From 987ce57a02a6272805d4e83b9161660d0776f43e Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Fri, 4 Mar 2011 15:27:28 +0100 Subject: [PATCH] Wrap a number of BUG_ON's in the detection engine in DEBUG ifdefs as the conditions they check for are not serious enough to abort the engine. --- src/detect-engine-dcepayload.c | 15 ++++++++++++++- src/detect-engine-hcbd.c | 7 +++++++ src/detect-engine-hcd.c | 7 +++++++ src/detect-engine-hhd.c | 7 +++++++ src/detect-engine-hmd.c | 7 +++++++ src/detect-engine-hrhd.c | 7 +++++++ src/detect-engine-payload.c | 7 +++++++ src/detect-engine-uri.c | 7 +++++++ 8 files changed, 63 insertions(+), 1 deletion(-) diff --git a/src/detect-engine-dcepayload.c b/src/detect-engine-dcepayload.c index ae26acef4a..1860741b79 100644 --- a/src/detect-engine-dcepayload.c +++ b/src/detect-engine-dcepayload.c @@ -103,7 +103,9 @@ static int DoInspectDcePayload(DetectEngineCtx *de_ctx, cd->id, stub_len); /* rule parsers should take care of this */ +#ifdef DEBUG BUG_ON(cd->depth != 0 && cd->depth <= cd->offset); +#endif /* search for our pattern, checking the matches recursively. * if we match we look for the next SigMatch as well */ @@ -197,7 +199,9 @@ static int DoInspectDcePayload(DetectEngineCtx *de_ctx, uint32_t sstub_len = depth - offset; uint32_t match_offset = 0; SCLogDebug("sstub_len %"PRIu32, sstub_len); +#ifdef DEBUG BUG_ON(sstub_len > stub_len); +#endif /* do the actual search */ if (cd->flags & DETECT_CONTENT_NOCASE) { @@ -235,7 +239,13 @@ static int DoInspectDcePayload(DetectEngineCtx *de_ctx, goto match; } - BUG_ON(sm->next == NULL); + /* bail out if we have no next match. Technically this is an + * error, as the current cd has the DETECT_CONTENT_RELATIVE_NEXT + * flag set. */ + if (sm->next == NULL) { + SCReturnInt(0); + } + SCLogDebug("content %"PRIu32, cd->id); /* see if the next payload keywords match. If not, we will @@ -378,7 +388,10 @@ static int DoInspectDcePayload(DetectEngineCtx *de_ctx, /* we should never get here, but bail out just in case */ default: { + SCLogDebug("sm->type %u", sm->type); +#ifdef DEBUG BUG_ON(1); +#endif } } diff --git a/src/detect-engine-hcbd.c b/src/detect-engine-hcbd.c index 1673a7dd61..d58744411b 100644 --- a/src/detect-engine-hcbd.c +++ b/src/detect-engine-hcbd.c @@ -100,7 +100,9 @@ static int DoInspectHttpClientBody(DetectEngineCtx *de_ctx, goto match; /* rule parsers should take care of this */ +#ifdef DEBUG BUG_ON(cd->depth != 0 && cd->depth <= cd->offset); +#endif /* search for our pattern, checking the matches recursively. * if we match we look for the next SigMatch as well */ @@ -172,7 +174,9 @@ static int DoInspectHttpClientBody(DetectEngineCtx *de_ctx, uint8_t *spayload = payload + offset; uint32_t spayload_len = depth - offset; uint32_t match_offset = 0; +#ifdef DEBUG BUG_ON(spayload_len > payload_len); +#endif /* do the actual search with boyer moore precooked ctx */ if (cd->flags & DETECT_CONTENT_NOCASE) { @@ -272,7 +276,10 @@ static int DoInspectHttpClientBody(DetectEngineCtx *de_ctx, } while (1); } else { /* we should never get here, but bail out just in case */ + SCLogDebug("sm->type %u", sm->type); +#ifdef DEBUG BUG_ON(1); +#endif } SCReturnInt(0); diff --git a/src/detect-engine-hcd.c b/src/detect-engine-hcd.c index fa585bc2db..8c83566d62 100644 --- a/src/detect-engine-hcd.c +++ b/src/detect-engine-hcd.c @@ -102,7 +102,9 @@ static int DoInspectHttpCookie(DetectEngineCtx *de_ctx, goto match; /* rule parsers should take care of this */ +#ifdef DEBUG BUG_ON(cd->depth != 0 && cd->depth <= cd->offset); +#endif /* search for our pattern, checking the matches recursively. * if we match we look for the next SigMatch as well */ @@ -174,7 +176,9 @@ static int DoInspectHttpCookie(DetectEngineCtx *de_ctx, uint8_t *spayload = payload + offset; uint32_t spayload_len = depth - offset; uint32_t match_offset = 0; +#ifdef DEBUG BUG_ON(spayload_len > payload_len); +#endif /* do the actual search with boyer moore precooked ctx */ if (cd->flags & DETECT_CONTENT_NOCASE) { @@ -274,7 +278,10 @@ static int DoInspectHttpCookie(DetectEngineCtx *de_ctx, } while (1); } else { /* we should never get here, but bail out just in case */ + SCLogDebug("sm->type %u", sm->type); +#ifdef DEBUG BUG_ON(1); +#endif } SCReturnInt(0); diff --git a/src/detect-engine-hhd.c b/src/detect-engine-hhd.c index cdae2c3509..9cea5ce969 100644 --- a/src/detect-engine-hhd.c +++ b/src/detect-engine-hhd.c @@ -102,7 +102,9 @@ static int DoInspectHttpHeader(DetectEngineCtx *de_ctx, goto match; /* rule parsers should take care of this */ +#ifdef DEBUG BUG_ON(cd->depth != 0 && cd->depth <= cd->offset); +#endif /* search for our pattern, checking the matches recursively. * if we match we look for the next SigMatch as well */ @@ -174,7 +176,9 @@ static int DoInspectHttpHeader(DetectEngineCtx *de_ctx, uint8_t *spayload = payload + offset; uint32_t spayload_len = depth - offset; uint32_t match_offset = 0; +#ifdef DEBUG BUG_ON(spayload_len > payload_len); +#endif /* do the actual search with boyer moore precooked ctx */ if (cd->flags & DETECT_CONTENT_NOCASE) { @@ -274,7 +278,10 @@ static int DoInspectHttpHeader(DetectEngineCtx *de_ctx, } while (1); } else { /* we should never get here, but bail out just in case */ + SCLogDebug("sm->type %u", sm->type); +#ifdef DEBUG BUG_ON(1); +#endif } SCReturnInt(0); diff --git a/src/detect-engine-hmd.c b/src/detect-engine-hmd.c index 8f51b44b27..0e1d0d6eda 100644 --- a/src/detect-engine-hmd.c +++ b/src/detect-engine-hmd.c @@ -102,7 +102,9 @@ static int DoInspectHttpMethod(DetectEngineCtx *de_ctx, goto match; /* rule parsers should take care of this */ +#ifdef DEBUG BUG_ON(cd->depth != 0 && cd->depth <= cd->offset); +#endif /* search for our pattern, checking the matches recursively. * if we match we look for the next SigMatch as well */ @@ -174,7 +176,9 @@ static int DoInspectHttpMethod(DetectEngineCtx *de_ctx, uint8_t *spayload = payload + offset; uint32_t spayload_len = depth - offset; uint32_t match_offset = 0; +#ifdef DEBUG BUG_ON(spayload_len > payload_len); +#endif /* do the actual search with boyer moore precooked ctx */ if (cd->flags & DETECT_CONTENT_NOCASE) { @@ -274,7 +278,10 @@ static int DoInspectHttpMethod(DetectEngineCtx *de_ctx, } while (1); } else { /* we should never get here, but bail out just in case */ + SCLogDebug("sm->type %u", sm->type); +#ifdef DEBUG BUG_ON(1); +#endif } SCReturnInt(0); diff --git a/src/detect-engine-hrhd.c b/src/detect-engine-hrhd.c index c1d919b6cb..d1d19b46bf 100644 --- a/src/detect-engine-hrhd.c +++ b/src/detect-engine-hrhd.c @@ -102,7 +102,9 @@ static int DoInspectHttpRawHeader(DetectEngineCtx *de_ctx, goto match; /* rule parsers should take care of this */ +#ifdef DEBUG BUG_ON(cd->depth != 0 && cd->depth <= cd->offset); +#endif /* search for our pattern, checking the matches recursively. * if we match we look for the next SigMatch as well */ @@ -174,7 +176,9 @@ static int DoInspectHttpRawHeader(DetectEngineCtx *de_ctx, uint8_t *spayload = payload + offset; uint32_t spayload_len = depth - offset; uint32_t match_offset = 0; +#ifdef DEBUG BUG_ON(spayload_len > payload_len); +#endif /* do the actual search with boyer moore precooked ctx */ if (cd->flags & DETECT_CONTENT_NOCASE) { @@ -274,7 +278,10 @@ static int DoInspectHttpRawHeader(DetectEngineCtx *de_ctx, } while (1); } else { /* we should never get here, but bail out just in case */ + SCLogDebug("sm->type %u", sm->type); +#ifdef DEBUG BUG_ON(1); +#endif } SCReturnInt(0); diff --git a/src/detect-engine-payload.c b/src/detect-engine-payload.c index 372837047b..18ec3283b4 100644 --- a/src/detect-engine-payload.c +++ b/src/detect-engine-payload.c @@ -111,7 +111,9 @@ static int DoInspectPacketPayload(DetectEngineCtx *de_ctx, } /* rule parsers should take care of this */ +#ifdef DEBUG BUG_ON(cd->depth != 0 && cd->depth <= cd->offset); +#endif /* search for our pattern, checking the matches recursively. * if we match we look for the next SigMatch as well */ @@ -196,7 +198,9 @@ static int DoInspectPacketPayload(DetectEngineCtx *de_ctx, uint32_t spayload_len = depth - offset; uint32_t match_offset = 0; SCLogDebug("spayload_len %"PRIu32, spayload_len); +#ifdef DEBUG BUG_ON(spayload_len > payload_len); +#endif //PrintRawDataFp(stdout,cd->content,cd->content_len); //PrintRawDataFp(stdout,spayload,spayload_len); @@ -352,7 +356,10 @@ static int DoInspectPacketPayload(DetectEngineCtx *de_ctx, /* we should never get here, but bail out just in case */ default: { + SCLogDebug("sm->type %u", sm->type); +#ifdef DEBUG BUG_ON(1); +#endif } } diff --git a/src/detect-engine-uri.c b/src/detect-engine-uri.c index c8cd8a33b0..103c65e209 100644 --- a/src/detect-engine-uri.c +++ b/src/detect-engine-uri.c @@ -105,7 +105,9 @@ static int DoInspectPacketUri(DetectEngineCtx *de_ctx, goto match; /* rule parsers should take care of this */ +#ifdef DEBUG BUG_ON(ud->depth != 0 && ud->depth <= ud->offset); +#endif /* search for our pattern, checking the matches recursively. * if we match we look for the next SigMatch as well */ @@ -190,7 +192,9 @@ static int DoInspectPacketUri(DetectEngineCtx *de_ctx, uint32_t spayload_len = depth - offset; uint32_t match_offset = 0; SCLogDebug("spayload_len %"PRIu32, spayload_len); +#ifdef DEBUG BUG_ON(spayload_len > payload_len); +#endif //PrintRawDataFp(stdout,ud->content,ud->content_len); @@ -354,7 +358,10 @@ static int DoInspectPacketUri(DetectEngineCtx *de_ctx, SCReturnInt(0); } else { /* we should never get here, but bail out just in case */ + SCLogDebug("sm->type %u", sm->type); +#ifdef DEBUG BUG_ON(1); +#endif } SCReturnInt(0);