts);
+            return (p->ip4vars.opts_set & IPV4_OPT_FLAG_TS);
            break;
        case IPV4_OPT_SEC:
-            return (p->ip4vars.sec);
+            return (p->ip4vars.opts_set & IPV4_OPT_FLAG_SEC);
            break;
        case IPV4_OPT_SSRR:
-            return (p->ip4vars.ssrr);
+            return (p->ip4vars.opts_set & IPV4_OPT_FLAG_SSRR);
            break;
        case IPV4_OPT_SID:
-            return (p->ip4vars.sid);
+            return (p->ip4vars.opts_set & IPV4_OPT_FLAG_SID);
            break;
    }

@ -281,7 +281,7 @@ int IpOptsTestParse03 (void)
    memset(&ip4h, 0, sizeof(IPV4Hdr));

    p->ip4h = &ip4h;
-    p->ip4vars.rr = TRUE;
+    p->ip4vars.opts_set = IPV4_OPT_FLAG_RR;

    de = DetectIpOptsParse("rr");

@ -331,7 +331,7 @@ int IpOptsTestParse04 (void)
    memset(&ip4h, 0, sizeof(IPV4Hdr));

    p->ip4h = &ip4h;
-    p->ip4vars.rr = TRUE;
+    p->ip4vars.opts_set = IPV4_OPT_FLAG_RR;

    de = DetectIpOptsParse("lsrr");