aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect: add more defensive checks for flow handling

Browse Source 
Don't unconditionally deref f->alparser in detection through
DeStateFlowHasInspectableState(). In very rare cases it can
be NULL.
pull/961/head
Victor Julien 11 years ago
parent 2002067fb1
commit 0564a8da3c
2 changed files with 17 additions and 6 deletions
Show Stats Download Patch File Download Diff File

6
src/app-layer-parser.c
Unescape Escape View File

@ -502,13 +502,14 @@ uint64_t AppLayerParserGetTransactionLogId(AppLayerParserState *pstate)
{ {
SCEnter(); SCEnter();
SCReturnCT(pstate->log_id, "uint64_t"); SCReturnCT((pstate == NULL) ? 0 : pstate->log_id, "uint64_t");
} }
void AppLayerParserSetTransactionLogId(AppLayerParserState *pstate) void AppLayerParserSetTransactionLogId(AppLayerParserState *pstate)
{ {
SCEnter(); SCEnter();
if (pstate != NULL)
pstate->log_id++; pstate->log_id++;
SCReturn; SCReturn;
@ -518,6 +519,9 @@ uint64_t AppLayerParserGetTransactionInspectId(AppLayerParserState *pstate, uint
{ {
SCEnter(); SCEnter();
if (pstate == NULL)
SCReturnCT(0ULL, "uint64_t");
SCReturnCT(pstate->inspect_id[direction & STREAM_TOSERVER ? 0 : 1], "uint64_t"); SCReturnCT(pstate->inspect_id[direction & STREAM_TOSERVER ? 0 : 1], "uint64_t");
} }

13
src/detect-engine-state.c
Unescape Escape View File

@ -212,6 +212,11 @@ void DetectEngineStateFree(DetectEngineState *state)
return; return;
} }
/**
* \retval 0 no inspectable state
* \retval 1 inspectable state
* \retval 2 inspectable state, but no update
*/
int DeStateFlowHasInspectableState(Flow *f, AppProto alproto, uint16_t alversion, uint8_t flags) int DeStateFlowHasInspectableState(Flow *f, AppProto alproto, uint16_t alversion, uint8_t flags)
{ {
int r = 0; int r = 0;
@ -220,10 +225,12 @@ int DeStateFlowHasInspectableState(Flow *f, AppProto alproto, uint16_t alversion
if (f->de_state == NULL || f->de_state->dir_state[flags & STREAM_TOSERVER ? 0 : 1].cnt == 0) { if (f->de_state == NULL || f->de_state->dir_state[flags & STREAM_TOSERVER ? 0 : 1].cnt == 0) {
if (AppLayerParserProtocolSupportsTxs(f->proto, alproto)) { if (AppLayerParserProtocolSupportsTxs(f->proto, alproto)) {
FLOWLOCK_RDLOCK(f); FLOWLOCK_RDLOCK(f);
if (AppLayerParserGetTransactionInspectId(f->alparser, flags) >= AppLayerParserGetTxCnt(f->proto, alproto, f->alstate)) if (f->alparser != NULL && f->alstate != NULL) {
if (AppLayerParserGetTransactionInspectId(f->alparser, flags) >=
AppLayerParserGetTxCnt(f->proto, alproto, f->alstate)) {
r = 2; r = 2;
else }
r = 0; }
FLOWLOCK_UNLOCK(f); FLOWLOCK_UNLOCK(f);
} }
} else if (!(flags & STREAM_EOF) && } else if (!(flags & STREAM_EOF) &&

Write Preview
Loading…
Cancel
Save