aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add a /* fall through */ comment for all switch case fall throughs.

Browse Source 
This should server as a message to coverity that the fall through is
intentional.
pull/590/merge
Anoop Saldanha 13 years ago committed by Victor Julien
parent b6efaeb0c0
commit 619414c59e
10 changed files with 401 additions and 5 deletions
Show Stats Download Patch File Download Diff File

79
src/app-layer-dcerpc-udp.c
Unescape Escape View File

@ -267,318 +267,397 @@ static int DCERPCUDPParseHeader(Flow *f, void *dcerpcudp_state,
/* We fall through to the next case if we still have input.
* Same applies for other cases as well */
}
/* fall through */
case 1:
sstate->dcerpc.dcerpchdrudp.type = *(p++);
if (!(--input_len))
break;
/* fall through */
case 2:
sstate->dcerpc.dcerpchdrudp.flags1 = *(p++);
if (!(--input_len))
break;
/* fall through */
case 3:
sstate->dcerpc.dcerpchdrudp.flags2 = *(p++);
if (!(--input_len))
break;
/* fall through */
case 4:
sstate->dcerpc.dcerpchdrudp.drep[0] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 5:
sstate->dcerpc.dcerpchdrudp.drep[1] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 6:
sstate->dcerpc.dcerpchdrudp.drep[2] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 7:
sstate->dcerpc.dcerpchdrudp.serial_hi = *(p++);
if (!(--input_len))
break;
/* fall through */
case 8:
sstate->dcerpc.dcerpchdrudp.objectuuid[3] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 9:
sstate->dcerpc.dcerpchdrudp.objectuuid[2] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 10:
sstate->dcerpc.dcerpchdrudp.objectuuid[1] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 11:
sstate->dcerpc.dcerpchdrudp.objectuuid[0] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 12:
sstate->dcerpc.dcerpchdrudp.objectuuid[5] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 13:
sstate->dcerpc.dcerpchdrudp.objectuuid[4] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 14:
sstate->dcerpc.dcerpchdrudp.objectuuid[7] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 15:
sstate->dcerpc.dcerpchdrudp.objectuuid[6] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 16:
sstate->dcerpc.dcerpchdrudp.objectuuid[8] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 17:
sstate->dcerpc.dcerpchdrudp.objectuuid[9] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 18:
sstate->dcerpc.dcerpchdrudp.objectuuid[10] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 19:
sstate->dcerpc.dcerpchdrudp.objectuuid[11] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 20:
sstate->dcerpc.dcerpchdrudp.objectuuid[12] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 21:
sstate->dcerpc.dcerpchdrudp.objectuuid[13] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 22:
sstate->dcerpc.dcerpchdrudp.objectuuid[14] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 23:
sstate->dcerpc.dcerpchdrudp.objectuuid[15] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 24:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[3] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 25:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[2] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 26:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[1] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 27:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[0] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 28:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[5] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 29:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[4] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 30:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[7] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 31:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[6] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 32:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[8] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 33:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[9] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 34:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[10] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 35:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[11] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 36:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[12] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 37:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[13] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 38:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[14] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 39:
sstate->dcerpc.dcerpchdrudp.interfaceuuid[15] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 40:
sstate->dcerpc.dcerpchdrudp.activityuuid[3] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 41:
sstate->dcerpc.dcerpchdrudp.activityuuid[2] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 42:
sstate->dcerpc.dcerpchdrudp.activityuuid[1] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 43:
sstate->dcerpc.dcerpchdrudp.activityuuid[0] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 44:
sstate->dcerpc.dcerpchdrudp.activityuuid[5] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 45:
sstate->dcerpc.dcerpchdrudp.activityuuid[4] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 46:
sstate->dcerpc.dcerpchdrudp.activityuuid[7] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 47:
sstate->dcerpc.dcerpchdrudp.activityuuid[6] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 48:
sstate->dcerpc.dcerpchdrudp.activityuuid[8] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 49:
sstate->dcerpc.dcerpchdrudp.activityuuid[9] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 50:
sstate->dcerpc.dcerpchdrudp.activityuuid[10] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 51:
sstate->dcerpc.dcerpchdrudp.activityuuid[11] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 52:
sstate->dcerpc.dcerpchdrudp.activityuuid[12] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 53:
sstate->dcerpc.dcerpchdrudp.activityuuid[13] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 54:
sstate->dcerpc.dcerpchdrudp.activityuuid[14] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 55:
sstate->dcerpc.dcerpchdrudp.activityuuid[15] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 56:
sstate->dcerpc.dcerpchdrudp.server_boot = *(p++);
if (!(--input_len))
break;
/* fall through */
case 57:
sstate->dcerpc.dcerpchdrudp.server_boot |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 58:
sstate->dcerpc.dcerpchdrudp.server_boot |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 59:
sstate->dcerpc.dcerpchdrudp.server_boot |= *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 60:
sstate->dcerpc.dcerpchdrudp.if_vers = *(p++);
if (!(--input_len))
break;
/* fall through */
case 61:
sstate->dcerpc.dcerpchdrudp.if_vers |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 62:
sstate->dcerpc.dcerpchdrudp.if_vers |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 63:
sstate->dcerpc.dcerpchdrudp.if_vers |= *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 64:
sstate->dcerpc.dcerpchdrudp.seqnum = *(p++);
if (!(--input_len))
break;
/* fall through */
case 65:
sstate->dcerpc.dcerpchdrudp.seqnum |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 66:
sstate->dcerpc.dcerpchdrudp.seqnum |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 67:
sstate->dcerpc.dcerpchdrudp.seqnum |= *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 68:
sstate->dcerpc.dcerpchdrudp.opnum = *(p++);
if (!(--input_len))
break;
/* fall through */
case 69:
sstate->dcerpc.dcerpchdrudp.opnum |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 70:
sstate->dcerpc.dcerpchdrudp.ihint = *(p++);
if (!(--input_len))
break;
/* fall through */
case 71:
sstate->dcerpc.dcerpchdrudp.ihint |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 72:
sstate->dcerpc.dcerpchdrudp.ahint = *(p++);
if (!(--input_len))
break;
/* fall through */
case 73:
sstate->dcerpc.dcerpchdrudp.ahint |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 74:
sstate->dcerpc.dcerpchdrudp.fraglen = *(p++);
if (!(--input_len))
break;
/* fall through */
case 75:
sstate->dcerpc.dcerpchdrudp.fraglen |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 76:
sstate->dcerpc.dcerpchdrudp.fragnum = *(p++);
if (!(--input_len))
break;
/* fall through */
case 77:
sstate->dcerpc.dcerpchdrudp.fragnum |= *(p++);
if (!(--input_len))
break;
/* fall through */
case 78:
sstate->dcerpc.dcerpchdrudp.auth_proto = *(p++);
if (!(--input_len))
break;
/* fall through */
case 79:
sstate->dcerpc.dcerpchdrudp.serial_lo = *(p++);
if (sstate->dcerpc.dcerpchdrudp.drep[0] != 0x10) {

112
src/app-layer-dcerpc.c
Unescape Escape View File

@ -197,14 +197,17 @@ static uint32_t DCERPCGetCTXItems(DCERPC *dcerpc, uint8_t *input, uint32_t input
if (!(--input_len))
break;
}
/* fall through */
case 1:
p++;
if (!(--input_len))
break;
/* fall through */
case 2:
p++;
if (!(--input_len))
break;
/* fall through */
case 3:
p++;
input_len--;
@ -329,6 +332,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
if (!(--input_len))
break;
}
/* fall through */
case 1:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.ctxid |= *(p++) << 8;
@ -337,16 +341,19 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 2:
/* num transact items */
p++;
if (!(--input_len))
break;
/* fall through */
case 3:
/* reserved */
p++;
if (!(--input_len))
break;
/* fall through */
case 4:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.uuid[3] = *(p++);
@ -355,6 +362,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 5:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.uuid[2] = *(p++);
@ -363,6 +371,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 6:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.uuid[1] = *(p++);
@ -371,6 +380,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 7:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.uuid[0] = *(p++);
@ -379,6 +389,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 8:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.uuid[5] = *(p++);
@ -387,6 +398,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 9:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.uuid[4] = *(p++);
@ -395,6 +407,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 10:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.uuid[7] = *(p++);
@ -403,6 +416,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 11:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.uuid[6] = *(p++);
@ -411,39 +425,48 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 12:
/* The following bytes are in the same order for both big and little endian */
dcerpc->dcerpcbindbindack.uuid[8] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 13:
dcerpc->dcerpcbindbindack.uuid[9] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 14:
dcerpc->dcerpcbindbindack.uuid[10] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 15:
dcerpc->dcerpcbindbindack.uuid[11] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 16:
dcerpc->dcerpcbindbindack.uuid[12] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 17:
dcerpc->dcerpcbindbindack.uuid[13] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 18:
dcerpc->dcerpcbindbindack.uuid[14] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 19:
dcerpc->dcerpcbindbindack.uuid[15] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 20:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.version = *(p++);
@ -452,6 +475,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 21:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.version |= *(p++) << 8;
@ -460,6 +484,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 22:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.versionminor = *(p++);
@ -468,6 +493,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 23:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.versionminor |= *(p++) << 8;
@ -476,82 +502,102 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t
}
if (!(--input_len))
break;
/* fall through */
case 24:
p++;
if (!(--input_len))
break;
/* fall through */
case 25:
p++;
if (!(--input_len))
break;
/* fall through */
case 26:
p++;
if (!(--input_len))
break;
/* fall through */
case 27:
p++;
if (!(--input_len))
break;
/* fall through */
case 28:
p++;
if (!(--input_len))
break;
/* fall through */
case 29:
p++;
if (!(--input_len))
break;
/* fall through */
case 30:
p++;
if (!(--input_len))
break;
/* fall through */
case 31:
p++;
if (!(--input_len))
break;
/* fall through */
case 32:
p++;
if (!(--input_len))
break;
/* fall through */
case 33:
p++;
if (!(--input_len))
break;
/* fall through */
case 34:
p++;
if (!(--input_len))
break;
/* fall through */
case 35:
p++;
if (!(--input_len))
break;
/* fall through */
case 36:
p++;
if (!(--input_len))
break;
/* fall through */
case 37:
p++;
if (!(--input_len))
break;
/* fall through */
case 38:
p++;
if (!(--input_len))
break;
/* fall through */
case 39:
p++;
if (!(--input_len))
break;
/* fall through */
case 40:
p++;
if (!(--input_len))
break;
/* fall through */
case 41:
p++;
if (!(--input_len))
break;
/* fall through */
case 42:
p++;
if (!(--input_len))
break;
/* fall through */
case 43:
p++;
--input_len;
@ -666,6 +712,7 @@ static uint32_t DCERPCParseBINDACKCTXItem(DCERPC *dcerpc, uint8_t *input, uint32
if (!(--input_len))
break;
}
/* fall through */
case 1:
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
dcerpc->dcerpcbindbindack.result |= *(p++) << 8;
@ -674,92 +721,114 @@ static uint32_t DCERPCParseBINDACKCTXItem(DCERPC *dcerpc, uint8_t *input, uint32
}
if (!(--input_len))
break;
/* fall through */
case 2:
/* num transact items */
p++;
if (!(--input_len))
break;
/* fall through */
case 3:
/* reserved */
p++;
if (!(--input_len))
break;
/* fall through */
case 4:
p++;
if (!(--input_len))
break;
/* fall through */
case 5:
p++;
if (!(--input_len))
break;
/* fall through */
case 6:
p++;
if (!(--input_len))
break;
/* fall through */
case 7:
p++;
if (!(--input_len))
break;
/* fall through */
case 8:
p++;
if (!(--input_len))
break;
/* fall through */
case 9:
p++;
if (!(--input_len))
break;
/* fall through */
case 10:
p++;
if (!(--input_len))
break;
/* fall through */
case 11:
p++;
if (!(--input_len))
break;
/* fall through */
case 12:
p++;
if (!(--input_len))
break;
/* fall through */
case 13:
p++;
if (!(--input_len))
break;
/* fall through */
case 14:
p++;
if (!(--input_len))
break;
/* fall through */
case 15:
p++;
if (!(--input_len))
break;
/* fall through */
case 16:
p++;
if (!(--input_len))
break;
/* fall through */
case 17:
p++;
if (!(--input_len))
break;
/* fall through */
case 18:
p++;
if (!(--input_len))
break;
/* fall through */
case 19:
p++;
if (!(--input_len))
break;
/* fall through */
case 20:
p++;
if (!(--input_len))
break;
/* fall through */
case 21:
p++;
if (!(--input_len))
break;
/* fall through */
case 22:
p++;
if (!(--input_len))
break;
/* fall through */
case 23:
TAILQ_FOREACH(uuid_entry, &dcerpc->dcerpcbindbindack.uuid_list, next) {
if (uuid_entry->internal_id == dcerpc->dcerpcbindbindack.uuid_internal_id) {
@ -833,41 +902,49 @@ static uint32_t DCERPCParseBIND(DCERPC *dcerpc, uint8_t *input, uint32_t input_l
if (!(--input_len))
break;
}
/* fall through */
case 17:
/* max_xmit_frag */
p++;
if (!(--input_len))
break;
/* fall through */
case 18:
/* max_recv_frag */
p++;
if (!(--input_len))
break;
/* fall through */
case 19:
/* max_recv_frag */
p++;
if (!(--input_len))
break;
/* fall through */
case 20:
/* assoc_group_id */
p++;
if (!(--input_len))
break;
/* fall through */
case 21:
/* assoc_group_id */
p++;
if (!(--input_len))
break;
/* fall through */
case 22:
/* assoc_group_id */
p++;
if (!(--input_len))
break;
/* fall through */
case 23:
/* assoc_group_id */
p++;
if (!(--input_len))
break;
/* fall through */
case 24:
while ((item = TAILQ_FIRST(&dcerpc->dcerpcbindbindack.uuid_list))) {
TAILQ_REMOVE(&dcerpc->dcerpcbindbindack.uuid_list, item, next);
@ -886,21 +963,25 @@ static uint32_t DCERPCParseBIND(DCERPC *dcerpc, uint8_t *input, uint32_t input_l
TAILQ_INIT(&dcerpc->dcerpcbindbindack.uuid_list);
if (!(--input_len))
break;
/* fall through */
case 25:
/* pad byte 1 */
p++;
if (!(--input_len))
break;
/* fall through */
case 26:
/* pad byte 2 */
p++;
if (!(--input_len))
break;
/* fall through */
case 27:
/* pad byte 3 */
p++;
--input_len;
break;
/* fall through */
default:
dcerpc->bytesprocessed++;
SCReturnUInt(1);
@ -936,45 +1017,54 @@ static uint32_t DCERPCParseBINDACK(DCERPC *dcerpc, uint8_t *input, uint32_t inpu
if (!(--input_len))
break;
}
/* fall through */
case 17:
/* max_xmit_frag */
p++;
if (!(--input_len))
break;
/* fall through */
case 18:
/* max_recv_frag */
p++;
if (!(--input_len))
break;
/* fall through */
case 19:
/* max_recv_frag */
p++;
if (!(--input_len))
break;
/* fall through */
case 20:
/* assoc_group_id */
p++;
if (!(--input_len))
break;
/* fall through */
case 21:
/* assoc_group_id */
p++;
if (!(--input_len))
break;
/* fall through */
case 22:
/* assoc_group_id */
p++;
if (!(--input_len))
break;
/* fall through */
case 23:
/* assoc_group_id */
p++;
if (!(--input_len))
break;
/* fall through */
case 24:
dcerpc->dcerpcbindbindack.secondaryaddrlen = *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 25:
dcerpc->dcerpcbindbindack.secondaryaddrlen |= *(p++);
if (dcerpc->dcerpchdr.packed_drep[0] & 0x10) {
@ -1024,26 +1114,31 @@ static uint32_t DCERPCParseREQUEST(DCERPC *dcerpc, uint8_t *input, uint32_t inpu
if (!(--input_len))
break;
}
/* fall through */
case 17:
/* alloc hint 2 */
p++;
if (!(--input_len))
break;
/* fall through */
case 18:
/* alloc hint 3 */
p++;
if (!(--input_len))
break;
/* fall through */
case 19:
/* alloc hint 4 */
p++;
if (!(--input_len))
break;
/* fall through */
case 20:
/* context id 1 */
dcerpc->dcerpcrequest.ctxid = *(p++);
if (!(--input_len))
break;
/* fall through */
case 21:
/* context id 2 */
dcerpc->dcerpcrequest.ctxid |= *(p++) << 8;
@ -1053,6 +1148,7 @@ static uint32_t DCERPCParseREQUEST(DCERPC *dcerpc, uint8_t *input, uint32_t inpu
dcerpc->dcerpcrequest.first_request_seen = 1;
if (!(--input_len))
break;
/* fall through */
case 22:
if (dcerpc->dcerpchdr.type == REQUEST) {
dcerpc->dcerpcrequest.opnum = *(p++);
@ -1061,6 +1157,7 @@ static uint32_t DCERPCParseREQUEST(DCERPC *dcerpc, uint8_t *input, uint32_t inpu
}
if (!(--input_len))
break;
/* fall through */
case 23:
if (dcerpc->dcerpchdr.type == REQUEST) {
dcerpc->dcerpcrequest.opnum |= *(p++) << 8;
@ -1222,6 +1319,7 @@ static int DCERPCParseHeader(DCERPC *dcerpc, uint8_t *input, uint32_t input_len)
if (!(--input_len))
break;
}
/* fall through */
case 1:
dcerpc->dcerpchdr.rpc_vers_minor = *(p++);
if ((dcerpc->dcerpchdr.rpc_vers != 5) ||
@ -1232,60 +1330,74 @@ static int DCERPCParseHeader(DCERPC *dcerpc, uint8_t *input, uint32_t input_len)
}
if (!(--input_len))
break;
/* fall through */
case 2:
dcerpc->dcerpchdr.type = *(p++);
SCLogDebug("dcerpc->dcerpchdr.type %02x",
dcerpc->dcerpchdr.type);
if (!(--input_len))
break;
/* fall through */
case 3:
dcerpc->dcerpchdr.pfc_flags = *(p++);
if (!(--input_len))
break;
/* fall through */
case 4:
dcerpc->dcerpchdr.packed_drep[0] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 5:
dcerpc->dcerpchdr.packed_drep[1] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 6:
dcerpc->dcerpchdr.packed_drep[2] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 7:
dcerpc->dcerpchdr.packed_drep[3] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 8:
dcerpc->dcerpchdr.frag_length = *(p++);
if (!(--input_len))
break;
/* fall through */
case 9:
dcerpc->dcerpchdr.frag_length |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 10:
dcerpc->dcerpchdr.auth_length = *(p++);
if (!(--input_len))
break;
/* fall through */
case 11:
dcerpc->dcerpchdr.auth_length |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 12:
dcerpc->dcerpchdr.call_id = *(p++);
if (!(--input_len))
break;
/* fall through */
case 13:
dcerpc->dcerpchdr.call_id |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 14:
dcerpc->dcerpchdr.call_id |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 15:
dcerpc->dcerpchdr.call_id |= *(p++) << 24;
if (!(dcerpc->dcerpchdr.packed_drep[0] & 0x10)) {

4
src/app-layer-ftp.c
Unescape Escape View File

@ -132,9 +132,9 @@ static int FTPParseRequestCommandLine(Flow *f, void *ftp_state, AppLayerParserSt
fstate->port_line = memcpy(fstate->port_line, input,
input_len);
fstate->port_line_len = input_len;
break;
break;
default:
break;
break;
} /* end switch command specified args */
break;

113
src/app-layer-smb.c
Unescape Escape View File

@ -96,132 +96,160 @@ static uint32_t SMBParseWriteAndX(Flow *f, void *smb_state,
if (!(--input_len))
break;
}
/* fall through */
case 1:
p++; // Reserved
if (!(--input_len))
break;
/* fall through */
case 2:
sstate->andx.andxoffset = *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 3:
sstate->andx.andxoffset |= *(p++);
if (!(--input_len))
break;
/* fall through */
case 4:
// SMB_COM_WRITE_ANDX Fid 1
p++;
if (!(--input_len))
break;
/* fall through */
case 5:
// SMB_COM_WRITE_ANDX Fid 2
p++;
if (!(--input_len))
break;
/* fall through */
case 6:
// SMB_COM_WRITE_ANDX Offset 1
p++;
if (!(--input_len))
break;
/* fall through */
case 7:
// SMB_COM_WRITE_ANDX Offset 2
p++;
if (!(--input_len))
break;
/* fall through */
case 8:
// SMB_COM_WRITE_ANDX Offset 3
p++;
if (!(--input_len))
break;
/* fall through */
case 9:
// SMB_COM_WRITE_ANDX Offset 4
p++;
if (!(--input_len))
break;
/* fall through */
case 10:
// SMB_COM_WRITE_ANDX Reserved 1
p++;
if (!(--input_len))
break;
/* fall through */
case 11:
// SMB_COM_WRITE_ANDX Reserved 2
p++;
if (!(--input_len))
break;
/* fall through */
case 12:
// SMB_COM_WRITE_ANDX Reserved 3
p++;
if (!(--input_len))
break;
/* fall through */
case 13:
// SMB_COM_WRITE_ANDX Reserved 4
p++;
if (!(--input_len))
break;
/* fall through */
case 14:
// SMB_COM_WRITE_ANDX WriteMode 1
p++;
if (!(--input_len))
break;
/* fall through */
case 15:
// SMB_COM_WRITE_ANDX WriteMode 2
p++;
if (!(--input_len))
break;
/* fall through */
case 16:
// SMB_COM_WRITE_ANDX BytesRemaining 1
p++;
if (!(--input_len))
break;
/* fall through */
case 17:
// SMB_COM_WRITE_ANDX BytesRemaining 2
p++;
if (!(--input_len))
break;
/* fall through */
case 18:
// DataLengthHigh 1
sstate->andx.datalengthhigh = *(p++);
if (!(--input_len))
break;
/* fall through */
case 19:
// DataLengthHigh 2
sstate->andx.datalengthhigh |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 20:
// DataLength 1
sstate->andx.datalength = *(p++);
if (!(--input_len))
break;
/* fall through */
case 21:
// DataLength 2
sstate->andx.datalength |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 22:
sstate->andx.dataoffset = *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 23:
sstate->andx.dataoffset |= *(p++);
if (!(--input_len))
break;
/* fall through */
case 24:
sstate->andx.dataoffset |= (uint64_t) *(p++) << 56;
if (!(--input_len))
break;
/* fall through */
case 25:
sstate->andx.dataoffset |= (uint64_t) *(p++) << 48;
if (!(--input_len))
break;
/* fall through */
case 26:
sstate->andx.dataoffset |= (uint64_t) *(p++) << 40;
if (!(--input_len))
break;
/* fall through */
case 27:
sstate->andx.dataoffset |= (uint64_t) *(p++) << 32;
--input_len;
break;
/* fall through */
default:
sstate->bytesprocessed++;
SCReturnUInt(1);
@ -264,82 +292,100 @@ static uint32_t SMBParseReadAndX(Flow *f, void *smb_state,
if (!(--input_len))
break;
}
/* fall through */
case 1:
p++; // Reserved
if (!(--input_len))
break;
/* fall through */
case 2:
sstate->andx.andxoffset |= *(p++);
if (!(--input_len))
break;
/* fall through */
case 3:
sstate->andx.andxoffset |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 4:
// SMB_COM_READ_ANDX Remaining Reserved must be 0xff
p++;
if (!(--input_len))
break;
/* fall through */
case 5:
// SMB_COM_READ_ANDX Remaining Reserved must be 0xff
p++;
if (!(--input_len))
break;
/* fall through */
case 6:
// SMB_COM_READ_ANDX DataCompactionMode 1
p++;
if (!(--input_len))
break;
/* fall through */
case 7:
// SMB_COM_READ_ANDX DataCompactionMode 1
p++;
if (!(--input_len))
break;
/* fall through */
case 8:
// SMB_COM_READ_ANDX Reserved
p++;
if (!(--input_len))
break;
/* fall through */
case 9:
// SMB_COM_READ_ANDX Reserved
p++;
if (!(--input_len))
break;
/* fall through */
case 10:
sstate->andx.datalength = *(p++);
if (!(--input_len))
break;
/* fall through */
case 11:
sstate->andx.datalength |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 12:
sstate->andx.dataoffset = *(p++);
if (!(--input_len))
break;
/* fall through */
case 13:
sstate->andx.dataoffset |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 14:
sstate->andx.datalength |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 15:
sstate->andx.datalength |= *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 16:
// SMB_COM_READ_ANDX Reserved
p++;
if (!(--input_len))
break;
/* fall through */
case 17:
// SMB_COM_READ_ANDX Reserved
p++;
if (!(--input_len))
break;
/* fall through */
case 18:
// SMB_COM_READ_ANDX Reserved
p++;
@ -384,153 +430,184 @@ static uint32_t SMBParseTransact(Flow *f, void *smb_state,
if (!(--input_len))
break;
}
/* fall through */
case 1:
/* total parameter count 2 */
p++;
if (!(--input_len))
break;
/* fall through */
case 2:
/* total data count 1 */
p++;
if (!(--input_len))
break;
/* fall through */
case 3:
/* total data count 2 */
p++;
if (!(--input_len))
break;
/* fall through */
case 4:
/* max parameter count 1 */
p++;
if (!(--input_len))
break;
/* fall through */
case 5:
/* max parameter count 2 */
p++;
if (!(--input_len))
break;
/* fall through */
case 6:
/* max data count 1 */
p++;
if (!(--input_len))
break;
/* fall through */
case 7:
/* max data count 2 */
p++;
if (!(--input_len))
break;
/* fall through */
case 8:
/* max setup count */
p++;
if (!(--input_len))
break;
/* fall through */
case 9:
/* Reserved */
p++;
if (!(--input_len))
break;
/* fall through */
case 10:
/* Flags */
p++;
if (!(--input_len))
break;
/* fall through */
case 11:
/* Flags */
p++;
if (!(--input_len))
break;
/* fall through */
case 12:
/* Timeout */
p++;
if (!(--input_len))
break;
/* fall through */
case 13:
/* Timeout */
p++;
if (!(--input_len))
break;
/* fall through */
case 14:
/* Timeout */
p++;
if (!(--input_len))
break;
/* fall through */
case 15:
/* Timeout */
p++;
if (!(--input_len))
break;
/* fall through */
case 16:
/* Reserved */
p++;
if (!(--input_len))
break;
/* fall through */
case 17:
/* Reserved */
p++;
if (!(--input_len))
break;
/* fall through */
case 18:
/* Parameter Count */
p++;
if (!(--input_len))
break;
/* fall through */
case 19:
/* Parameter Count */
p++;
if (!(--input_len))
break;
/* fall through */
case 20:
/* Parameter Offset */
p++;
if (!(--input_len))
break;
/* fall through */
case 21:
/* Parameter Offset */
p++;
if (!(--input_len))
break;
/* fall through */
case 22:
/* Data Count */
sstate->andx.datalength = *(p++);
if (!(--input_len))
break;
/* fall through */
case 23:
/* Data Count */
sstate->andx.datalength |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 24:
/* Data Offset */
sstate->andx.dataoffset = *(p++);
if (!(--input_len))
break;
/* fall through */
case 25:
/* Data Offset */
sstate->andx.dataoffset |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 26:
/* Setup Count */
p++;
if (!(--input_len))
break;
/* fall through */
case 27:
/* Reserved */
p++;
if (!(--input_len))
break;
/* fall through */
case 28:
p++;
if (!(--input_len))
break;
/* fall through */
case 29:
p++;
if (!(--input_len))
break;
/* fall through */
case 30:
p++;
if (!(--input_len))
break;
/* fall through */
case 31:
p++;
--input_len;
@ -819,14 +896,17 @@ static uint32_t NBSSParseHeader(Flow *f, void *smb_state,
if (!(--input_len))
break;
}
/* fall through */
case 1:
sstate->nbss.length = (*(p++) & 0x01) << 16;
if (!(--input_len))
break;
/* fall through */
case 2:
sstate->nbss.length |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 3:
sstate->nbss.length |= *(p++);
--input_len;
@ -904,6 +984,7 @@ static int SMBParseHeader(Flow *f, void *smb_state,
/* We fall through to the next case if we still have input.
* Same applies for other cases as well */
}
/* fall through */
case 5:
if (*(p++) != 'S') {
SCLogDebug("SMB Header did not validate");
@ -911,6 +992,7 @@ static int SMBParseHeader(Flow *f, void *smb_state,
}
if (!(--input_len))
break;
/* fall through */
case 6:
if (*(p++) != 'M') {
SCLogDebug("SMB Header did not validate");
@ -918,6 +1000,7 @@ static int SMBParseHeader(Flow *f, void *smb_state,
}
if (!(--input_len))
break;
/* fall through */
case 7:
if (*(p++) != 'B') {
SCLogDebug("SMB Header did not validate");
@ -925,118 +1008,147 @@ static int SMBParseHeader(Flow *f, void *smb_state,
}
if (!(--input_len))
break;
/* fall through */
case 8:
sstate->smb.command = *(p++);
if (!(--input_len))
break;
/* fall through */
case 9:
sstate->smb.status = *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 10:
sstate->smb.status |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 11:
sstate->smb.status |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 12:
sstate->smb.status |= *(p++);
if (!(--input_len))
break;
/* fall through */
case 13:
sstate->smb.flags = *(p++);
if (!(--input_len))
break;
/* fall through */
case 14:
sstate->smb.flags2 = *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 15:
sstate->smb.flags2 |= *(p++);
if (!(--input_len))
break;
/* fall through */
case 16:
sstate->smb.pidhigh = *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 17:
sstate->smb.pidhigh |= *(p++);
if (!(--input_len))
break;
/* fall through */
case 18:
sstate->smb.securitysignature = (uint64_t) *(p++) << 56;
if (!(--input_len))
break;
/* fall through */
case 19:
sstate->smb.securitysignature |= (uint64_t) *(p++) << 48;
if (!(--input_len))
break;
/* fall through */
case 20:
sstate->smb.securitysignature |= (uint64_t) *(p++) << 40;
if (!(--input_len))
break;
/* fall through */
case 21:
sstate->smb.securitysignature |= (uint64_t) *(p++) << 32;
if (!(--input_len))
break;
/* fall through */
case 22:
sstate->smb.securitysignature |= (uint64_t) *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 23:
sstate->smb.securitysignature |= (uint64_t) *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 24:
sstate->smb.securitysignature |= (uint64_t) *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 25:
sstate->smb.securitysignature |= (uint64_t) *(p++);
if (!(--input_len))
break;
/* fall through */
case 26:
p++; // UNUSED
if (!(--input_len))
break;
/* fall through */
case 27:
p++; // UNUSED
if (!(--input_len))
break;
/* fall through */
case 28:
sstate->smb.tid = *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 29:
sstate->smb.tid |= *(p++);
if (!(--input_len))
break;
/* fall through */
case 30:
sstate->smb.pid = *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 31:
sstate->smb.pid |= *(p++);
if (!(--input_len))
break;
/* fall through */
case 32:
sstate->smb.uid = *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 33:
sstate->smb.uid |= *(p++);
if (!(--input_len))
break;
/* fall through */
case 34:
sstate->smb.mid = *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 35:
sstate->smb.mid |= *(p++);
--input_len;
break;
/* fall through */
}
}
sstate->bytesprocessed += (p - input);
@ -1369,6 +1481,7 @@ static uint16_t SMBProbingParser(uint8_t *input, uint32_t ilen, uint32_t *offset
return ALPROTO_SMB;
}
/* fall through */
case NBSS_SESSION_REQUEST:
case NBSS_POSITIVE_SESSION_RESPONSE:
case NBSS_NEGATIVE_SESSION_RESPONSE:

67
src/app-layer-smb2.c
Unescape Escape View File

@ -78,14 +78,17 @@ static uint32_t NBSSParseHeader(void *smb2_state, AppLayerParserState *pstate,
if (!(--input_len))
break;
}
/* fall through */
case 1:
sstate->nbss.length = (*(p++) & 0x01) << 16;
if (!(--input_len))
break;
/* fall through */
case 2:
sstate->nbss.length |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 3:
sstate->nbss.length |= *(p++);
--input_len;
@ -186,264 +189,328 @@ static uint32_t SMB2ParseHeader(void *smb2_state, AppLayerParserState *pstate,
/* We fall through to the next case if we still have input.
* Same applies for other cases as well */
}
/* fall through */
case 5:
//sstate->smb2.protocol[1] = *(p++);
if (*(p++) != 'S')
return 0;
if (!(--input_len))
break;
/* fall through */
case 6:
//sstate->smb2.protocol[2] = *(p++);
if (*(p++) != 'M')
return 0;
if (!(--input_len))
break;
/* fall through */
case 7:
//sstate->smb2.protocol[3] = *(p++);
if (*(p++) != 'B')
return 0;
if (!(--input_len))
break;
/* fall through */
case 8:
sstate->smb2.StructureSize = *(p++);
if (!(--input_len))
break;
/* fall through */
case 9:
sstate->smb2.StructureSize |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 10:
sstate->smb2.CreditCharge = *(p++);
if (!(--input_len))
break;
/* fall through */
case 11:
sstate->smb2.CreditCharge |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 12:
sstate->smb2.Status = *(p++);
if (!(--input_len))
break;
/* fall through */
case 13:
sstate->smb2.Status |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 14:
sstate->smb2.Status |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 15:
sstate->smb2.Status |= *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 16:
sstate->smb2.Command = *(p++);
if (!(--input_len))
break;
/* fall through */
case 17:
sstate->smb2.Command |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 18:
sstate->smb2.CreditRequestResponse = *(p++);
if (!(--input_len))
break;
/* fall through */
case 19:
sstate->smb2.CreditRequestResponse |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 20:
sstate->smb2.Flags = *(p++);
if (!(--input_len))
break;
/* fall through */
case 21:
sstate->smb2.Flags |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 22:
sstate->smb2.Flags |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 23:
sstate->smb2.Flags |= *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 24:
sstate->smb2.NextCommand = *(p++);
if (!(--input_len))
break;
/* fall through */
case 25:
sstate->smb2.NextCommand |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 26:
sstate->smb2.NextCommand |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 27:
sstate->smb2.NextCommand |= *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 28:
sstate->smb2.MessageId = *(p++);
if (!(--input_len))
break;
/* fall through */
case 29:
sstate->smb2.MessageId = *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 30:
sstate->smb2.MessageId = *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 31:
sstate->smb2.MessageId = (uint64_t) *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 32:
sstate->smb2.MessageId = (uint64_t) *(p++) << 32;
if (!(--input_len))
break;
/* fall through */
case 33:
sstate->smb2.MessageId = (uint64_t) *(p++) << 40;
if (!(--input_len))
break;
/* fall through */
case 34:
sstate->smb2.MessageId = (uint64_t) *(p++) << 48;
if (!(--input_len))
break;
/* fall through */
case 35:
sstate->smb2.MessageId = (uint64_t) *(p++) << 56;
if (!(--input_len))
break;
/* fall through */
case 36:
sstate->smb2.ProcessId = *(p++);
if (!(--input_len))
break;
/* fall through */
case 37:
sstate->smb2.ProcessId |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 38:
sstate->smb2.ProcessId |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 39:
sstate->smb2.ProcessId |= *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 40:
sstate->smb2.TreeId = *(p++);
if (!(--input_len))
break;
/* fall through */
case 41:
sstate->smb2.TreeId |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 42:
sstate->smb2.TreeId |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 43:
sstate->smb2.TreeId |= *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 44:
sstate->smb2.SessionId = *(p++);
if (!(--input_len))
break;
/* fall through */
case 45:
sstate->smb2.SessionId |= *(p++) << 8;
if (!(--input_len))
break;
/* fall through */
case 46:
sstate->smb2.SessionId |= *(p++) << 16;
if (!(--input_len))
break;
/* fall through */
case 47:
sstate->smb2.SessionId |= (uint64_t) *(p++) << 24;
if (!(--input_len))
break;
/* fall through */
case 48:
sstate->smb2.SessionId |= (uint64_t) *(p++) << 32;
if (!(--input_len))
break;
/* fall through */
case 49:
sstate->smb2.SessionId |= (uint64_t) *(p++) << 40;
if (!(--input_len))
break;
/* fall through */
case 50:
sstate->smb2.SessionId |= (uint64_t) *(p++) << 48;
if (!(--input_len))
break;
/* fall through */
case 51:
sstate->smb2.SessionId |= (uint64_t) *(p++) << 56;
if (!(--input_len))
break;
/* fall through */
case 52:
sstate->smb2.Signature[0] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 53:
sstate->smb2.Signature[1] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 54:
sstate->smb2.Signature[2] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 55:
sstate->smb2.Signature[3] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 56:
sstate->smb2.Signature[4] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 57:
sstate->smb2.Signature[5] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 58:
sstate->smb2.Signature[6] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 59:
sstate->smb2.Signature[7] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 60:
sstate->smb2.Signature[8] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 61:
sstate->smb2.Signature[9] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 62:
sstate->smb2.Signature[10] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 63:
sstate->smb2.Signature[11] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 64:
sstate->smb2.Signature[12] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 65:
sstate->smb2.Signature[13] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 66:
sstate->smb2.Signature[14] = *(p++);
if (!(--input_len))
break;
/* fall through */
case 67:
sstate->smb2.Signature[15] = *(p++);
--input_len;
break;
/* fall through */
}
}
sstate->bytesprocessed += (p - input);

25
src/app-layer-ssl.c
Unescape Escape View File

@ -270,6 +270,7 @@ static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, uint8_t *input,
{
return (input - initial_input);
}
/* fall through */
case 1:
ssl_state->curr_connp->message_length = *(input++) << 16;
ssl_state->curr_connp->bytes_processed++;
@ -280,6 +281,7 @@ static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, uint8_t *input,
{
return (input - initial_input);
}
/* fall through */
case 2:
ssl_state->curr_connp->message_length |= *(input++) << 8;
ssl_state->curr_connp->bytes_processed++;
@ -290,11 +292,13 @@ static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, uint8_t *input,
{
return (input - initial_input);
}
/* fall through */
case 3:
ssl_state->curr_connp->message_length |= *(input++);
ssl_state->curr_connp->bytes_processed++;
ssl_state->curr_connp->hs_bytes_processed++;
--input_len;
/* fall through */
}
retval = SSLv3ParseHandshakeType(ssl_state, input, input_len);
@ -330,22 +334,27 @@ static int SSLv3ParseRecord(uint8_t direction, SSLState *ssl_state,
if (--input_len == 0)
break;
}
/* fall through */
case 1:
ssl_state->curr_connp->version = *(input++) << 8;
if (--input_len == 0)
break;
/* fall through */
case 2:
ssl_state->curr_connp->version |= *(input++);
if (--input_len == 0)
break;
/* fall through */
case 3:
ssl_state->curr_connp->record_length = *(input++) << 8;
if (--input_len == 0)
break;
/* fall through */
case 4:
ssl_state->curr_connp->record_length |= *(input++);
if (--input_len == 0)
break;
/* fall through */
} /* switch (ssl_state->curr_connp->bytes_processed) */
ssl_state->curr_connp->bytes_processed += (input - initial_input);
@ -377,15 +386,18 @@ static int SSLv2ParseRecord(uint8_t direction, SSLState *ssl_state,
break;
}
/* fall through */
case 1:
ssl_state->curr_connp->record_length |= *(input++);
if (--input_len == 0)
break;
/* fall through */
case 2:
ssl_state->curr_connp->content_type = *(input++);
ssl_state->curr_connp->version = SSL_VERSION_2;
if (--input_len == 0)
break;
/* fall through */
} /* switch (ssl_state->curr_connp->bytes_processed) */
} else {
@ -402,23 +414,26 @@ static int SSLv2ParseRecord(uint8_t direction, SSLState *ssl_state,
if (--input_len == 0)
break;
}
/* fall through */
case 1:
ssl_state->curr_connp->record_length |= *(input++);
if (--input_len == 0)
break;
/* fall through */
case 2:
/* padding */
input++;
if (--input_len == 0)
break;
/* fall through */
case 3:
ssl_state->curr_connp->content_type = *(input++);
ssl_state->curr_connp->version = SSL_VERSION_2;
if (--input_len == 0)
break;
/* fall through */
} /* switch (ssl_state->curr_connp->bytes_processed) */
}
@ -491,31 +506,37 @@ static int SSLv2Decode(uint8_t direction, SSLState *ssl_state,
if (--input_len == 0)
break;
}
/* fall through */
case 5:
input++;
ssl_state->curr_connp->bytes_processed++;
if (--input_len == 0)
break;
/* fall through */
case 6:
input++;
ssl_state->curr_connp->bytes_processed++;
if (--input_len == 0)
break;
/* fall through */
case 7:
input++;
ssl_state->curr_connp->bytes_processed++;
if (--input_len == 0)
break;
/* fall through */
case 8:
ssl_state->curr_connp->session_id_length = *(input++) << 8;
ssl_state->curr_connp->bytes_processed++;
if (--input_len == 0)
break;
/* fall through */
case 9:
ssl_state->curr_connp->session_id_length |= *(input++);
ssl_state->curr_connp->bytes_processed++;
if (--input_len == 0)
break;
/* fall through */
} /* switch (ssl_state->curr_connp->bytes_processed) */
/* ssl_state->curr_connp->record_lengths_length is 3 */
@ -584,6 +605,7 @@ static int SSLv2Decode(uint8_t direction, SSLState *ssl_state,
} else {
ssl_state->flags |= SSL_AL_FLAG_STATE_CLIENT_KEYX;
}
/* fall through */
case SSLV2_MT_SERVER_VERIFY:
case SSLV2_MT_SERVER_FINISHED:
if (direction == 0 &&
@ -591,6 +613,7 @@ static int SSLv2Decode(uint8_t direction, SSLState *ssl_state,
SCLogDebug("Incorrect SSL Record type sent in the toserver "
"direction!");
}
/* fall through */
case SSLV2_MT_CLIENT_FINISHED:
case SSLV2_MT_REQUEST_CERTIFICATE:
/* both ways hello seen */

2
src/decode-icmpv4.c
Unescape Escape View File

@ -87,7 +87,7 @@ void DecodePartialIPV4( Packet* p, uint8_t* partial_packet, uint16_t len )
SCLogDebug("DecodePartialIPV4: ICMPV4->IPV4->TCP header sport: "
"%"PRIu8" dport %"PRIu8"", p->icmpv4vars.emb_sport,
p->icmpv4vars.emb_dport);
} else if (len >= IPV4_HEADER_LEN + 4) {
} else if (len >= IPV4_HEADER_LEN + 4) {
/* only access th_sport and th_dport */
TCPHdr *emb_tcph = (TCPHdr*)(partial_packet + IPV4_HEADER_LEN);

2
src/decode-pppoe.c
Unescape Escape View File

@ -200,7 +200,7 @@ void DecodePPPOESession(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_
}
DecodeIPV4(tv, dtv, p, pkt + PPPOE_SESSION_HEADER_LEN, len - PPPOE_SESSION_HEADER_LEN, pq );
break;
break;
/* PPP IPv6 was not tested */
case PPP_IPV6:

1
src/source-af-packet.c
Unescape Escape View File

@ -1398,6 +1398,7 @@ static int AFPCreateSocket(AFPThreadVars *ptv, char *devname, int verbose)
case ARPHRD_PPP:
case ARPHRD_ATM:
ptv->cooked = 1;
break;
}
TmEcode rc;

1
src/suricata.c
Unescape Escape View File

@ -1768,6 +1768,7 @@ static int ConfigGetCaptureValue(SCInstance *suri)
default_packet_size = GetIfaceMaxPacketSize(suri->pcap_dev);
if (default_packet_size)
break;
/* fall through */
default:
default_packet_size = DEFAULT_PACKET_SIZE;
}

Write Preview
Loading…
Cancel
Save