Eric Leblond
1f07d1521e
Fix realloc error handling
...
This patch is fixing realloc error handling. In case of a realloc
failure, it free the initial memory and continue existing error
handling.
The patch has been obtained via the following semantic patch and
a bit oh hand editing:
@@
expression x, E;
identifier f;
@@
f(...)
{
+ void *ptmp;
<+...
- x = SCRealloc(x, E);
+ ptmp = SCRealloc(x, E);
... when != x
- if (x == NULL)
+ if (ptmp == NULL)
{
+ SCFree(x);
+ x = NULL;
...
- }
+ } else {
+ x = ptmp;
+ }
...+>
}
@@
expression x, E;
identifier f;
statement ES;
@@
f(...) {
+ void *ptmp;
<+...
- x = SCRealloc(x, E);
+ ptmp = SCRealloc(x, E);
... when != x
- if (x == NULL) ES
+ if (ptmp == NULL) {
+ SCFree(x);
+ x = NULL;
+ ES
+ } else {
+ x = ptmp;
+ }
...+>
}
@@
expression x, E;
identifier f;
@@
f(...)
{
+ void *ptmp;
<+...
- x = SCRealloc(x, E);
+ ptmp = SCRealloc(x, E);
... when != x
- if (unlikely(x == NULL))
+ if (unlikely(ptmp == NULL))
{
+ SCFree(x);
+ x = NULL;
...
- }
+ } else {
+ x = ptmp;
+ }
...+>
}
@@
expression x, E;
identifier f;
statement ES;
@@
f(...) {
+ void *ptmp;
<+...
- x = SCRealloc(x, E);
+ ptmp = SCRealloc(x, E);
... when != x
- if (unlikely(x == NULL)) ES
+ if (unlikely(ptmp == NULL)) {
+ SCFree(x);
+ x = NULL;
+ ES
+ } else {
+ x = ptmp;
+ }
...+>
}
12 years ago
Victor Julien
ecd5c7573b
Coverity 1038135 fix
...
Small cleanup in the error handling. The extra null check confused
Coverity.
12 years ago
Ken Steele
784843b146
Use Tilera SIMD for Signature matching ala SSE3
...
Makes use of 8-wide byte compare instructions in signature matching.
For allocating aligned memory, _mm_malloc() is SSE only, so added
check for __tile__ to use memalign() instead.
Shows a 13% speed up.
12 years ago
Victor Julien
d0c1410cf5
Fix sig grouping bug when certain sigs are mixed. Add tests.
13 years ago
Eric Leblond
e176be6fcc
Use unlikely for error treatment.
...
When handling error case on SCMallog, SCCalloc or SCStrdup
we are in an unlikely case. This patch adds the unlikely()
expression to indicate this to gcc.
This patch has been obtained via coccinelle. The transformation
is the following:
@istested@
identifier x;
statement S1;
identifier func =~ "(SCMalloc|SCStrdup|SCCalloc)";
@@
x = func(...)
... when != x
- if (x == NULL) S1
+ if (unlikely(x == NULL)) S1
13 years ago
Victor Julien
8f71333e12
file: implement filesize keyword. #489 .
13 years ago
pi-rho
0df4c5838d
spelling corrections documented in redmine bug#533
13 years ago
Victor Julien
c9e93ec52c
filemd5: add support code for md5 handling for signatures.
13 years ago
Victor Julien
cdba2f50d1
Various fixes and improvements based on feedback by Coverity analyzer.
14 years ago
Anoop Saldanha
4810ee9c5f
All uricontent modified patterns now are DETECT_CONTENT and not DETECT_URICONTENT. Step towards unifying all content based patterns. Makes way for easier management of patterns
14 years ago
Victor Julien
d5ed28b065
Remove SIG_FLAG_MPM flag.
14 years ago
Victor Julien
4992f7c417
Remove SIG_FLAG_MPM_URI flag. It was checked but never set.
14 years ago
Victor Julien
9b62ec65ab
Make sure filemagic works properly regardless of filestore being in use for a flow.
14 years ago
Victor Julien
23e01d23d3
Implement filestore keyword, including a way for the stateful detection engine to conclude that a file will never have to be stored.
14 years ago
Anoop Saldanha
17f3f36d38
packet keywords only added for packet mpm. Rest in stream mpm. Update detection engine to handle the same
14 years ago
Anoop Saldanha
ed3b44b3b5
fix parsing content keywords. We are more strict now. All content keywords need to be enclosed in double quotes. Better validation for sid, priority and rev keywords
14 years ago
Victor Julien
4b52823ab6
Use 64 bit mask on 64-bit systems.
14 years ago
Victor Julien
e5b6c0f518
Check 32 masks per run instead of 16 in the SIMD code.
14 years ago
Victor Julien
2dbfdd40af
Clean up new SIMD mask checking code, improve non-SIMD checks.
14 years ago
Victor Julien
b421019cef
Match packet mask against 16 signature masks at once using SIMD instructions for SSE3 and up.
14 years ago
Gerardo Iglesias Galvan
91c001f93b
Fix potential crash in initialization cleanup code
14 years ago
Victor Julien
435d0fb327
Clean up signature flags creating room for merging flags and mpm_flags. Merge flags and mpm_flags. Move new mpm id's into signature header. Get rid of full signature access in signature prefiltering.
15 years ago
Anoop Saldanha
4883efd0f6
unifying content structure - uricontent now uses DetectContentData
15 years ago
Anoop Saldanha
e0476242c6
replace all Signature->umatch instances in the engine with Signature->sm_lists[DETECT_SM_LIST_UMATCH]
15 years ago
Anoop Saldanha
e54358a9e1
replace all Signature->pmatch instances in the engine with Signature->sm_lists[DETECT_SM_LIST_PMATCH]
15 years ago
Victor Julien
cbd4c298ed
Initial version of a new bitmask based signature pre-filtering method.
15 years ago
Victor Julien
1859ed54c7
Add memcmp api with a plain memcmp function and a SSE3 accelerated memcmp.
15 years ago
Victor Julien
fc248ca7a1
Many small performance updates.
15 years ago
Victor Julien
1071a53210
Fix unittests after ip_proto keyword change.
15 years ago
Victor Julien
9ba11dbfbd
Clean up detection engine mpm initialization phase.
15 years ago
Victor Julien
0219b767b8
Fix a content pattern matching bug related to signature grouping and mpm_ctx sharing. In certain conditions (signature combinations) the mpm_stream_ctx (the ctx that handles stream pattern scanning) wasn't properly setup.
15 years ago
Victor Julien
37442a8a84
Prefilter signatures before fully scanning them.
15 years ago
Victor Julien
83b2c8abdb
Improve stateful uri detection code.
15 years ago
Victor Julien
a24f288074
Moving the stream content scanning to have it's own mpm ctx.
15 years ago
Victor Julien
2fd31a1a11
Remove dsize grouping from detection engine grouping reducing memory usage. Store sgh in flow to reduce lookups. Reduce locking in alert handling. Increase default grouping values as we use less memory.
15 years ago
Victor Julien
70b32f7380
First stab at creating a stateful detection engine.
...
Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications:
- Generalize transaction tracking, logging and inspection.
- Adapt http and dcerpc to use the new transaction handling.
- Stream engine now always notifies app layer of a stream eof.
This commit fixes bug #124 .
15 years ago
Gerardo Iglesias Galvan
9f4fae5b1a
Fix inconsistent use of dynamic memory allocation
15 years ago
Victor Julien
46831e0f8f
Fix signature grouping bug for protocols without ports. Add debugging code.
15 years ago
Victor Julien
7a427ec7f4
Switch to pattern id based results checking in the mpm. Move app layer proto detection towards a more signature based approach.
15 years ago
Victor Julien
2576f4a149
Fix a bug in the signature grouping code that didn't properly setup the mpm ctx's in some cases.
15 years ago
William Metcalf
ce01927515
Import of GPLv2 Header 050410
15 years ago
Pablo Rincon
b708d7f65d
Adding Uricontent inspection with spm. Modifiers for uricontent are now supported
16 years ago
Victor Julien
bef70a04ce
First stage of detect engine redesign: equal patterns share id's, search phase no longer used, new match verification phase.
16 years ago
Pablo Rincon
25a3a5c6d8
Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks.
16 years ago
Pablo Rincon
c80160b96d
More examples of unittest helper functions usage reference
16 years ago
Victor Julien
ecf86f9c23
Rename to Suricata.
16 years ago
Victor Julien
e5b990a8ab
Fixup siggroup merge artifacts.
16 years ago
Anoop Saldanha
78db80ea15
Unittests and style fix for detect-engine-siggroup.[ch]
16 years ago
Victor Julien
3c7a038477
Further memory cleanups. Split out init only vars out of the sig group head.
16 years ago
Victor Julien
2d0e9658f8
Speed up per sgh content maxlen calc. Remove mpm ptrs from mpm ctx. Add unittests testing the detection engine internals.
16 years ago