aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

dcerpc: cleanup list handling

Browse Source
pull/1886/merge
Jason Ish 10 years ago committed by Victor Julien
parent 1efcaf2179
commit dddd2d06f6
2 changed files with 18 additions and 26 deletions
Show Stats Download Patch File Download Diff File

6
src/app-layer-dcerpc-common.h
Unescape Escape View File

@ -145,6 +145,8 @@ typedef struct DCERPCUuidEntry_ {
TAILQ_ENTRY(DCERPCUuidEntry_) next;
} DCERPCUuidEntry;
typedef TAILQ_HEAD(DCERPCUuidEntryList_, DCERPCUuidEntry_) DCERPCUuidEntryList;
typedef struct DCERPCBindBindAck_ {
uint8_t numctxitems;
uint8_t numctxitemsleft;
@ -154,9 +156,9 @@ typedef struct DCERPCBindBindAck_ {
uint16_t version;
uint16_t versionminor;
DCERPCUuidEntry *uuid_entry;
TAILQ_HEAD(, DCERPCUuidEntry_) uuid_list;
DCERPCUuidEntryList uuid_list;
/* the interface uuids that the server has accepted */
TAILQ_HEAD(, DCERPCUuidEntry_) accepted_uuid_list;
DCERPCUuidEntryList accepted_uuid_list;
uint16_t uuid_internal_id;
uint16_t secondaryaddrlen;
uint16_t secondaryaddrlenleft;

38
src/app-layer-dcerpc.c
Unescape Escape View File

@ -77,6 +77,8 @@ enum {
DCERPC_FIELD_MAX,
};
void DCERPCUuidListFree(DCERPCUuidEntryList *list);
/* \brief hexdump function from libdnet, used for debugging only */
void hexdump(/*Flow *f,*/ const void *buf, size_t len)
{
@ -875,22 +877,15 @@ static uint32_t DCERPCParseBINDACKCTXItem(DCERPC *dcerpc, uint8_t *input, uint32
static uint32_t DCERPCParseBIND(DCERPC *dcerpc, uint8_t *input, uint32_t input_len)
{
SCEnter();
DCERPCUuidEntry *item;
uint8_t *p = input;
if (input_len) {
switch (dcerpc->bytesprocessed) {
case 16:
dcerpc->dcerpcbindbindack.numctxitems = 0;
if (input_len >= 12) {
while ((item = TAILQ_FIRST(&dcerpc->dcerpcbindbindack.uuid_list))) {
TAILQ_REMOVE(&dcerpc->dcerpcbindbindack.uuid_list, item, next);
SCFree(item);
}
DCERPCUuidListFree(&dcerpc->dcerpcbindbindack.uuid_list);
if (dcerpc->dcerpchdr.type == BIND) {
while ((item = TAILQ_FIRST(&dcerpc->dcerpcbindbindack.accepted_uuid_list))) {
TAILQ_REMOVE(&dcerpc->dcerpcbindbindack.accepted_uuid_list, item, next);
SCFree(item);
}
DCERPCUuidListFree(&dcerpc->dcerpcbindbindack.accepted_uuid_list);
}
dcerpc->dcerpcbindbindack.uuid_internal_id = 0;
dcerpc->dcerpcbindbindack.numctxitems = *(p + 8);
@ -947,15 +942,9 @@ static uint32_t DCERPCParseBIND(DCERPC *dcerpc, uint8_t *input, uint32_t input_l
break;
/* fall through */
case 24:
while ((item = TAILQ_FIRST(&dcerpc->dcerpcbindbindack.uuid_list))) {
TAILQ_REMOVE(&dcerpc->dcerpcbindbindack.uuid_list, item, next);
SCFree(item);
}
DCERPCUuidListFree(&dcerpc->dcerpcbindbindack.uuid_list);
if (dcerpc->dcerpchdr.type == BIND) {
while ((item = TAILQ_FIRST(&dcerpc->dcerpcbindbindack.accepted_uuid_list))) {
TAILQ_REMOVE(&dcerpc->dcerpcbindbindack.accepted_uuid_list, item, next);
SCFree(item);
}
DCERPCUuidListFree(&dcerpc->dcerpcbindbindack.accepted_uuid_list);
}
dcerpc->dcerpcbindbindack.uuid_internal_id = 0;
dcerpc->dcerpcbindbindack.numctxitems = *(p++);
@ -1970,19 +1959,20 @@ static void *DCERPCStateAlloc(void)
SCReturnPtr((void *)s, "void");
}
void DCERPCCleanup(DCERPC *dcerpc)
void DCERPCUuidListFree(DCERPCUuidEntryList *list)
{
DCERPCUuidEntry *entry;
while ((entry = TAILQ_FIRST(&dcerpc->dcerpcbindbindack.uuid_list))) {
TAILQ_REMOVE(&dcerpc->dcerpcbindbindack.uuid_list, entry, next);
while ((entry = TAILQ_FIRST(list))) {
TAILQ_REMOVE(list, entry, next);
SCFree(entry);
}
}
while ((entry = TAILQ_FIRST(&dcerpc->dcerpcbindbindack.accepted_uuid_list))) {
TAILQ_REMOVE(&dcerpc->dcerpcbindbindack.accepted_uuid_list, entry, next);
SCFree(entry);
}
void DCERPCCleanup(DCERPC *dcerpc)
{
DCERPCUuidListFree(&dcerpc->dcerpcbindbindack.uuid_list);
DCERPCUuidListFree(&dcerpc->dcerpcbindbindack.accepted_uuid_list);
if (dcerpc->dcerpcrequest.stub_data_buffer != NULL) {
SCFree(dcerpc->dcerpcrequest.stub_data_buffer);

Write Preview
Loading…
Cancel
Save