Commit Graph

14578 Commits (f9276fdf0010e16448e81a69203856e39d1862af)
 

Author SHA1 Message Date
Victor Julien 59df740e85 output: work around scan-build fp
runmodes.c:541:13: warning: Use of memory after it is freed [unix.Malloc]
        if (output->output_ctx != NULL && output->output_ctx->DeInit != NULL)
            ^~~~~~~~~~~~~~~~~~
1 warning generated.
1 year ago
Victor Julien 0af599f5fa log/pcap: work around scan-build fp
log-pcap.c:1008:24: warning: Use of memory after it is freed [unix.Malloc]
            if (remove(pf->filename) != 0) {
                       ^~~~~~~~~~~~
1 warning generated.
1 year ago
Victor Julien fc000a6d81 af/xdp: fix memory leaks on thread init failure
source-af-xdp.c:675:21: warning: Potential leak of memory pointed to by 'ptv' [unix.Malloc]
        SCReturnInt(TM_ECODE_FAILED);
                    ^~~~~~~~~~~~~~~
./util-debug.h:275:48: note: expanded from macro 'SCReturnInt'
 #define SCReturnInt(x)                  return x
                                                ^
1 warning generated.
1 year ago
Victor Julien ea67a2edd2 dpdk: fix scan-build warnings
runmode-dpdk.c:204:18: warning: Result of 'calloc' is converted to a pointer of type 'char *', which is incompatible with sizeof operand type 'ptrdiff_t' [unix.MallocSizeof]
    args->argv = SCCalloc(capacity, sizeof(ptrdiff_t)); // alloc array of pointers
                 ^~~~~~~~           ~~~~~~~~~~~~~~~~~
./util-mem.h:36:18: note: expanded from macro 'SCCalloc'
 #define SCCalloc calloc
                  ^~~~~~
runmode-dpdk.c:278:16: warning: Result of 'malloc' is converted to a pointer of type 'char *', which is incompatible with sizeof operand type 'char **' [unix.MallocSizeof]
    eal_argv = SCMalloc(args.argc * sizeof(args.argv));
               ^~~~~~~~             ~~~~~~~~~~~~~~~~~
./util-mem.h:35:18: note: expanded from macro 'SCMalloc'
 #define SCMalloc malloc
                  ^~~~~~
2 warnings generated.
1 year ago
Victor Julien e717c2e0ec github-ci: remove debian 9 as it is EOL 1 year ago
Jason Ish 915f487a1c github-ci: update Fedora 36 cov build to Fedora 38
As Fedora 36 will be EOL in a month.
1 year ago
Jason Ish bcbceb13f8 github-ci: update non-root build to Fedora 37
As Fedora 36 will be EOL in a month.
1 year ago
Jason Ish b0bc95d7c1 github-ci: add Fedora 38 builds 1 year ago
Jason Ish 3974142b41 github-ci: use cbindgen from packages on almalinux:9
AlmaLinux 9 has cbindgen available from the package repositories.
1 year ago
Jason Ish fa651606a0 github-ci: add Fedora 37 builders 1 year ago
Jason Ish 4105ac436e github-ci: add Fedora 36 gcc builder
The existing Fedora 36 builder used clang. Add a gcc builder as it can
show different errors.
1 year ago
Jason Ish 04fb0189a7 github-ci: replace Fedora no-jansson build with AlmaLinux
Use AlmaLinux 9 for the no-jansson test instead of Fedora as it will
need to be updated much less.
1 year ago
Jason Ish dd72a64c53 github-ci: remove Fedora 35 build: EOL 1 year ago
Jason Ish e32d01d01b github-ci: enable asan for Ubuntu debug-validation test 1 year ago
Jason Ish 497a6e7ab7 github-ci: fedora non-root: remove external script usage
In the end, its not needed and makes it easier to copy and paste to a
new test.
1 year ago
Jason Ish ec253e54cc github-ci: use bundle.sh script for libhtp, suricata-update
Update the GitHub CI workflow to use the bundle.sh script to pull in
Suricata-Update and libhtp. This means one less place where defaults
are hardcoded and can get out of sync.

This also simplifies the variable names that can be embedded in a pull
request message to use the same variable names that bundle.sh
expects. Of note, this removes the _PR variant, instead a branch name
of "pr/N" can be used to specify a PR.
1 year ago
Jason Ish 76c71a9120 bundle.sh: allow a PR # to be specified
Allow pull requests (and merge requests) to be specified by using a
branch name like "pr/111" or "mr/222". This allows CI to use this
script as well, instead of multiple variations of the same thing.

Additonally allow the destination directory to be overridden with the
DESTDIR environment variable.
1 year ago
Victor Julien d8152b6f7e packet/queue: debug validation for pkt src 1 year ago
Victor Julien 0334eaf7fb eve/dnp3: remove noisy debug code 1 year ago
Jason Ish d2fb958e28 rust: fix clippy lint for assert
Fix done automatically by clippy --fix
1 year ago
Victor Julien 96c331c5d0 fuzz/predef_aware: set pkt_src 1 year ago
Victor Julien efeaa6e2c7 github: add scan-build workflow
Add scan-build workflow that fails on any warning.

Exclude libhtp as there is still one open issue there.
1 year ago
Victor Julien fa5acc1743 radix: add debug validation to assist scan-build
util-radix-tree.c:595:34: warning: Access to field 'stream' results in a dereference of a null pointer (loaded from field 'prefix') [core.NullDereference]
        if ((temp = (stream[i] ^ bottom_node->prefix->stream[i])) == 0) {
                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~
util-radix-tree.c:717:30: warning: Access to field 'stream' results in a dereference of a null pointer (loaded from field 'prefix') [core.NullDereference]
        if (SC_RADIX_BITTEST(bottom_node->prefix->stream[differ_bit >> 3],
                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~
./util-radix-tree.h:27:34: note: expanded from macro 'SC_RADIX_BITTEST'
 #define SC_RADIX_BITTEST(x, y) ((x) & (y))
                                 ^
2 warnings generated.
1 year ago
Victor Julien 5914e0518c detect: fix potential null pointer deref
Could only happen if htp user data alloc would fail, but handle
it anyway.

Bug: #4952.
1 year ago
Victor Julien 9224b3435b mime: address scan-build warnings
util-decode-mime.c:189:31: warning: Use of memory after it is freed [unix.Malloc]
            lastSibling->next = entity->child;
            ~~~~~~~~~~~~~~~~~ ^
util-decode-mime.c:827:24: warning: Potential leak of memory pointed to by 'val' [unix.Malloc]
        state->hname = NULL;
                       ^~~~
/usr/lib/llvm-16/lib/clang/16/include/stddef.h:89:24: note: expanded from macro 'NULL'
 #  define NULL ((void*)0)
                       ^
2 warnings generated.

Improve error handling and add assert to avoid these warnings.

Bug: #3147.
1 year ago
Victor Julien b625aa9748 detect/sigorder: assist scan-build
Bug: #3152.
1 year ago
Victor Julien 03e0a60f96 detect/sigorder: remove unused struct fields 1 year ago
Victor Julien 000064de7d detect: fix scan-build warnings
detect-engine-address.c:1140:17: warning: Use of memory after it is freed [unix.Malloc]
            r = DetectAddressCmp(ag, ag2);
                ^~~~~~~~~~~~~~~~~~~~~~~~~
detect-engine-address.c:1169:17: warning: Use of memory after it is freed [unix.Malloc]
            r = DetectAddressCmp(ag, ag2);
                ^~~~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.

detect-engine-port.c:1161:9: warning: Use of memory after it is freed [unix.Malloc]
        DetectPortPrint(ag2);
        ^~~~~~~~~~~~~~~~~~~~
1 warning generated.

Bug: #3150.
Bug: #3151.
1 year ago
Victor Julien c8694634af mpm/ac-bs: work around scan-build warnings
util-mpm-ac-bs.c:482:32: warning: Result of 'malloc' is converted to a pointer of type 'uint16_t[256]', which is incompatible with sizeof operand type 'uint16_t' [unix.MallocSizeof]
        ctx->state_table_u16 = SCMalloc(ctx->state_count *
                               ^~~~~~~~
./util-mem.h:35:18: note: expanded from macro 'SCMalloc'
 #define SCMalloc malloc
                 ^~~~~~
util-mpm-ac-bs.c:524:32: warning: Result of 'malloc' is converted to a pointer of type 'uint32_t[256]', which is incompatible with sizeof operand type 'uint32_t' [unix.MallocSizeof]
        ctx->state_table_u32 = SCMalloc(ctx->state_count *
                               ^~~~~~~~
./util-mem.h:35:18: note: expanded from macro 'SCMalloc'
 #define SCMalloc malloc
                 ^~~~~~
2 warnings generated.

Bug: #3148.
1 year ago
Victor Julien ee683a7074 mpm/ac: work around scan-build warnings
util-mpm-ac.c:531:32: warning: Result of 'malloc' is converted to a pointer of type 'uint16_t[256]', which is incompatible with sizeof operand type 'uint16_t' [unix.MallocSizeof]
        ctx->state_table_u16 = SCMalloc(ctx->state_count *
                               ^~~~~~~~
./util-mem.h:35:18: note: expanded from macro 'SCMalloc'
 #define SCMalloc malloc
                 ^~~~~~
util-mpm-ac.c:575:32: warning: Result of 'malloc' is converted to a pointer of type 'uint32_t[256]', which is incompatible with sizeof operand type 'uint32_t' [unix.MallocSizeof]
        ctx->state_table_u32 = SCMalloc(ctx->state_count *
                               ^~~~~~~~
./util-mem.h:35:18: note: expanded from macro 'SCMalloc'
 #define SCMalloc malloc
                 ^~~~~~
2 warnings generated.

Bug: #3148.
1 year ago
Victor Julien ec84ba1a3c mpm/hs: fix scan-build warning
util-mpm-hs.c:340:20: warning: Potential leak of memory pointed to by 'p' [unix.Malloc]
        p->sids[0] = sid;
        ~~~~~~~~~~~^~~~~
1 warning generated.

Incorrect error handling could lead to a memory leak.
1 year ago
Victor Julien 59ca5cc655 decode: suppress scan-build warning 1 year ago
Victor Julien c13a6fa73c suricata: work around scan-build warnings
suricata.c:691:17: warning: Value stored to 'bits' during its initialization is never read [deadcode.DeadStores]
    const char *bits = "<unknown>-bits";
                ^~~~   ~~~~~~~~~~~~~~~~
suricata.c:692:17: warning: Value stored to 'endian' during its initialization is never read [deadcode.DeadStores]
    const char *endian = "<unknown>-endian";
                ^~~~~~   ~~~~~~~~~~~~~~~~~~
2 warnings generated.
1 year ago
Victor Julien 0c15114450 stream: fix minor scan-build warning
stream-tcp.c:134:14: warning: Value stored to 'presize' during its initialization is never read [deadcode.DeadStores]
    uint64_t presize = SC_ATOMIC_GET(st_memuse);
             ^~~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
1 year ago
Victor Julien bcf8187443 scan-build: treat as debug validate 1 year ago
Victor Julien b700222240 eve: no need to check fields
Cppcheck 2.10:

src/output-json-dns.c:460:23: warning: Identical inner 'if' condition is always true (outer condition is 'field' and inner condition is 'field!=NULL'). [identicalInnerCondition]
            if (field != NULL)
                      ^
src/output-json-dns.c:458:9: note: outer condition: field
        TAILQ_FOREACH(field, &custom->head, next)
        ^
src/output-json-dns.c:460:23: note: identical inner condition: field!=NULL
            if (field != NULL)
                      ^

src/output-json-email-common.c:408:27: warning: Identical inner 'if' condition is always true (outer condition is 'field' and inner condition is 'field!=NULL'). [identicalInnerCondition]
                if (field != NULL) {
                          ^
src/output-json-email-common.c:407:13: note: outer condition: field
            TAILQ_FOREACH(field, &custom->head, next) {
            ^
src/output-json-email-common.c:408:27: note: identical inner condition: field!=NULL
                if (field != NULL) {
                          ^
src/output-json-email-common.c:430:27: warning: Identical inner 'if' condition is always true (outer condition is 'field' and inner condition is 'field!=NULL'). [identicalInnerCondition]
                if (field != NULL) {
                          ^
src/output-json-email-common.c:429:13: note: outer condition: field
            TAILQ_FOREACH(field, &md5_conf->head, next) {
            ^
src/output-json-email-common.c:430:27: note: identical inner condition: field!=NULL
                if (field != NULL) {
                          ^
src/output-json-http.c:574:27: warning: Identical inner 'if' condition is always true (outer condition is 'field' and inner condition is 'field!=NULL'). [identicalInnerCondition]
                if (field != NULL)
                          ^
src/output-json-http.c:572:13: note: outer condition: field
            TAILQ_FOREACH(field, &custom->head, next)
            ^
src/output-json-http.c:574:27: note: identical inner condition: field!=NULL
                if (field != NULL)
                          ^
1 year ago
Victor Julien 29ac7b366b yaml: fix dead store
conf-yaml-loader.c:391:17: warning: Value stored to 'retval' is never read [deadcode.DeadStores]
                retval = -1;
                ^        ~~
1 warning generated.
1 year ago
Victor Julien be91955356 debug: suppress warning for scan-build
app-layer-ssl.c:1497:27: error: call to undeclared function 'RecordAlreadyProcessed'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
    DEBUG_VALIDATE_BUG_ON(RecordAlreadyProcessed(ssl_state->curr_connp));
                          ^
1 error generated.
1 year ago
Victor Julien 89c947129d stream: check debug check for multi-SYN/ACK in TFO 2 years ago
Victor Julien e61673cbc4 stream: segment insertion error handling cleanup 2 years ago
Victor Julien 54f34dea5c detect/http2.header_name: fix multi buffer setup 2 years ago
Victor Julien a94ca44620 detect/parse: minor validation code cleanups 2 years ago
Victor Julien 021f626ab1 detect: add error message for transform w/o matches 2 years ago
Victor Julien 2c0e434bb8 detect: pass de_ctx to DetectBufferSetActiveList 2 years ago
Victor Julien f43b7191ae detect/http_method: use list util in tests; cleanups 2 years ago
Victor Julien 4278f3df4a detect/http_header: use list util in tests
Cleanups.
2 years ago
Victor Julien 5cb2e6ad6a detect/http_client_body: use list util in tests
Cleanups.
2 years ago
Victor Julien 45d92a330c detect/isdataat: use list util in tests; cleanups 2 years ago
Victor Julien 10a1c15ac0 detect/tls: use list util in tests; cleanups 2 years ago
Victor Julien ad3088be14 detect/fast_pattern: use list util 2 years ago