diff --git a/doc/userguide/upgrade.rst b/doc/userguide/upgrade.rst index 282c5a0cf1..e8a3410c04 100644 --- a/doc/userguide/upgrade.rst +++ b/doc/userguide/upgrade.rst @@ -95,6 +95,9 @@ Major changes will need to be set before external modules can be loaded. See the new default configuration file or :ref:`lua-output-yaml` for more details. +- If the configuration value ``ftp.memcap`` is invalid, Suricata will set it to ``0`` which means + no limit will be placed. In previous Suricata releases, Suricata would terminate execution. A + warning message will be displayed `Invalid value for ftp.memcap` when this occurs. Removals ~~~~~~~~ diff --git a/rust/src/ftp/ftp.rs b/rust/src/ftp/ftp.rs index 2cc4566077..3963a2adfa 100644 --- a/rust/src/ftp/ftp.rs +++ b/rust/src/ftp/ftp.rs @@ -19,6 +19,7 @@ use std; use std::ffi::CString; use std::os::raw::{c_char, c_int, c_void}; +use crate::conf::{conf_get, get_memval}; use crate::ftp::constant::*; use lazy_static::lazy_static; @@ -182,6 +183,49 @@ impl FtpTransferCmd { } } +#[no_mangle] +pub unsafe extern "C" fn SCFTPGetConfigValues( + memcap: *mut u64, max_tx: *mut u32, max_line_len: *mut u32, +) { + if let Some(val) = conf_get("app-layer.protocols.ftp.memcap") { + if let Ok(v) = get_memval(val) { + *memcap = v; + SCLogConfig!("FTP memcap: {}", v); + } else { + SCLogWarning!( + "Invalid value {} for ftp.memcap; defaulting to {}", + val, + *memcap + ); + } + } + if let Some(val) = conf_get("app-layer.protocols.ftp.max-tx") { + if let Ok(v) = val.parse::() { + *max_tx = v; + SCLogConfig!("FTP max tx: {}", v); + } else { + SCLogWarning!( + "Invalid value {} for ftp.max-tx; defaulting to {}", + val, + *max_tx + ); + } + } + // This value is often expressed with a unit suffix, e.g., 5kb, hence get_memval + if let Some(val) = conf_get("app-layer.protocols.ftp.max-line-length") { + if let Ok(v) = get_memval(val) { + *max_line_len = v as u32; + SCLogConfig!("FTP max line length: {}", v); + } else { + SCLogWarning!( + "Invalid value {} for ftp.max-line-length; defaulting to {}", + val, + *max_line_len + ); + } + } +} + /// Returns *mut FtpTransferCmd #[no_mangle] pub unsafe extern "C" fn SCFTPTransferCmdNew() -> *mut FtpTransferCmd { diff --git a/src/app-layer-ftp.c b/src/app-layer-ftp.c index 682ee2b42a..29df14e530 100644 --- a/src/app-layer-ftp.c +++ b/src/app-layer-ftp.c @@ -58,41 +58,10 @@ static FTPTransaction *FTPGetOldestTx(const FtpState *, FTPTransaction *); static void FTPParseMemcap(void) { - const char *conf_val; - - /** set config values for memcap, prealloc and hash_size */ - if ((ConfGet("app-layer.protocols.ftp.memcap", &conf_val)) == 1) - { - if (ParseSizeStringU64(conf_val, &ftp_config_memcap) < 0) { - SCLogError("Error parsing ftp.memcap " - "from conf file - %s. Killing engine", - conf_val); - exit(EXIT_FAILURE); - } - SCLogInfo("FTP memcap: %"PRIu64, ftp_config_memcap); - } else { - /* default to unlimited */ - ftp_config_memcap = 0; - } + SCFTPGetConfigValues(&ftp_config_memcap, &ftp_config_maxtx, &ftp_max_line_len); SC_ATOMIC_INIT(ftp_memuse); SC_ATOMIC_INIT(ftp_memcap); - - if ((ConfGet("app-layer.protocols.ftp.max-tx", &conf_val)) == 1) { - if (ParseSizeStringU32(conf_val, &ftp_config_maxtx) < 0) { - SCLogError("Error parsing ftp.max-tx " - "from conf file - %s.", - conf_val); - } - SCLogInfo("FTP max tx: %" PRIu32, ftp_config_maxtx); - } - - if ((ConfGet("app-layer.protocols.ftp.max-line-length", &conf_val)) == 1) { - if (ParseSizeStringU32(conf_val, &ftp_max_line_len) < 0) { - SCLogError("Error parsing ftp.max-line-length from conf file - %s.", conf_val); - } - SCLogConfig("FTP max line length: %" PRIu32, ftp_max_line_len); - } } static void FTPIncrMemuse(uint64_t size)