aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect: fix integer warnings

Browse Source 
Ticket: #4516
pull/7511/head
Philippe Antoine 4 years ago committed by Victor Julien
parent ac8fb553a1
commit c5cf2967b3
39 changed files with 184 additions and 188 deletions
Show Stats Download Patch File Download Diff File

2
src/decode-icmpv4.h
Unescape Escape View File

@ -187,7 +187,7 @@ typedef struct ICMPV4Vars_
uint16_t seq; uint16_t seq;
/** Actual header length **/ /** Actual header length **/
uint32_t hlen; uint16_t hlen;
/** Pointers to the embedded packet headers */ /** Pointers to the embedded packet headers */
IPV4Hdr *emb_ipv4h; IPV4Hdr *emb_ipv4h;

14
src/detect-byte-extract.c
Unescape Escape View File

@ -112,9 +112,8 @@ void DetectByteExtractRegister(void)
} }
int DetectByteExtractDoMatch(DetectEngineThreadCtx *det_ctx, const SigMatchData *smd, int DetectByteExtractDoMatch(DetectEngineThreadCtx *det_ctx, const SigMatchData *smd,
const Signature *s, const uint8_t *payload, const Signature *s, const uint8_t *payload, uint32_t payload_len, uint64_t *value,
uint16_t payload_len, uint64_t *value, uint8_t endian)
uint8_t endian)
{ {
DetectByteExtractData *data = (DetectByteExtractData *)smd->ctx; DetectByteExtractData *data = (DetectByteExtractData *)smd->ctx;
const uint8_t *ptr = NULL; const uint8_t *ptr = NULL;
@ -320,11 +319,10 @@ static inline DetectByteExtractData *DetectByteExtractParse(DetectEngineCtx *de_
i); i);
goto error; goto error;
} }
int32_t multiplier; uint16_t multiplier;
if (StringParseI32RangeCheck(&multiplier, 10, 0, if (StringParseU16RangeCheck(&multiplier, 10, 0, (const char *)multiplier_str,
(const char *)multiplier_str, DETECT_BYTE_EXTRACT_MULTIPLIER_MIN_LIMIT,
DETECT_BYTE_EXTRACT_MULTIPLIER_MIN_LIMIT, DETECT_BYTE_EXTRACT_MULTIPLIER_MAX_LIMIT) < 0) {
DETECT_BYTE_EXTRACT_MULTIPLIER_MAX_LIMIT) < 0) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid value for" SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid value for"
"multiplier: \"%s\".", multiplier_str); "multiplier: \"%s\".", multiplier_str);
goto error; goto error;

2
src/detect-byte-extract.h
Unescape Escape View File

@ -63,6 +63,6 @@ void DetectByteExtractRegister(void);
SigMatch *DetectByteExtractRetrieveSMVar(const char *, const Signature *); SigMatch *DetectByteExtractRetrieveSMVar(const char *, const Signature *);
int DetectByteExtractDoMatch(DetectEngineThreadCtx *, const SigMatchData *, const Signature *, int DetectByteExtractDoMatch(DetectEngineThreadCtx *, const SigMatchData *, const Signature *,
const uint8_t *, uint16_t, uint64_t *, uint8_t); const uint8_t *, uint32_t, uint64_t *, uint8_t);
#endif /* __DETECT_BYTEEXTRACT_H__ */ #endif /* __DETECT_BYTEEXTRACT_H__ */

23
src/detect-bytejump.c
Unescape Escape View File

@ -40,6 +40,7 @@
#include "util-byte.h" #include "util-byte.h"
#include "util-unittest.h" #include "util-unittest.h"
#include "util-debug.h" #include "util-debug.h"
#include "util-validate.h"
#include "detect-pcre.h" #include "detect-pcre.h"
/** /**
@ -221,7 +222,8 @@ static int DetectBytejumpMatch(DetectEngineThreadCtx *det_ctx,
*/ */
if (data->flags & DETECT_BYTEJUMP_RELATIVE) { if (data->flags & DETECT_BYTEJUMP_RELATIVE) {
ptr = p->payload + det_ctx->buffer_offset; ptr = p->payload + det_ctx->buffer_offset;
len = p->payload_len - det_ctx->buffer_offset; DEBUG_VALIDATE_BUG_ON(p->payload_len - det_ctx->buffer_offset > UINT16_MAX);
len = (uint16_t)(p->payload_len - det_ctx->buffer_offset);
/* No match if there is no relative base */ /* No match if there is no relative base */
if (ptr == NULL || len == 0) { if (ptr == NULL || len == 0) {
@ -233,7 +235,8 @@ static int DetectBytejumpMatch(DetectEngineThreadCtx *det_ctx,
} }
else { else {
ptr = p->payload + data->offset; ptr = p->payload + data->offset;
len = p->payload_len - data->offset; DEBUG_VALIDATE_BUG_ON(p->payload_len - data->offset > UINT16_MAX);
len = (uint16_t)(p->payload_len - data->offset);
} }
/* Verify the to-be-extracted data is within the packet */ /* Verify the to-be-extracted data is within the packet */
@ -395,7 +398,7 @@ static DetectBytejumpData *DetectBytejumpParse(DetectEngineCtx *de_ctx, const ch
*/ */
/* Number of bytes */ /* Number of bytes */
if (StringParseUint32(&nbytes, 10, strlen(args[0]), args[0]) <= 0) { if (StringParseUint32(&nbytes, 10, (uint16_t)strlen(args[0]), args[0]) <= 0) {
SCLogError(SC_ERR_INVALID_VALUE, "Malformed number of bytes: %s", optstr); SCLogError(SC_ERR_INVALID_VALUE, "Malformed number of bytes: %s", optstr);
goto error; goto error;
} }
@ -412,7 +415,7 @@ static DetectBytejumpData *DetectBytejumpParse(DetectEngineCtx *de_ctx, const ch
if (*offset == NULL) if (*offset == NULL)
goto error; goto error;
} else { } else {
if (StringParseInt32(&data->offset, 0, strlen(args[1]), args[1]) <= 0) { if (StringParseInt32(&data->offset, 0, (uint16_t)strlen(args[1]), args[1]) <= 0) {
SCLogError(SC_ERR_INVALID_VALUE, "Malformed offset: %s", optstr); SCLogError(SC_ERR_INVALID_VALUE, "Malformed offset: %s", optstr);
goto error; goto error;
} }
@ -445,18 +448,14 @@ static DetectBytejumpData *DetectBytejumpParse(DetectEngineCtx *de_ctx, const ch
} else if (strcasecmp("align", args[i]) == 0) { } else if (strcasecmp("align", args[i]) == 0) {
data->flags |= DETECT_BYTEJUMP_ALIGN; data->flags |= DETECT_BYTEJUMP_ALIGN;
} else if (strncasecmp("multiplier ", args[i], 11) == 0) { } else if (strncasecmp("multiplier ", args[i], 11) == 0) {
if (StringParseUint32(&data->multiplier, 10, if (StringParseUint32(
strlen(args[i]) - 11, &data->multiplier, 10, (uint16_t)strlen(args[i]) - 11, args[i] + 11) <= 0) {
args[i] + 11) <= 0)
{
SCLogError(SC_ERR_INVALID_VALUE, "Malformed multiplier: %s", optstr); SCLogError(SC_ERR_INVALID_VALUE, "Malformed multiplier: %s", optstr);
goto error; goto error;
} }
} else if (strncasecmp("post_offset ", args[i], 12) == 0) { } else if (strncasecmp("post_offset ", args[i], 12) == 0) {
if (StringParseInt32(&data->post_offset, 10, if (StringParseInt32(&data->post_offset, 10, (uint16_t)strlen(args[i]) - 12,
strlen(args[i]) - 12, args[i] + 12) <= 0) {
args[i] + 12) <= 0)
{
SCLogError(SC_ERR_INVALID_VALUE, "Malformed post_offset: %s", optstr); SCLogError(SC_ERR_INVALID_VALUE, "Malformed post_offset: %s", optstr);
goto error; goto error;
} }

8
src/detect-cipservice.c
Unescape Escape View File

@ -104,9 +104,9 @@ static DetectCipServiceData *DetectCipServiceParse(const char *rulestrc)
char* token; char* token;
char *save; char *save;
int var; uint8_t var;
int input[3] = { 0, 0, 0 }; uint8_t input[3] = { 0, 0, 0 };
int i = 0; uint8_t i = 0;
token = strtok_r(rulestr, delims, &save); token = strtok_r(rulestr, delims, &save);
while (token != NULL) while (token != NULL)
@ -156,7 +156,7 @@ static DetectCipServiceData *DetectCipServiceParse(const char *rulestrc)
goto error; goto error;
} }
sscanf(token, "%d", &var); sscanf(token, "%2" SCNu8, &var);
input[i++] = var; input[i++] = var;
token = strtok_r(NULL, delims, &save); token = strtok_r(NULL, delims, &save);

2
src/detect-csum.c
Unescape Escape View File

@ -819,7 +819,7 @@ static int DetectICMPV6CsumMatch(DetectEngineThreadCtx *det_ctx,
if (p->level4_comp_csum == -1) { if (p->level4_comp_csum == -1) {
uint16_t len = IPV6_GET_RAW_PLEN(p->ip6h) - uint16_t len = IPV6_GET_RAW_PLEN(p->ip6h) -
((uint8_t *)p->icmpv6h - (uint8_t *)p->ip6h - IPV6_HEADER_LEN); (uint16_t)((uint8_t *)p->icmpv6h - (uint8_t *)p->ip6h - IPV6_HEADER_LEN);
p->level4_comp_csum = ICMPV6CalculateChecksum(p->ip6h->s_ip6_addrs, p->level4_comp_csum = ICMPV6CalculateChecksum(p->ip6h->s_ip6_addrs,
(uint16_t *)p->icmpv6h, (uint16_t *)p->icmpv6h,
len); len);

10
src/detect-dnp3.c
Unescape Escape View File

@ -196,7 +196,7 @@ static int DetectEngineInspectDNP3(DetectEngineCtx *de_ctx, DetectEngineThreadCt
*/ */
static int DetectDNP3FuncParseFunctionCode(const char *str, uint8_t *fc) static int DetectDNP3FuncParseFunctionCode(const char *str, uint8_t *fc)
{ {
if (StringParseUint8(fc, 10, strlen(str), str) >= 0) { if (StringParseUint8(fc, 10, (uint16_t)strlen(str), str) >= 0) {
return 1; return 1;
} }
@ -204,7 +204,7 @@ static int DetectDNP3FuncParseFunctionCode(const char *str, uint8_t *fc)
for (size_t i = 0; for (size_t i = 0;
i < sizeof(DNP3FunctionNameMap) / sizeof(DNP3Mapping); i++) { i < sizeof(DNP3FunctionNameMap) / sizeof(DNP3Mapping); i++) {
if (strcasecmp(str, DNP3FunctionNameMap[i].name) == 0) { if (strcasecmp(str, DNP3FunctionNameMap[i].name) == 0) {
*fc = DNP3FunctionNameMap[i].value; *fc = (uint8_t)(DNP3FunctionNameMap[i].value);
return 1; return 1;
} }
} }
@ -288,7 +288,7 @@ static int DetectDNP3IndParse(const char *str, uint16_t *flags)
{ {
*flags = 0; *flags = 0;
if (StringParseUint16(flags, 0, strlen(str), str) > 0) { if (StringParseUint16(flags, 0, (uint16_t)strlen(str), str) > 0) {
return 1; return 1;
} }
@ -363,11 +363,11 @@ static int DetectDNP3ObjParse(const char *str, uint8_t *group, uint8_t *var)
*sep = '\0'; *sep = '\0';
varstr = sep + 1; varstr = sep + 1;
if (StringParseUint8(group, 0, strlen(groupstr), groupstr) < 0) { if (StringParseUint8(group, 0, (uint16_t)strlen(groupstr), groupstr) < 0) {
return 0; return 0;
} }
if (StringParseUint8(var, 0, strlen(varstr), varstr) < 0) { if (StringParseUint8(var, 0, (uint16_t)strlen(varstr), varstr) < 0) {
return 0; return 0;
} }

3
src/detect-engine-address.c
Unescape Escape View File

@ -1330,8 +1330,7 @@ static char DetectAddressMapCompareFunc(void *data1, uint16_t len1, void *data2,
DetectAddressMap *map1 = (DetectAddressMap *)data1; DetectAddressMap *map1 = (DetectAddressMap *)data1;
DetectAddressMap *map2 = (DetectAddressMap *)data2; DetectAddressMap *map2 = (DetectAddressMap *)data2;
char r = (strcmp(map1->string, map2->string) == 0);
int r = (strcmp(map1->string, map2->string) == 0);
return r; return r;
} }

4
src/detect-engine-alert.c
Unescape Escape View File

@ -336,12 +336,12 @@ void PacketAlertFinalize(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx
qsort(det_ctx->alert_queue, det_ctx->alert_queue_size, sizeof(PacketAlert), qsort(det_ctx->alert_queue, det_ctx->alert_queue_size, sizeof(PacketAlert),
AlertQueueSortHelper); AlertQueueSortHelper);
int i = 0; uint16_t i = 0;
uint16_t max_pos = det_ctx->alert_queue_size; uint16_t max_pos = det_ctx->alert_queue_size;
while (i < max_pos) { while (i < max_pos) {
const Signature *s = de_ctx->sig_array[det_ctx->alert_queue[i].num]; const Signature *s = de_ctx->sig_array[det_ctx->alert_queue[i].num];
uint8_t res = PacketAlertHandle(de_ctx, det_ctx, s, p, &det_ctx->alert_queue[i]); int res = PacketAlertHandle(de_ctx, det_ctx, s, p, &det_ctx->alert_queue[i]);
if (res > 0) { if (res > 0) {
/* Now, if we have an alert, we have to check if we want /* Now, if we have an alert, we have to check if we want

7
src/detect-engine-analyzer.c
Unescape Escape View File

@ -38,6 +38,7 @@
#include "detect-tcp-flags.h" #include "detect-tcp-flags.h"
#include "feature.h" #include "feature.h"
#include "util-print.h" #include "util-print.h"
#include "util-validate.h"
static int rule_warnings_only = 0; static int rule_warnings_only = 0;
static FILE *rule_engine_analysis_FD = NULL; static FILE *rule_engine_analysis_FD = NULL;
@ -457,7 +458,7 @@ int PerCentEncodingSetup ()
* \retval 0 if it doesn't have % encoding * \retval 0 if it doesn't have % encoding
* \retval -1 on error * \retval -1 on error
*/ */
int PerCentEncodingMatch (uint8_t *content, uint8_t content_len) static int PerCentEncodingMatch(uint8_t *content, uint16_t content_len)
{ {
int ret = 0; int ret = 0;
@ -1073,7 +1074,9 @@ static void EngineAnalysisItemsInit(void)
for (size_t i = 0; i < ARRAY_SIZE(analyzer_items); i++) { for (size_t i = 0; i < ARRAY_SIZE(analyzer_items); i++) {
DetectEngineAnalyzerItems *analyzer_item = &analyzer_items[i]; DetectEngineAnalyzerItems *analyzer_item = &analyzer_items[i];
analyzer_item->item_id = DetectBufferTypeGetByName(analyzer_item->item_name); int item_id = DetectBufferTypeGetByName(analyzer_item->item_name);
DEBUG_VALIDATE_BUG_ON(item_id < 0 || item_id > UINT16_MAX);
analyzer_item->item_id = (uint16_t)item_id;
if (analyzer_item->item_id == -1) { if (analyzer_item->item_id == -1) {
/* Mismatch between the analyzer_items array and what's supported */ /* Mismatch between the analyzer_items array and what's supported */
FatalError(SC_ERR_INITIALIZATION, FatalError(SC_ERR_INITIALIZATION,

1
src/detect-engine-analyzer.h
Unescape Escape View File

@ -33,7 +33,6 @@ int SetupRuleAnalyzer(void);
void CleanupRuleAnalyzer (void); void CleanupRuleAnalyzer (void);
int PerCentEncodingSetup (void); int PerCentEncodingSetup (void);
int PerCentEncodingMatch (uint8_t *content, uint8_t content_len);
void EngineAnalysisFP(const DetectEngineCtx *de_ctx, void EngineAnalysisFP(const DetectEngineCtx *de_ctx,
const Signature *s, char *line); const Signature *s, char *line);

5
src/detect-engine-build.c
Unescape Escape View File

@ -830,7 +830,7 @@ static json_t *RulesGroupPrintSghStats(const DetectEngineCtx *de_ctx, const SigG
json_object_set_new(types, "any5", json_integer(any5_cnt)); json_object_set_new(types, "any5", json_integer(any5_cnt));
json_object_set_new(stats, "types", types); json_object_set_new(stats, "types", types);
for (int i = 0; i < ALPROTO_MAX; i++) { for (AppProto i = 0; i < ALPROTO_MAX; i++) {
if (alstats[i] > 0) { if (alstats[i] > 0) {
json_t *app = json_object(); json_t *app = json_object();
json_object_set_new(app, "total", json_integer(alstats[i])); json_object_set_new(app, "total", json_integer(alstats[i]));
@ -1178,7 +1178,8 @@ static int RuleSetWhitelist(Signature *s)
int CreateGroupedPortList(DetectEngineCtx *de_ctx, DetectPort *port_list, DetectPort **newhead, uint32_t unique_groups, int (*CompareFunc)(DetectPort *, DetectPort *), uint32_t max_idx); int CreateGroupedPortList(DetectEngineCtx *de_ctx, DetectPort *port_list, DetectPort **newhead, uint32_t unique_groups, int (*CompareFunc)(DetectPort *, DetectPort *), uint32_t max_idx);
int CreateGroupedPortListCmpCnt(DetectPort *a, DetectPort *b); int CreateGroupedPortListCmpCnt(DetectPort *a, DetectPort *b);
static DetectPort *RulesGroupByPorts(DetectEngineCtx *de_ctx, int ipproto, uint32_t direction) { static DetectPort *RulesGroupByPorts(DetectEngineCtx *de_ctx, uint8_t ipproto, uint32_t direction)
{
/* step 1: create a hash of 'DetectPort' objects based on all the /* step 1: create a hash of 'DetectPort' objects based on all the
* rules. Each object will have a SGH with the sigs added * rules. Each object will have a SGH with the sigs added
* that belong to the SGH. */ * that belong to the SGH. */

16
src/detect-engine-content-inspection.c
Unescape Escape View File

@ -52,6 +52,7 @@
#include "util-spm.h" #include "util-spm.h"
#include "util-debug.h" #include "util-debug.h"
#include "util-print.h" #include "util-print.h"
#include "util-validate.h"
#include "util-unittest.h" #include "util-unittest.h"
#include "util-unittest-helper.h" #include "util-unittest-helper.h"
@ -527,10 +528,8 @@ int DetectEngineContentInspection(DetectEngineCtx *de_ctx, DetectEngineThreadCtx
DETECT_BYTE_EXTRACT_ENDIAN_LITTLE : DETECT_BYTE_EXTRACT_ENDIAN_BIG); DETECT_BYTE_EXTRACT_ENDIAN_LITTLE : DETECT_BYTE_EXTRACT_ENDIAN_BIG);
} }
if (DetectByteExtractDoMatch(det_ctx, smd, s, buffer, if (DetectByteExtractDoMatch(det_ctx, smd, s, buffer, buffer_len,
buffer_len, &det_ctx->byte_values[bed->local_id], endian) != 1) {
&det_ctx->byte_values[bed->local_id],
endian) != 1) {
goto no_match; goto no_match;
} }
@ -561,12 +560,9 @@ int DetectEngineContentInspection(DetectEngineCtx *de_ctx, DetectEngineThreadCtx
rvalue = bmd->rvalue; rvalue = bmd->rvalue;
} }
DEBUG_VALIDATE_BUG_ON(buffer_len > UINT16_MAX);
if (DetectByteMathDoMatch(det_ctx, smd, s, buffer, if (DetectByteMathDoMatch(det_ctx, smd, s, buffer, (uint16_t)buffer_len, rvalue,
buffer_len, &det_ctx->byte_values[bmd->local_id], endian) != 1) {
rvalue,
&det_ctx->byte_values[bmd->local_id],
endian) != 1) {
goto no_match; goto no_match;
} }

4
src/detect-engine-event.c
Unescape Escape View File

@ -181,8 +181,8 @@ error:
* \retval 0 on Success * \retval 0 on Success
* \retval -1 on Failure * \retval -1 on Failure
*/ */
static int DetectEngineEventSetupDo (DetectEngineCtx *de_ctx, Signature *s, static int DetectEngineEventSetupDo(
const char *rawstr, int smtype) DetectEngineCtx *de_ctx, Signature *s, const char *rawstr, uint16_t smtype)
{ {
DetectEngineEventData *de = DetectEngineEventParse(rawstr); DetectEngineEventData *de = DetectEngineEventParse(rawstr);
if (de == NULL) if (de == NULL)

28
src/detect-engine-iponly.c
Unescape Escape View File

@ -216,8 +216,8 @@ static int IPOnlyCIDRItemParseSingle(IPOnlyCIDRItem **pdd, const char *str)
goto error; goto error;
} }
int cidr; uint8_t cidr;
if (StringParseI32RangeCheck(&cidr, 10, 0, (const char *)mask, 0, 32) < 0) if (StringParseU8RangeCheck(&cidr, 10, 0, (const char *)mask, 0, 32) < 0)
goto error; goto error;
dd->netmask = cidr; dd->netmask = cidr;
@ -1170,7 +1170,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
SigNumArray *sna = SigNumArrayNew(de_ctx, &de_ctx->io_ctx); SigNumArray *sna = SigNumArrayNew(de_ctx, &de_ctx->io_ctx);
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (src->signum % 8); uint8_t tmp = (uint8_t)(1 << (src->signum % 8));
if (src->negated > 0) if (src->negated > 0)
/* Unset it */ /* Unset it */
@ -1198,7 +1198,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
sna = SigNumArrayCopy((SigNumArray *) user_data); sna = SigNumArrayCopy((SigNumArray *) user_data);
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (src->signum % 8); uint8_t tmp = (uint8_t)(1 << (src->signum % 8));
if (src->negated > 0) if (src->negated > 0)
/* Unset it */ /* Unset it */
@ -1231,7 +1231,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
SigNumArray *sna = (SigNumArray *)user_data; SigNumArray *sna = (SigNumArray *)user_data;
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (src->signum % 8); uint8_t tmp = (uint8_t)(1 << (src->signum % 8));
if (src->negated > 0) if (src->negated > 0)
/* Unset it */ /* Unset it */
@ -1264,7 +1264,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
SigNumArray *sna = SigNumArrayNew(de_ctx, &de_ctx->io_ctx); SigNumArray *sna = SigNumArrayNew(de_ctx, &de_ctx->io_ctx);
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (src->signum % 8); uint8_t tmp = (uint8_t)(1 << (src->signum % 8));
if (src->negated > 0) if (src->negated > 0)
/* Unset it */ /* Unset it */
@ -1289,7 +1289,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
sna = SigNumArrayCopy((SigNumArray *)user_data); sna = SigNumArrayCopy((SigNumArray *)user_data);
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (src->signum % 8); uint8_t tmp = (uint8_t)(1 << (src->signum % 8));
if (src->negated > 0) if (src->negated > 0)
/* Unset it */ /* Unset it */
sna->array[src->signum / 8] &= ~tmp; sna->array[src->signum / 8] &= ~tmp;
@ -1313,7 +1313,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
SigNumArray *sna = (SigNumArray *)user_data; SigNumArray *sna = (SigNumArray *)user_data;
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (src->signum % 8); uint8_t tmp = (uint8_t)(1 << (src->signum % 8));
if (src->negated > 0) if (src->negated > 0)
/* Unset it */ /* Unset it */
sna->array[src->signum / 8] &= ~tmp; sna->array[src->signum / 8] &= ~tmp;
@ -1366,7 +1366,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
SigNumArray *sna = SigNumArrayNew(de_ctx, &de_ctx->io_ctx); SigNumArray *sna = SigNumArrayNew(de_ctx, &de_ctx->io_ctx);
/** Update the sig */ /** Update the sig */
uint8_t tmp = 1 << (dst->signum % 8); uint8_t tmp = (uint8_t)(1 << (dst->signum % 8));
if (dst->negated > 0) if (dst->negated > 0)
/** Unset it */ /** Unset it */
sna->array[dst->signum / 8] &= ~tmp; sna->array[dst->signum / 8] &= ~tmp;
@ -1393,7 +1393,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
sna = SigNumArrayCopy((SigNumArray *) user_data); sna = SigNumArrayCopy((SigNumArray *) user_data);
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (dst->signum % 8); uint8_t tmp = (uint8_t)(1 << (dst->signum % 8));
if (dst->negated > 0) if (dst->negated > 0)
/* Unset it */ /* Unset it */
sna->array[dst->signum / 8] &= ~tmp; sna->array[dst->signum / 8] &= ~tmp;
@ -1420,7 +1420,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
SigNumArray *sna = (SigNumArray *)user_data; SigNumArray *sna = (SigNumArray *)user_data;
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (dst->signum % 8); uint8_t tmp = (uint8_t)(1 << (dst->signum % 8));
if (dst->negated > 0) if (dst->negated > 0)
/* Unset it */ /* Unset it */
sna->array[dst->signum / 8] &= ~tmp; sna->array[dst->signum / 8] &= ~tmp;
@ -1454,7 +1454,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
SigNumArray *sna = SigNumArrayNew(de_ctx, &de_ctx->io_ctx); SigNumArray *sna = SigNumArrayNew(de_ctx, &de_ctx->io_ctx);
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (dst->signum % 8); uint8_t tmp = (uint8_t)(1 << (dst->signum % 8));
if (dst->negated > 0) if (dst->negated > 0)
/* Unset it */ /* Unset it */
sna->array[dst->signum / 8] &= ~tmp; sna->array[dst->signum / 8] &= ~tmp;
@ -1479,7 +1479,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
sna = SigNumArrayCopy((SigNumArray *)user_data); sna = SigNumArrayCopy((SigNumArray *)user_data);
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (dst->signum % 8); uint8_t tmp = (uint8_t)(1 << (dst->signum % 8));
if (dst->negated > 0) if (dst->negated > 0)
/* Unset it */ /* Unset it */
sna->array[dst->signum / 8] &= ~tmp; sna->array[dst->signum / 8] &= ~tmp;
@ -1504,7 +1504,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx)
SigNumArray *sna = (SigNumArray *)user_data; SigNumArray *sna = (SigNumArray *)user_data;
/* Update the sig */ /* Update the sig */
uint8_t tmp = 1 << (dst->signum % 8); uint8_t tmp = (uint8_t)(1 << (dst->signum % 8));
if (dst->negated > 0) if (dst->negated > 0)
/* Unset it */ /* Unset it */
sna->array[dst->signum / 8] &= ~tmp; sna->array[dst->signum / 8] &= ~tmp;

23
src/detect-engine-mpm.c
Unescape Escape View File

@ -118,8 +118,8 @@ void DetectAppLayerMpmRegister2(const char *name,
snprintf(am->pname, sizeof(am->pname), "%s", am->name); snprintf(am->pname, sizeof(am->pname), "%s", am->name);
am->direction = direction; am->direction = direction;
DEBUG_VALIDATE_BUG_ON(sm_list < 0 || sm_list > INT16_MAX); DEBUG_VALIDATE_BUG_ON(sm_list < 0 || sm_list > INT16_MAX);
am->sm_list = sm_list; am->sm_list = (int16_t)sm_list;
am->sm_list_base = sm_list; am->sm_list_base = (int16_t)sm_list;
am->priority = priority; am->priority = priority;
am->type = DETECT_BUFFER_MPM_TYPE_APP; am->type = DETECT_BUFFER_MPM_TYPE_APP;
@ -159,7 +159,7 @@ void DetectAppLayerMpmRegisterByParentId(DetectEngineCtx *de_ctx,
am->name = t->name; am->name = t->name;
am->direction = t->direction; am->direction = t->direction;
DEBUG_VALIDATE_BUG_ON(id < 0 || id > INT16_MAX); DEBUG_VALIDATE_BUG_ON(id < 0 || id > INT16_MAX);
am->sm_list = id; // use new id am->sm_list = (uint16_t)id; // use new id
am->sm_list_base = t->sm_list; am->sm_list_base = t->sm_list;
am->type = DETECT_BUFFER_MPM_TYPE_APP; am->type = DETECT_BUFFER_MPM_TYPE_APP;
am->PrefilterRegisterWithListId = t->PrefilterRegisterWithListId; am->PrefilterRegisterWithListId = t->PrefilterRegisterWithListId;
@ -302,7 +302,7 @@ void DetectFrameMpmRegister(const char *name, int direction, int priority,
DetectBufferTypeSupportsFrames(name); DetectBufferTypeSupportsFrames(name);
DetectBufferTypeSupportsTransformations(name); DetectBufferTypeSupportsTransformations(name);
int sm_list = DetectBufferTypeGetByName(name); int sm_list = DetectBufferTypeGetByName(name);
if (sm_list == -1) { if (sm_list < 0 || sm_list > UINT16_MAX) {
FatalError(SC_ERR_INITIALIZATION, "MPM engine registration for %s failed", name); FatalError(SC_ERR_INITIALIZATION, "MPM engine registration for %s failed", name);
} }
@ -310,7 +310,7 @@ void DetectFrameMpmRegister(const char *name, int direction, int priority,
BUG_ON(am == NULL); BUG_ON(am == NULL);
am->name = name; am->name = name;
snprintf(am->pname, sizeof(am->pname), "%s", am->name); snprintf(am->pname, sizeof(am->pname), "%s", am->name);
am->sm_list = sm_list; am->sm_list = (uint16_t)sm_list;
am->direction = direction; am->direction = direction;
am->priority = priority; am->priority = priority;
am->type = DETECT_BUFFER_MPM_TYPE_FRAME; am->type = DETECT_BUFFER_MPM_TYPE_FRAME;
@ -350,7 +350,8 @@ void DetectFrameMpmRegisterByParentId(DetectEngineCtx *de_ctx, const int id, con
BUG_ON(am == NULL); BUG_ON(am == NULL);
am->name = t->name; am->name = t->name;
snprintf(am->pname, sizeof(am->pname), "%s#%d", am->name, id); snprintf(am->pname, sizeof(am->pname), "%s#%d", am->name, id);
am->sm_list = id; // use new id DEBUG_VALIDATE_BUG_ON(id < 0 || id > UINT16_MAX);
am->sm_list = (uint16_t)id; // use new id
am->sm_list_base = t->sm_list; am->sm_list_base = t->sm_list;
am->type = DETECT_BUFFER_MPM_TYPE_FRAME; am->type = DETECT_BUFFER_MPM_TYPE_FRAME;
am->PrefilterRegisterWithListId = t->PrefilterRegisterWithListId; am->PrefilterRegisterWithListId = t->PrefilterRegisterWithListId;
@ -386,7 +387,7 @@ void DetectEngineFrameMpmRegister(DetectEngineCtx *de_ctx, const char *name, int
AppProtoToString(alproto), type); AppProtoToString(alproto), type);
const int sm_list = DetectEngineBufferTypeRegister(de_ctx, name); const int sm_list = DetectEngineBufferTypeRegister(de_ctx, name);
if (sm_list < 0) { if (sm_list < 0 || sm_list > UINT16_MAX) {
FatalError(SC_ERR_INITIALIZATION, "MPM engine registration for %s failed", name); FatalError(SC_ERR_INITIALIZATION, "MPM engine registration for %s failed", name);
} }
@ -398,7 +399,7 @@ void DetectEngineFrameMpmRegister(DetectEngineCtx *de_ctx, const char *name, int
BUG_ON(am == NULL); BUG_ON(am == NULL);
am->name = name; am->name = name;
snprintf(am->pname, sizeof(am->pname), "%s", am->name); snprintf(am->pname, sizeof(am->pname), "%s", am->name);
am->sm_list = sm_list; am->sm_list = (uint16_t)sm_list;
am->direction = direction; am->direction = direction;
am->priority = priority; am->priority = priority;
am->type = DETECT_BUFFER_MPM_TYPE_FRAME; am->type = DETECT_BUFFER_MPM_TYPE_FRAME;
@ -549,7 +550,7 @@ void DetectPktMpmRegister(const char *name,
am->name = name; am->name = name;
snprintf(am->pname, sizeof(am->pname), "%s", am->name); snprintf(am->pname, sizeof(am->pname), "%s", am->name);
DEBUG_VALIDATE_BUG_ON(sm_list < 0 || sm_list > INT16_MAX); DEBUG_VALIDATE_BUG_ON(sm_list < 0 || sm_list > INT16_MAX);
am->sm_list = sm_list; am->sm_list = (uint16_t)sm_list;
am->priority = priority; am->priority = priority;
am->type = DETECT_BUFFER_MPM_TYPE_PKT; am->type = DETECT_BUFFER_MPM_TYPE_PKT;
@ -587,7 +588,7 @@ void DetectPktMpmRegisterByParentId(DetectEngineCtx *de_ctx,
am->name = t->name; am->name = t->name;
snprintf(am->pname, sizeof(am->pname), "%s#%d", am->name, id); snprintf(am->pname, sizeof(am->pname), "%s#%d", am->name, id);
DEBUG_VALIDATE_BUG_ON(id < 0 || id > INT16_MAX); DEBUG_VALIDATE_BUG_ON(id < 0 || id > INT16_MAX);
am->sm_list = id; // use new id am->sm_list = (uint16_t)id; // use new id
am->sm_list_base = t->sm_list; am->sm_list_base = t->sm_list;
am->type = DETECT_BUFFER_MPM_TYPE_PKT; am->type = DETECT_BUFFER_MPM_TYPE_PKT;
am->PrefilterRegisterWithListId = t->PrefilterRegisterWithListId; am->PrefilterRegisterWithListId = t->PrefilterRegisterWithListId;
@ -869,7 +870,7 @@ uint8_t PatternMatchDefaultMatcher(void)
if (strcmp("auto", mpm_algo) == 0) { if (strcmp("auto", mpm_algo) == 0) {
goto done; goto done;
} }
for (uint16_t u = 0; u < MPM_TABLE_SIZE; u++) { for (uint8_t u = 0; u < MPM_TABLE_SIZE; u++) {
if (mpm_table[u].name == NULL) if (mpm_table[u].name == NULL)
continue; continue;

8
src/detect-engine-port.c
Unescape Escape View File

@ -260,10 +260,10 @@ error:
static int DetectPortCut(DetectEngineCtx *de_ctx, DetectPort *a, static int DetectPortCut(DetectEngineCtx *de_ctx, DetectPort *a,
DetectPort *b, DetectPort **c) DetectPort *b, DetectPort **c)
{ {
uint32_t a_port1 = a->port; uint16_t a_port1 = a->port;
uint32_t a_port2 = a->port2; uint16_t a_port2 = a->port2;
uint32_t b_port1 = b->port; uint16_t b_port1 = b->port;
uint32_t b_port2 = b->port2; uint16_t b_port2 = b->port2;
/* default to NULL */ /* default to NULL */
*c = NULL; *c = NULL;

6
src/detect-engine-prefilter.c
Unescape Escape View File

@ -286,7 +286,9 @@ int PrefilterAppendTxEngine(DetectEngineCtx *de_ctx, SigGroupHead *sgh,
e->PrefilterTx = PrefilterTxFunc; e->PrefilterTx = PrefilterTxFunc;
e->pectx = pectx; e->pectx = pectx;
e->alproto = alproto; e->alproto = alproto;
e->tx_min_progress = tx_min_progress; // TODO change function prototype ?
DEBUG_VALIDATE_BUG_ON(tx_min_progress > UINT8_MAX);
e->tx_min_progress = (uint8_t)tx_min_progress;
e->Free = FreeFunc; e->Free = FreeFunc;
if (sgh->init->tx_engines == NULL) { if (sgh->init->tx_engines == NULL) {
@ -498,7 +500,7 @@ void PrefilterSetupRuleGroup(DetectEngineCtx *de_ctx, SigGroupHead *sgh)
} }
memset(sgh->tx_engines, 0x00, (cnt * sizeof(PrefilterEngine))); memset(sgh->tx_engines, 0x00, (cnt * sizeof(PrefilterEngine)));
uint32_t local_id = 0; uint16_t local_id = 0;
PrefilterEngine *e = sgh->tx_engines; PrefilterEngine *e = sgh->tx_engines;
for (el = sgh->init->tx_engines ; el != NULL; el = el->next) { for (el = sgh->init->tx_engines ; el != NULL; el = el->next) {
e->local_id = local_id++; e->local_id = local_id++;

86
src/detect-engine.c
Unescape Escape View File

@ -154,8 +154,8 @@ void DetectPktInspectEngineRegister(const char *name,
FatalError(SC_ERR_INITIALIZATION, FatalError(SC_ERR_INITIALIZATION,
"failed to register inspect engine %s: %s", name, strerror(errno)); "failed to register inspect engine %s: %s", name, strerror(errno));
} }
new_engine->sm_list = sm_list; new_engine->sm_list = (uint16_t)sm_list;
new_engine->sm_list_base = sm_list; new_engine->sm_list_base = (uint16_t)sm_list;
new_engine->v1.Callback = Callback; new_engine->v1.Callback = Callback;
new_engine->v1.GetData = GetPktData; new_engine->v1.GetData = GetPktData;
@ -188,7 +188,7 @@ void DetectFrameInspectEngineRegister(const char *name, int dir,
BUG_ON(1); BUG_ON(1);
} }
int direction; uint8_t direction;
if (dir == SIG_FLAG_TOSERVER) { if (dir == SIG_FLAG_TOSERVER) {
direction = 0; direction = 0;
} else { } else {
@ -200,8 +200,8 @@ void DetectFrameInspectEngineRegister(const char *name, int dir,
FatalError(SC_ERR_INITIALIZATION, "failed to register inspect engine %s: %s", name, FatalError(SC_ERR_INITIALIZATION, "failed to register inspect engine %s: %s", name,
strerror(errno)); strerror(errno));
} }
new_engine->sm_list = sm_list; new_engine->sm_list = (uint16_t)sm_list;
new_engine->sm_list_base = sm_list; new_engine->sm_list_base = (uint16_t)sm_list;
new_engine->dir = direction; new_engine->dir = direction;
new_engine->v1.Callback = Callback; new_engine->v1.Callback = Callback;
new_engine->alproto = alproto; new_engine->alproto = alproto;
@ -250,7 +250,7 @@ void DetectAppLayerInspectEngineRegister2(const char *name,
BUG_ON(1); BUG_ON(1);
} }
int direction; uint8_t direction;
if (dir == SIG_FLAG_TOSERVER) { if (dir == SIG_FLAG_TOSERVER) {
direction = 0; direction = 0;
} else { } else {
@ -264,9 +264,9 @@ void DetectAppLayerInspectEngineRegister2(const char *name,
memset(new_engine, 0, sizeof(*new_engine)); memset(new_engine, 0, sizeof(*new_engine));
new_engine->alproto = alproto; new_engine->alproto = alproto;
new_engine->dir = direction; new_engine->dir = direction;
new_engine->sm_list = sm_list; new_engine->sm_list = (uint16_t)sm_list;
new_engine->sm_list_base = sm_list; new_engine->sm_list_base = (uint16_t)sm_list;
new_engine->progress = progress; new_engine->progress = (int16_t)progress;
new_engine->v2.Callback = Callback2; new_engine->v2.Callback = Callback2;
new_engine->v2.GetData = GetData; new_engine->v2.GetData = GetData;
@ -297,8 +297,10 @@ static void DetectAppLayerInspectEngineCopy(
} }
new_engine->alproto = t->alproto; new_engine->alproto = t->alproto;
new_engine->dir = t->dir; new_engine->dir = t->dir;
new_engine->sm_list = new_list; /* use new list id */ DEBUG_VALIDATE_BUG_ON(new_list < 0 || new_list > UINT16_MAX);
new_engine->sm_list_base = sm_list; new_engine->sm_list = (uint16_t)new_list; /* use new list id */
DEBUG_VALIDATE_BUG_ON(sm_list < 0 || sm_list > UINT16_MAX);
new_engine->sm_list_base = (uint16_t)sm_list;
new_engine->progress = t->progress; new_engine->progress = t->progress;
new_engine->v2 = t->v2; new_engine->v2 = t->v2;
new_engine->v2.transforms = transforms; /* assign transforms */ new_engine->v2.transforms = transforms; /* assign transforms */
@ -359,8 +361,10 @@ static void DetectPktInspectEngineCopy(
if (unlikely(new_engine == NULL)) { if (unlikely(new_engine == NULL)) {
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
new_engine->sm_list = new_list; /* use new list id */ DEBUG_VALIDATE_BUG_ON(new_list < 0 || new_list > UINT16_MAX);
new_engine->sm_list_base = sm_list; new_engine->sm_list = (uint16_t)new_list; /* use new list id */
DEBUG_VALIDATE_BUG_ON(sm_list < 0 || sm_list > UINT16_MAX);
new_engine->sm_list_base = (uint16_t)sm_list;
new_engine->v1 = t->v1; new_engine->v1 = t->v1;
new_engine->v1.transforms = transforms; /* assign transforms */ new_engine->v1.transforms = transforms; /* assign transforms */
@ -424,7 +428,7 @@ void DetectEngineFrameInspectEngineRegister(DetectEngineCtx *de_ctx, const char
BUG_ON(1); BUG_ON(1);
} }
int direction; uint8_t direction;
if (dir == SIG_FLAG_TOSERVER) { if (dir == SIG_FLAG_TOSERVER) {
direction = 0; direction = 0;
} else { } else {
@ -436,8 +440,8 @@ void DetectEngineFrameInspectEngineRegister(DetectEngineCtx *de_ctx, const char
FatalError(SC_ERR_INITIALIZATION, "failed to register inspect engine %s: %s", name, FatalError(SC_ERR_INITIALIZATION, "failed to register inspect engine %s: %s", name,
strerror(errno)); strerror(errno));
} }
new_engine->sm_list = sm_list; new_engine->sm_list = (uint16_t)sm_list;
new_engine->sm_list_base = sm_list; new_engine->sm_list_base = (uint16_t)sm_list;
new_engine->dir = direction; new_engine->dir = direction;
new_engine->v1.Callback = Callback; new_engine->v1.Callback = Callback;
new_engine->alproto = alproto; new_engine->alproto = alproto;
@ -469,8 +473,10 @@ static void DetectFrameInspectEngineCopy(DetectEngineCtx *de_ctx, int sm_list, i
if (unlikely(new_engine == NULL)) { if (unlikely(new_engine == NULL)) {
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
new_engine->sm_list = new_list; /* use new list id */ DEBUG_VALIDATE_BUG_ON(new_list < 0 || new_list > UINT16_MAX);
new_engine->sm_list_base = sm_list; new_engine->sm_list = (uint16_t)new_list; /* use new list id */
DEBUG_VALIDATE_BUG_ON(sm_list < 0 || sm_list > UINT16_MAX);
new_engine->sm_list_base = (uint16_t)sm_list;
new_engine->dir = t->dir; new_engine->dir = t->dir;
new_engine->alproto = t->alproto; new_engine->alproto = t->alproto;
new_engine->type = t->type; new_engine->type = t->type;
@ -528,7 +534,8 @@ static void DetectFrameInspectEngineCopyListToDetectCtx(DetectEngineCtx *de_ctx)
* *
* If stream inspection is MPM, then prepend it. * If stream inspection is MPM, then prepend it.
*/ */
static void AppendStreamInspectEngine(Signature *s, SigMatchData *stream, int direction, uint32_t id) static void AppendStreamInspectEngine(
Signature *s, SigMatchData *stream, uint8_t direction, uint8_t id)
{ {
bool prepend = false; bool prepend = false;
@ -695,7 +702,7 @@ int DetectEngineAppInspectionEngine2Signature(DetectEngineCtx *de_ctx, Signature
} }
bool head_is_mpm = false; bool head_is_mpm = false;
uint32_t last_id = DE_STATE_FLAG_BASE; uint8_t last_id = DE_STATE_FLAG_BASE;
const DetectEngineAppInspectionEngine *t = de_ctx->app_inspect_engines; const DetectEngineAppInspectionEngine *t = de_ctx->app_inspect_engines;
while (t != NULL) { while (t != NULL) {
bool prepend = false; bool prepend = false;
@ -937,7 +944,7 @@ static char DetectBufferTypeCompareNameFunc(void *data1, uint16_t len1, void *da
DetectBufferType *map1 = (DetectBufferType *)data1; DetectBufferType *map1 = (DetectBufferType *)data1;
DetectBufferType *map2 = (DetectBufferType *)data2; DetectBufferType *map2 = (DetectBufferType *)data2;
int r = (strcmp(map1->name, map2->name) == 0); char r = (strcmp(map1->name, map2->name) == 0);
r &= (memcmp((uint8_t *)&map1->transforms, (uint8_t *)&map2->transforms, sizeof(map2->transforms)) == 0); r &= (memcmp((uint8_t *)&map1->transforms, (uint8_t *)&map2->transforms, sizeof(map2->transforms)) == 0);
return r; return r;
} }
@ -1827,8 +1834,9 @@ static int DetectEnginePktInspectionAppend(Signature *s, InspectionBufferPktInsp
return -1; return -1;
e->mpm = s->init_data->mpm_sm_list == list_id; e->mpm = s->init_data->mpm_sm_list == list_id;
e->sm_list = list_id; DEBUG_VALIDATE_BUG_ON(list_id < 0 || list_id > UINT16_MAX);
e->sm_list_base = list_id; e->sm_list = (uint16_t)list_id;
e->sm_list_base = (uint16_t)list_id;
e->v1.Callback = Callback; e->v1.Callback = Callback;
e->smd = data; e->smd = data;
@ -2638,9 +2646,8 @@ static int DetectEngineCtxLoadConf(DetectEngineCtx *de_ctx)
} }
if (max_uniq_toclient_groups_str != NULL) { if (max_uniq_toclient_groups_str != NULL) {
if (StringParseUint16(&de_ctx->max_uniq_toclient_groups, 10, if (StringParseUint16(&de_ctx->max_uniq_toclient_groups, 10,
strlen(max_uniq_toclient_groups_str), (uint16_t)strlen(max_uniq_toclient_groups_str),
(const char *)max_uniq_toclient_groups_str) <= 0) (const char *)max_uniq_toclient_groups_str) <= 0) {
{
de_ctx->max_uniq_toclient_groups = 20; de_ctx->max_uniq_toclient_groups = 20;
SCLogWarning(SC_ERR_SIZE_PARSE, "parsing '%s' for " SCLogWarning(SC_ERR_SIZE_PARSE, "parsing '%s' for "
@ -2655,9 +2662,8 @@ static int DetectEngineCtxLoadConf(DetectEngineCtx *de_ctx)
if (max_uniq_toserver_groups_str != NULL) { if (max_uniq_toserver_groups_str != NULL) {
if (StringParseUint16(&de_ctx->max_uniq_toserver_groups, 10, if (StringParseUint16(&de_ctx->max_uniq_toserver_groups, 10,
strlen(max_uniq_toserver_groups_str), (uint16_t)strlen(max_uniq_toserver_groups_str),
(const char *)max_uniq_toserver_groups_str) <= 0) (const char *)max_uniq_toserver_groups_str) <= 0) {
{
de_ctx->max_uniq_toserver_groups = 40; de_ctx->max_uniq_toserver_groups = 40;
SCLogWarning(SC_ERR_SIZE_PARSE, "parsing '%s' for " SCLogWarning(SC_ERR_SIZE_PARSE, "parsing '%s' for "
@ -3862,9 +3868,8 @@ static int DetectEngineMultiTenantSetupLoadLivedevMappings(const ConfNode *mappi
goto bad_mapping; goto bad_mapping;
uint32_t tenant_id = 0; uint32_t tenant_id = 0;
if (StringParseUint32(&tenant_id, 10, strlen(tenant_id_node->val), if (StringParseUint32(&tenant_id, 10, (uint16_t)strlen(tenant_id_node->val),
tenant_id_node->val) < 0) tenant_id_node->val) < 0) {
{
SCLogError(SC_ERR_INVALID_ARGUMENT, "tenant-id " SCLogError(SC_ERR_INVALID_ARGUMENT, "tenant-id "
"of %s is invalid", tenant_id_node->val); "of %s is invalid", tenant_id_node->val);
goto bad_mapping; goto bad_mapping;
@ -3922,18 +3927,16 @@ static int DetectEngineMultiTenantSetupLoadVlanMappings(const ConfNode *mappings
goto bad_mapping; goto bad_mapping;
uint32_t tenant_id = 0; uint32_t tenant_id = 0;
if (StringParseUint32(&tenant_id, 10, strlen(tenant_id_node->val), if (StringParseUint32(&tenant_id, 10, (uint16_t)strlen(tenant_id_node->val),
tenant_id_node->val) < 0) tenant_id_node->val) < 0) {
{
SCLogError(SC_ERR_INVALID_ARGUMENT, "tenant-id " SCLogError(SC_ERR_INVALID_ARGUMENT, "tenant-id "
"of %s is invalid", tenant_id_node->val); "of %s is invalid", tenant_id_node->val);
goto bad_mapping; goto bad_mapping;
} }
uint16_t vlan_id = 0; uint16_t vlan_id = 0;
if (StringParseUint16(&vlan_id, 10, strlen(vlan_id_node->val), if (StringParseUint16(
vlan_id_node->val) < 0) &vlan_id, 10, (uint16_t)strlen(vlan_id_node->val), vlan_id_node->val) < 0) {
{
SCLogError(SC_ERR_INVALID_ARGUMENT, "vlan-id " SCLogError(SC_ERR_INVALID_ARGUMENT, "vlan-id "
"of %s is invalid", vlan_id_node->val); "of %s is invalid", vlan_id_node->val);
goto bad_mapping; goto bad_mapping;
@ -3944,7 +3947,7 @@ static int DetectEngineMultiTenantSetupLoadVlanMappings(const ConfNode *mappings
goto bad_mapping; goto bad_mapping;
} }
if (DetectEngineTentantRegisterVlanId(tenant_id, (uint32_t)vlan_id) != 0) { if (DetectEngineTentantRegisterVlanId(tenant_id, vlan_id) != 0) {
goto error; goto error;
} }
SCLogConfig("vlan %u connected to tenant-id %u", vlan_id, tenant_id); SCLogConfig("vlan %u connected to tenant-id %u", vlan_id, tenant_id);
@ -4078,9 +4081,8 @@ int DetectEngineMultiTenantSetup(void)
} }
uint32_t tenant_id = 0; uint32_t tenant_id = 0;
if (StringParseUint32(&tenant_id, 10, strlen(id_node->val), if (StringParseUint32(
id_node->val) < 0) &tenant_id, 10, (uint16_t)strlen(id_node->val), id_node->val) < 0) {
{
SCLogError(SC_ERR_INVALID_ARGUMENT, "tenant_id " SCLogError(SC_ERR_INVALID_ARGUMENT, "tenant_id "
"of %s is invalid", id_node->val); "of %s is invalid", id_node->val);
goto bad_tenant; goto bad_tenant;

4
src/detect-file-hash-common.c
Unescape Escape View File

@ -320,8 +320,8 @@ error:
* \retval 0 on Success * \retval 0 on Success
* \retval -1 on Failure * \retval -1 on Failure
*/ */
int DetectFileHashSetup (DetectEngineCtx *de_ctx, Signature *s, const char *str, int DetectFileHashSetup(
uint32_t type, int list) DetectEngineCtx *de_ctx, Signature *s, const char *str, uint16_t type, int list)
{ {
DetectFileHashData *filehash = NULL; DetectFileHashData *filehash = NULL;
SigMatch *sm = NULL; SigMatch *sm = NULL;

2
src/detect-file-hash-common.h
Unescape Escape View File

@ -39,7 +39,7 @@ int LoadHashTable(ROHashTable *, const char *, const char *, int, uint32_t);
int DetectFileHashMatch(DetectEngineThreadCtx *, Flow *, uint8_t, int DetectFileHashMatch(DetectEngineThreadCtx *, Flow *, uint8_t,
File *, const Signature *, const SigMatchCtx *); File *, const Signature *, const SigMatchCtx *);
int DetectFileHashSetup(DetectEngineCtx *, Signature *, const char *, uint32_t, int); int DetectFileHashSetup(DetectEngineCtx *, Signature *, const char *, uint16_t, int);
void DetectFileHashFree(DetectEngineCtx *, void *); void DetectFileHashFree(DetectEngineCtx *, void *);
#endif /* __UTIL_DETECT_FILE_HASH_H__ */ #endif /* __UTIL_DETECT_FILE_HASH_H__ */

15
src/detect-flow.c
Unescape Escape View File

@ -86,8 +86,8 @@ void DetectFlowRegister (void)
* \param dflags detect flow flags * \param dflags detect flow flags
* \param match_cnt number of matches to trigger * \param match_cnt number of matches to trigger
*/ */
static inline int FlowMatch(const uint32_t pflags, const uint8_t pflowflags, static inline int FlowMatch(const uint32_t pflags, const uint8_t pflowflags, const uint16_t tflags,
const uint16_t tflags, const uint16_t dflags, const uint8_t match_cnt) const uint16_t dflags, const uint16_t match_cnt)
{ {
uint8_t cnt = 0; uint8_t cnt = 0;
@ -439,8 +439,7 @@ PrefilterPacketFlowMatch(DetectEngineThreadCtx *det_ctx, Packet *p, const void *
if (!PrefilterPacketHeaderExtraMatch(ctx, p)) if (!PrefilterPacketHeaderExtraMatch(ctx, p))
return; return;
if (FlowMatch(p->flags, p->flowflags, det_ctx->flags, ctx->v1.u8[0], ctx->v1.u8[1])) if (FlowMatch(p->flags, p->flowflags, det_ctx->flags, ctx->v1.u16[0], ctx->v1.u16[1])) {
{
PrefilterAddSids(&det_ctx->pmq, ctx->sigs_array, ctx->sigs_cnt); PrefilterAddSids(&det_ctx->pmq, ctx->sigs_array, ctx->sigs_cnt);
} }
} }
@ -449,17 +448,15 @@ static void
PrefilterPacketFlowSet(PrefilterPacketHeaderValue *v, void *smctx) PrefilterPacketFlowSet(PrefilterPacketHeaderValue *v, void *smctx)
{ {
const DetectFlowData *fb = smctx; const DetectFlowData *fb = smctx;
v->u8[0] = fb->flags; v->u16[0] = fb->flags;
v->u8[1] = fb->match_cnt; v->u16[1] = fb->match_cnt;
} }
static bool static bool
PrefilterPacketFlowCompare(PrefilterPacketHeaderValue v, void *smctx) PrefilterPacketFlowCompare(PrefilterPacketHeaderValue v, void *smctx)
{ {
const DetectFlowData *fb = smctx; const DetectFlowData *fb = smctx;
if (v.u8[0] == fb->flags && if (v.u16[0] == fb->flags && v.u16[1] == fb->match_cnt) {
v.u8[1] == fb->match_cnt)
{
return true; return true;
} }
return false; return false;

4
src/detect-flowvar.h
Unescape Escape View File

@ -28,8 +28,8 @@ typedef struct DetectFlowvarData_ {
char *name; char *name;
uint32_t idx; uint32_t idx;
uint8_t *content; uint8_t *content;
uint8_t content_len; uint16_t content_len;
uint8_t flags; uint32_t flags;
} DetectFlowvarData; } DetectFlowvarData;
/* prototypes */ /* prototypes */

6
src/detect-ftpbounce.c
Unescape Escape View File

@ -101,13 +101,13 @@ static int InspectFtpRequest(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det
* *
* \retval 1 if ftpbounce detected, 0 if not * \retval 1 if ftpbounce detected, 0 if not
*/ */
static int DetectFtpbounceMatchArgs(uint8_t *payload, uint16_t payload_len, static int DetectFtpbounceMatchArgs(
uint32_t ip_orig, uint16_t offset) uint8_t *payload, uint32_t payload_len, uint32_t ip_orig, uint32_t offset)
{ {
SCEnter(); SCEnter();
SCLogDebug("Checking ftpbounce condition"); SCLogDebug("Checking ftpbounce condition");
char *c = NULL; char *c = NULL;
uint16_t i = 0; uint32_t i = 0;
int octet = 0; int octet = 0;
int octet_ascii_len = 0; int octet_ascii_len = 0;
int noctet = 0; int noctet = 0;

10
src/detect-http2.c
Unescape Escape View File

@ -266,14 +266,14 @@ static int DetectHTTP2frametypeMatch(DetectEngineThreadCtx *det_ctx,
static int DetectHTTP2FuncParseFrameType(const char *str, uint8_t *ft) static int DetectHTTP2FuncParseFrameType(const char *str, uint8_t *ft)
{ {
// first parse numeric value // first parse numeric value
if (ByteExtractStringUint8(ft, 10, strlen(str), str) >= 0) { if (ByteExtractStringUint8(ft, 10, (uint16_t)strlen(str), str) >= 0) {
return 1; return 1;
} }
// it it failed so far, parse string value from enumeration // it it failed so far, parse string value from enumeration
int r = rs_http2_parse_frametype(str); int r = rs_http2_parse_frametype(str);
if (r >= 0) { if (r >= 0 && r <= UINT8_MAX) {
*ft = r; *ft = (uint8_t)r;
return 1; return 1;
} }
@ -352,7 +352,7 @@ static int DetectHTTP2errorcodeMatch(DetectEngineThreadCtx *det_ctx,
static int DetectHTTP2FuncParseErrorCode(const char *str, uint32_t *ec) static int DetectHTTP2FuncParseErrorCode(const char *str, uint32_t *ec)
{ {
// first parse numeric value // first parse numeric value
if (ByteExtractStringUint32(ec, 10, strlen(str), str) >= 0) { if (ByteExtractStringUint32(ec, 10, (uint16_t)strlen(str), str) >= 0) {
return 1; return 1;
} }
@ -433,7 +433,7 @@ static int DetectHTTP2priorityMatch(DetectEngineThreadCtx *det_ctx,
int value = rs_http2_tx_get_next_priority(txv, flags, nb); int value = rs_http2_tx_get_next_priority(txv, flags, nb);
const DetectU8Data *du8 = (const DetectU8Data *)ctx; const DetectU8Data *du8 = (const DetectU8Data *)ctx;
while (value >= 0) { while (value >= 0) {
if (DetectU8Match(value, du8)) { if (DetectU8Match((uint8_t)value, du8)) {
return 1; return 1;
} }
nb++; nb++;

5
src/detect-id.c
Unescape Escape View File

@ -122,7 +122,7 @@ static int DetectIdMatch (DetectEngineThreadCtx *det_ctx, Packet *p,
*/ */
static DetectIdData *DetectIdParse (const char *idstr) static DetectIdData *DetectIdParse (const char *idstr)
{ {
uint32_t temp; uint16_t temp;
DetectIdData *id_d = NULL; DetectIdData *id_d = NULL;
int ret = 0, res = 0; int ret = 0, res = 0;
size_t pcre2len; size_t pcre2len;
@ -154,8 +154,7 @@ static DetectIdData *DetectIdParse (const char *idstr)
} }
/* ok, fill the id data */ /* ok, fill the id data */
if (StringParseU32RangeCheck(&temp, 10, 0, (const char *)tmp_str, if (StringParseUint16(&temp, 10, 0, (const char *)tmp_str) < 0) {
DETECT_IPID_MIN, DETECT_IPID_MAX) < 0) {
SCLogError(SC_ERR_INVALID_VALUE, "invalid id option '%s'", tmp_str); SCLogError(SC_ERR_INVALID_VALUE, "invalid id option '%s'", tmp_str);
return NULL; return NULL;
} }

6
src/detect-ipproto.c
Unescape Escape View File

@ -241,7 +241,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, const char
goto error; goto error;
} }
if (!lt_set && !not_set) { if (!lt_set && !not_set) {
s->proto.proto[data->proto / 8] = 0xfe << (data->proto % 8); s->proto.proto[data->proto / 8] = (uint8_t)(0xfe << (data->proto % 8));
for (i = (data->proto / 8) + 1; i < (256 / 8); i++) { for (i = (data->proto / 8) + 1; i < (256 / 8); i++) {
s->proto.proto[i] = 0xff; s->proto.proto[i] = 0xff;
} }
@ -319,7 +319,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, const char
for (i = 0; i < (data->proto / 8); i++) { for (i = 0; i < (data->proto / 8); i++) {
s->proto.proto[i] = 0xff; s->proto.proto[i] = 0xff;
} }
s->proto.proto[data->proto / 8] = ~(0xff << (data->proto % 8)); s->proto.proto[data->proto / 8] = (uint8_t)(~(0xff << (data->proto % 8)));
} else if (gt_set && !not_set) { } else if (gt_set && !not_set) {
SigMatch *temp_sm = s->init_data->smlists[DETECT_SM_LIST_MATCH]; SigMatch *temp_sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
while (temp_sm != NULL) { while (temp_sm != NULL) {
@ -394,7 +394,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, const char
for (i = 0; i < (data->proto / 8); i++) { for (i = 0; i < (data->proto / 8); i++) {
s->proto.proto[i] = 0xff; s->proto.proto[i] = 0xff;
} }
s->proto.proto[data->proto / 8] = ~(1 << (data->proto % 8)); s->proto.proto[data->proto / 8] = (uint8_t)(~(1 << (data->proto % 8)));
for (i = (data->proto / 8) + 1; i < (256 / 8); i++) { for (i = (data->proto / 8) + 1; i < (256 / 8); i++) {
s->proto.proto[i] = 0xff; s->proto.proto[i] = 0xff;
} }

8
src/detect-metadata.c
Unescape Escape View File

@ -85,7 +85,8 @@ void DetectMetadataHashFree(DetectEngineCtx *de_ctx)
static const char *DetectMedatataHashAdd(DetectEngineCtx *de_ctx, const char *string) static const char *DetectMedatataHashAdd(DetectEngineCtx *de_ctx, const char *string)
{ {
const char * hstring = (char *)HashTableLookup(de_ctx->metadata_table, (void *)string, strlen(string)); const char *hstring = (char *)HashTableLookup(
de_ctx->metadata_table, (void *)string, (uint16_t)strlen(string));
if (hstring) { if (hstring) {
return hstring; return hstring;
} }
@ -95,8 +96,9 @@ static const char *DetectMedatataHashAdd(DetectEngineCtx *de_ctx, const char *st
return NULL; return NULL;
} }
if (HashTableAdd(de_ctx->metadata_table, (void *)astring, strlen(astring)) == 0) { if (HashTableAdd(de_ctx->metadata_table, (void *)astring, (uint16_t)strlen(astring)) == 0) {
return (char *)HashTableLookup(de_ctx->metadata_table, (void *)astring, strlen(astring)); return (char *)HashTableLookup(
de_ctx->metadata_table, (void *)astring, (uint16_t)strlen(astring));
} else { } else {
SCFree((void *)astring); SCFree((void *)astring);
} }

17
src/detect-pcre.c
Unescape Escape View File

@ -181,7 +181,7 @@ int DetectPcrePayloadMatch(DetectEngineThreadCtx *det_ctx, const Signature *s,
SCEnter(); SCEnter();
int ret = 0; int ret = 0;
const uint8_t *ptr = NULL; const uint8_t *ptr = NULL;
uint16_t len = 0; uint32_t len = 0;
PCRE2_SIZE capture_len = 0; PCRE2_SIZE capture_len = 0;
DetectPcreData *pe = (DetectPcreData *)smd->ctx; DetectPcreData *pe = (DetectPcreData *)smd->ctx;
@ -273,20 +273,17 @@ int DetectPcrePayloadMatch(DetectEngineThreadCtx *det_ctx, const Signature *s,
memcpy(str_ptr2, pcre2_str_ptr2, capture_len); memcpy(str_ptr2, pcre2_str_ptr2, capture_len);
pcre2_substring_free((PCRE2_UCHAR8 *)pcre2_str_ptr2); pcre2_substring_free((PCRE2_UCHAR8 *)pcre2_str_ptr2);
(void)DetectVarStoreMatchKeyValue(det_ctx, (void)DetectVarStoreMatchKeyValue(det_ctx, (uint8_t *)str_ptr, key_len,
(uint8_t *)str_ptr, key_len, (uint8_t *)str_ptr2, (uint16_t)capture_len,
(uint8_t *)str_ptr2, capture_len,
DETECT_VAR_TYPE_PKT_POSTMATCH); DETECT_VAR_TYPE_PKT_POSTMATCH);
} else if (pe->captypes[x] == VAR_TYPE_PKT_VAR) { } else if (pe->captypes[x] == VAR_TYPE_PKT_VAR) {
(void)DetectVarStoreMatch(det_ctx, pe->capids[x], (void)DetectVarStoreMatch(det_ctx, pe->capids[x], (uint8_t *)str_ptr,
(uint8_t *)str_ptr, capture_len, (uint16_t)capture_len, DETECT_VAR_TYPE_PKT_POSTMATCH);
DETECT_VAR_TYPE_PKT_POSTMATCH);
} else if (pe->captypes[x] == VAR_TYPE_FLOW_VAR && f != NULL) { } else if (pe->captypes[x] == VAR_TYPE_FLOW_VAR && f != NULL) {
(void)DetectVarStoreMatch(det_ctx, pe->capids[x], (void)DetectVarStoreMatch(det_ctx, pe->capids[x], (uint8_t *)str_ptr,
(uint8_t *)str_ptr, capture_len, (uint16_t)capture_len, DETECT_VAR_TYPE_FLOW_POSTMATCH);
DETECT_VAR_TYPE_FLOW_POSTMATCH);
} else { } else {
BUG_ON(1); // Impossible captype BUG_ON(1); // Impossible captype
SCFree(str_ptr); SCFree(str_ptr);

2
src/detect-pktvar.h
Unescape Escape View File

@ -26,7 +26,7 @@
typedef struct DetectPktvarData_ { typedef struct DetectPktvarData_ {
uint32_t id; uint32_t id;
uint8_t content_len; uint16_t content_len;
uint8_t flags; uint8_t flags;
uint8_t *content; uint8_t *content;
} DetectPktvarData; } DetectPktvarData;

2
src/detect-ssh-proto-version.c
Unescape Escape View File

@ -200,7 +200,7 @@ static DetectSshVersionData *DetectSshVersionParse (DetectEngineCtx *de_ctx, con
pcre2_substring_free((PCRE2_UCHAR *)str_ptr); pcre2_substring_free((PCRE2_UCHAR *)str_ptr);
goto error; goto error;
} }
ssh->len = strlen((char *) ssh->ver); ssh->len = (uint16_t)strlen((char *)ssh->ver);
pcre2_substring_free((PCRE2_UCHAR *)str_ptr); pcre2_substring_free((PCRE2_UCHAR *)str_ptr);
SCLogDebug("will look for ssh %s", ssh->ver); SCLogDebug("will look for ssh %s", ssh->ver);

2
src/detect-ssh-software-version.c
Unescape Escape View File

@ -193,7 +193,7 @@ static DetectSshSoftwareVersionData *DetectSshSoftwareVersionParse (DetectEngine
} }
pcre2_substring_free((PCRE2_UCHAR *)str_ptr); pcre2_substring_free((PCRE2_UCHAR *)str_ptr);
ssh->len = strlen((char *)ssh->software_ver); ssh->len = (uint16_t)strlen((char *)ssh->software_ver);
SCLogDebug("will look for ssh %s", ssh->software_ver); SCLogDebug("will look for ssh %s", ssh->software_ver);
} }

2
src/detect-ssl-version.c
Unescape Escape View File

@ -177,7 +177,7 @@ static int DetectSslVersionMatch(DetectEngineThreadCtx *det_ctx,
struct SSLVersionKeywords { struct SSLVersionKeywords {
const char *word; const char *word;
int index; int index;
int value; uint16_t value;
}; };
struct SSLVersionKeywords ssl_version_keywords[TLS_SIZE] = { struct SSLVersionKeywords ssl_version_keywords[TLS_SIZE] = {

2
src/detect-tag.h
Unescape Escape View File

@ -66,7 +66,7 @@ typedef struct DetectTagData_ {
uint8_t type; /**< tag type */ uint8_t type; /**< tag type */
uint8_t direction; /**< host direction */ uint8_t direction; /**< host direction */
uint32_t count; /**< count */ uint32_t count; /**< count */
uint32_t metric; /**< metric */ uint8_t metric; /**< metric */
} DetectTagData; } DetectTagData;
/** This is the installed data at the session/global or host table */ /** This is the installed data at the session/global or host table */

4
src/detect-transform-urldecode.c
Unescape Escape View File

@ -86,7 +86,9 @@ static bool BufferUrlDecode(const uint8_t *input, const uint32_t input_len, uint
if (i + 2 < input_len) { if (i + 2 < input_len) {
if ((isxdigit(input[i+1])) && (isxdigit(input[i+2]))) { if ((isxdigit(input[i+1])) && (isxdigit(input[i+2]))) {
// Decode %HH encoding. // Decode %HH encoding.
*oi = (input[i+1] >= 'A' ? ((input[i+1] & 0xdf) - 'A') + 10 : (input[i+1] - '0')) << 4; *oi = (uint8_t)((input[i + 1] >= 'A' ? ((input[i + 1] & 0xdf) - 'A') + 10
: (input[i + 1] - '0'))
<< 4);
*oi |= (input[i+2] >= 'A' ? ((input[i+2] & 0xdf) - 'A') + 10 : (input[i+2] - '0')); *oi |= (input[i+2] >= 'A' ? ((input[i+2] & 0xdf) - 'A') + 10 : (input[i+2] - '0'));
oi++; oi++;
// one more increment before looping // one more increment before looping

8
src/detect-transform-xor.c
Unescape Escape View File

@ -96,7 +96,7 @@ static int DetectTransformXorSetup(DetectEngineCtx *de_ctx, Signature *s, const
DetectTransformXorFree(de_ctx, pxd); DetectTransformXorFree(de_ctx, pxd);
SCReturnInt(-1); SCReturnInt(-1);
} }
pxd->length = keylen / 2; pxd->length = (uint8_t)(keylen / 2);
pxd->key = SCMalloc(keylen / 2); pxd->key = SCMalloc(keylen / 2);
if (pxd->key == NULL) { if (pxd->key == NULL) {
SCLogError(SC_ERR_MEM_ALLOC, "memory allocation failed"); SCLogError(SC_ERR_MEM_ALLOC, "memory allocation failed");
@ -105,9 +105,9 @@ static int DetectTransformXorSetup(DetectEngineCtx *de_ctx, Signature *s, const
} }
for (size_t i = 0; i < keylen / 2; i++) { for (size_t i = 0; i < keylen / 2; i++) {
if ((isxdigit(optstr[2 * i])) && (isxdigit(optstr[2 * i + 1]))) { if ((isxdigit(optstr[2 * i])) && (isxdigit(optstr[2 * i + 1]))) {
pxd->key[i] = (optstr[2 * i] >= 'A' ? ((optstr[2 * i] & 0xdf) - 'A') + 10 pxd->key[i] = (uint8_t)((optstr[2 * i] >= 'A' ? ((optstr[2 * i] & 0xdf) - 'A') + 10
: (optstr[2 * i] - '0')) : (optstr[2 * i] - '0'))
<< 4; << 4);
pxd->key[i] |= (optstr[2 * i + 1] >= 'A' ? ((optstr[2 * i + 1] & 0xdf) - 'A') + 10 pxd->key[i] |= (optstr[2 * i + 1] >= 'A' ? ((optstr[2 * i + 1] & 0xdf) - 'A') + 10
: (optstr[2 * i + 1] - '0')); : (optstr[2 * i + 1] - '0'));
} else { } else {

5
src/detect-urilen.c
Unescape Escape View File

@ -175,7 +175,7 @@ static DetectUrilenData *DetectUrilenParse (const char *urilenstr)
} }
/** set the first urilen value */ /** set the first urilen value */
if (StringParseUint16(&urilend->urilen1,10,strlen(arg2),arg2) <= 0){ if (StringParseUint16(&urilend->urilen1, 10, (uint16_t)strlen(arg2), arg2) <= 0) {
SCLogError(SC_ERR_INVALID_ARGUMENT,"Invalid size :\"%s\"",arg2); SCLogError(SC_ERR_INVALID_ARGUMENT,"Invalid size :\"%s\"",arg2);
goto error; goto error;
} }
@ -188,8 +188,7 @@ static DetectUrilenData *DetectUrilenParse (const char *urilenstr)
goto error; goto error;
} }
if(StringParseUint16(&urilend->urilen2,10,strlen(arg4),arg4) <= 0) if (StringParseUint16(&urilend->urilen2, 10, (uint16_t)strlen(arg4), arg4) <= 0) {
{
SCLogError(SC_ERR_INVALID_ARGUMENT,"Invalid size :\"%s\"",arg4); SCLogError(SC_ERR_INVALID_ARGUMENT,"Invalid size :\"%s\"",arg4);
goto error; goto error;
} }

12
src/detect.c
Unescape Escape View File

@ -369,15 +369,14 @@ static inline void DetectPrefilterMergeSort(DetectEngineCtx *de_ctx,
/** \internal /** \internal
* \brief build non-prefilter list based on the rule group list we've set. * \brief build non-prefilter list based on the rule group list we've set.
*/ */
static inline void static inline void DetectPrefilterBuildNonPrefilterList(
DetectPrefilterBuildNonPrefilterList(DetectEngineThreadCtx *det_ctx, DetectEngineThreadCtx *det_ctx, const SignatureMask mask, const AppProto alproto)
const SignatureMask mask, const uint8_t alproto)
{ {
for (uint32_t x = 0; x < det_ctx->non_pf_store_cnt; x++) { for (uint32_t x = 0; x < det_ctx->non_pf_store_cnt; x++) {
/* only if the mask matches this rule can possibly match, /* only if the mask matches this rule can possibly match,
* so build the non_mpm array only for match candidates */ * so build the non_mpm array only for match candidates */
const SignatureMask rule_mask = det_ctx->non_pf_store_ptr[x].mask; const SignatureMask rule_mask = det_ctx->non_pf_store_ptr[x].mask;
const uint8_t rule_alproto = det_ctx->non_pf_store_ptr[x].alproto; const AppProto rule_alproto = det_ctx->non_pf_store_ptr[x].alproto;
if ((rule_mask & mask) == rule_mask && if ((rule_mask & mask) == rule_mask &&
(rule_alproto == 0 || AppProtoEquals(rule_alproto, alproto))) { (rule_alproto == 0 || AppProtoEquals(rule_alproto, alproto))) {
det_ctx->non_pf_id_array[det_ctx->non_pf_id_cnt++] = det_ctx->non_pf_store_ptr[x].id; det_ctx->non_pf_id_array[det_ctx->non_pf_id_cnt++] = det_ctx->non_pf_store_ptr[x].id;
@ -1070,7 +1069,7 @@ static bool DetectRunTxInspectRule(ThreadVars *tv,
const int direction = (flow_flags & STREAM_TOSERVER) ? 0 : 1; const int direction = (flow_flags & STREAM_TOSERVER) ? 0 : 1;
uint32_t inspect_flags = stored_flags ? *stored_flags : 0; uint32_t inspect_flags = stored_flags ? *stored_flags : 0;
int total_matches = 0; int total_matches = 0;
int file_no_match = 0; uint16_t file_no_match = 0;
bool retval = false; bool retval = false;
bool mpm_before_progress = false; // is mpm engine before progress? bool mpm_before_progress = false; // is mpm engine before progress?
bool mpm_in_progress = false; // is mpm engine in a buffer we will revisit? bool mpm_in_progress = false; // is mpm engine in a buffer we will revisit?
@ -1150,7 +1149,8 @@ static bool DetectRunTxInspectRule(ThreadVars *tv,
TRACE_SID_TXS(s->id, tx, "engine %p match %d", engine, match); TRACE_SID_TXS(s->id, tx, "engine %p match %d", engine, match);
if (engine->stream) { if (engine->stream) {
can->stream_stored = true; can->stream_stored = true;
can->stream_result = match; // TODO change Callback prototype ?
can->stream_result = (uint8_t)match;
TRACE_SID_TXS(s->id, tx, "stream ran, store result %d for next tx (if any)", match); TRACE_SID_TXS(s->id, tx, "stream ran, store result %d for next tx (if any)", match);
} }
} }

4
src/detect.h
Unescape Escape View File

@ -843,7 +843,7 @@ typedef struct DetectEngineCtx_ {
DetectEngineIPOnlyCtx io_ctx; DetectEngineIPOnlyCtx io_ctx;
ThresholdCtx ths_ctx; ThresholdCtx ths_ctx;
uint16_t mpm_matcher; /**< mpm matcher this ctx uses */ uint8_t mpm_matcher; /**< mpm matcher this ctx uses */
uint16_t spm_matcher; /**< spm matcher this ctx uses */ uint16_t spm_matcher; /**< spm matcher this ctx uses */
/* spm thread context prototype, built as spm matchers are constructed and /* spm thread context prototype, built as spm matchers are constructed and
@ -1021,7 +1021,7 @@ typedef struct HttpReassembledBody_ {
typedef struct SignatureNonPrefilterStore_ { typedef struct SignatureNonPrefilterStore_ {
SigIntId id; SigIntId id;
SignatureMask mask; SignatureMask mask;
uint8_t alproto; AppProto alproto;
} SignatureNonPrefilterStore; } SignatureNonPrefilterStore;
/** array of TX inspect rule candidates */ /** array of TX inspect rule candidates */

Write Preview
Loading…
Cancel
Save