detect-tls: check return values of functions on setup

Check the return values of DetectBufferSetActiveList() and DetectSignatureSetAppProto().
6 years ago · 0f7f35bd85
parent 1c04d7cdae
commit 0f7f35bd85
7 changed files with 48 additions and 21 deletions
--- a/src/detect-tls-cert-fingerprint.c
+++ b/src/detect-tls-cert-fingerprint.c
@ -111,13 +111,15 @@ void DetectTlsFingerprintRegister(void)
 * \param str      Should hold an empty string always
 *
 * \retval 0  On success
 * \retval -1 On failure
 */
 static int DetectTlsFingerprintSetup(DetectEngineCtx *de_ctx, Signature *s,
                                     const char *str)
 {
-    DetectBufferSetActiveList(s, g_tls_cert_fingerprint_buffer_id);
+    if (DetectBufferSetActiveList(s, g_tls_cert_fingerprint_buffer_id) < 0)
        return -1;
-    if (DetectSignatureSetAppProto(s, ALPROTO_TLS) != 0)
+    if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
        return -1;
    return 0;
--- a/src/detect-tls-cert-issuer.c
+++ b/src/detect-tls-cert-issuer.c
@ -102,11 +102,16 @@ void DetectTlsIssuerRegister(void)
 * \param str      Should hold an empty string always
 *
 * \retval 0  On success
 * \retval -1 On failure
 */
 static int DetectTlsIssuerSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
 {
-    DetectBufferSetActiveList(s, g_tls_cert_issuer_buffer_id);
+    if (DetectBufferSetActiveList(s, g_tls_cert_issuer_buffer_id) < 0)
-    s->alproto = ALPROTO_TLS;
+        return -1;
    if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
        return -1;
    return 0;
 }
--- a/src/detect-tls-cert-serial.c
+++ b/src/detect-tls-cert-serial.c
@ -111,12 +111,14 @@ void DetectTlsSerialRegister(void)
 * \param str      Should hold an empty string always
 *
 * \retval 0  On success
 * \retval -1 On failure
 */
 static int DetectTlsSerialSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
 {
-    DetectBufferSetActiveList(s, g_tls_cert_serial_buffer_id);
+    if (DetectBufferSetActiveList(s, g_tls_cert_serial_buffer_id) < 0)
        return -1;
-    if (DetectSignatureSetAppProto(s, ALPROTO_TLS) != 0)
+    if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
        return -1;
    return 0;
--- a/src/detect-tls-cert-subject.c
+++ b/src/detect-tls-cert-subject.c
@ -101,11 +101,16 @@ void DetectTlsSubjectRegister(void)
 * \param str      Should hold an empty string always
 *
 * \retval 0  On success
 * \retval -1 On failure
 */
 static int DetectTlsSubjectSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
 {
-    DetectBufferSetActiveList(s, g_tls_cert_subject_buffer_id);
+    if (DetectBufferSetActiveList(s, g_tls_cert_subject_buffer_id) < 0)
-    s->alproto = ALPROTO_TLS;
+        return -1;
    if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
        return -1;
    return 0;
 }
--- a/src/detect-tls-ja3-hash.c
+++ b/src/detect-tls-ja3-hash.c
@ -112,11 +112,15 @@ void DetectTlsJa3HashRegister(void)
 * \param str    Should hold an empty string always
 *
 * \retval 0  On success
 * \retval -1 On failure
 */
 static int DetectTlsJa3HashSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
 {
-    DetectBufferSetActiveList(s, g_tls_ja3_hash_buffer_id);
+    if (DetectBufferSetActiveList(s, g_tls_ja3_hash_buffer_id) < 0)
-    s->alproto = ALPROTO_TLS;
+        return -1;
    if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
        return -1;
    if (RunmodeIsUnittests())
        return 0;
--- a/src/detect-tls-ja3-string.c
+++ b/src/detect-tls-ja3-string.c
@ -102,11 +102,15 @@ void DetectTlsJa3StringRegister(void)
 * \param str    Should hold an empty string always
 *
 * \retval 0  On success
 * \retval -1 On failure
 */
 static int DetectTlsJa3StringSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
 {
-    DetectBufferSetActiveList(s, g_tls_ja3_str_buffer_id);
+    if (DetectBufferSetActiveList(s, g_tls_ja3_str_buffer_id) < 0)
-    s->alproto = ALPROTO_TLS;
+        return -1;
    if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
        return -1;
    if (RunmodeIsUnittests())
        return 0;
--- a/src/detect-tls-sni.c
+++ b/src/detect-tls-sni.c
@ -100,11 +100,16 @@ void DetectTlsSniRegister(void)
 * \param str      Should hold an empty string always
 *
 * \retval 0  On success
 * \retval -1 On failure
 */
 static int DetectTlsSniSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
 {
-    DetectBufferSetActiveList(s, g_tls_sni_buffer_id);
+    if (DetectBufferSetActiveList(s, g_tls_sni_buffer_id) < 0)
-    s->alproto = ALPROTO_TLS;
+        return -1;
    if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
        return -1;
    return 0;
 }