From e60ceea87cc8b6a58a845e9dde7682b47bac3c84 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Mon, 27 Oct 2014 12:54:17 -0500 Subject: [PATCH 01/14] Fix errors/warnings when compiling with -std=c++11 These are compatibility changes only. --- src/Brofiler.cc | 2 +- src/DNS_Mgr.cc | 4 ++-- src/H3.h | 2 +- src/Reassem.cc | 2 +- src/RemoteSerializer.cc | 10 +++++----- src/SerializationFormat.cc | 6 +++--- src/Sessions.cc | 2 +- src/Stats.cc | 2 +- src/analyzer/Analyzer.cc | 4 ++-- src/analyzer/protocol/http/HTTP.cc | 4 ++-- src/analyzer/protocol/smtp/SMTP.cc | 7 ++++--- src/analyzer/protocol/snmp/snmp-analyzer.pac | 2 +- src/analyzer/protocol/tcp/TCP.cc | 4 ++-- src/analyzer/protocol/tcp/TCP_Reassembler.cc | 10 +++++----- src/cq.c | 4 ++-- 15 files changed, 33 insertions(+), 32 deletions(-) diff --git a/src/Brofiler.cc b/src/Brofiler.cc index 777be52217..e7d8c8fdeb 100644 --- a/src/Brofiler.cc +++ b/src/Brofiler.cc @@ -96,7 +96,7 @@ bool Brofiler::WriteStats() map, uint64 >::const_iterator it; for ( it = usage_map.begin(); it != usage_map.end(); ++it ) { - fprintf(f, "%"PRIu64"%c%s%c%s\n", it->second, delim, + fprintf(f, "%" PRIu64"%c%s%c%s\n", it->second, delim, it->first.first.c_str(), delim, it->first.second.c_str()); } diff --git a/src/DNS_Mgr.cc b/src/DNS_Mgr.cc index 2c049ba803..11fd258d09 100644 --- a/src/DNS_Mgr.cc +++ b/src/DNS_Mgr.cc @@ -214,7 +214,7 @@ DNS_Mapping::DNS_Mapping(FILE* f) char req_buf[512+1], name_buf[512+1]; int is_req_host; - if ( sscanf(buf, "%lf %d %512s %d %512s %d %d %"PRIu32, &creation_time, + if ( sscanf(buf, "%lf %d %512s %d %512s %d %d %" PRIu32, &creation_time, &is_req_host, req_buf, &failed, name_buf, &map_type, &num_addrs, &req_ttl) != 8 ) return; @@ -360,7 +360,7 @@ void DNS_Mapping::Clear() void DNS_Mapping::Save(FILE* f) const { - fprintf(f, "%.0f %d %s %d %s %d %d %"PRIu32"\n", creation_time, req_host != 0, + fprintf(f, "%.0f %d %s %d %s %d %d %" PRIu32"\n", creation_time, req_host != 0, req_host ? req_host : req_addr.AsString().c_str(), failed, (names && names[0]) ? names[0] : "*", map_type, num_addrs, req_ttl); diff --git a/src/H3.h b/src/H3.h index 321fda924b..3b4b9ee539 100644 --- a/src/H3.h +++ b/src/H3.h @@ -110,7 +110,7 @@ public: T result = 0; // loop optmized with Duff's Device - register unsigned n = (size + 7) / 8; + unsigned n = (size + 7) / 8; switch ( size % 8 ) { case 0: do { result ^= byte_lookup[offset++][*p++]; case 7: result ^= byte_lookup[offset++][*p++]; diff --git a/src/Reassem.cc b/src/Reassem.cc index 27fb26561f..1ad0cb2717 100644 --- a/src/Reassem.cc +++ b/src/Reassem.cc @@ -182,7 +182,7 @@ DataBlock* Reassembler::AddAndCheck(DataBlock* b, uint64 seq, uint64 upper, { if ( DEBUG_reassem ) { - DEBUG_MSG("%.6f Reassembler::AddAndCheck seq=%"PRIu64", upper=%"PRIu64"\n", + DEBUG_MSG("%.6f Reassembler::AddAndCheck seq=%" PRIu64", upper=%" PRIu64"\n", network_time, seq, upper); } diff --git a/src/RemoteSerializer.cc b/src/RemoteSerializer.cc index b475c4a8cc..9756e0b0ae 100644 --- a/src/RemoteSerializer.cc +++ b/src/RemoteSerializer.cc @@ -707,7 +707,7 @@ RemoteSerializer::PeerID RemoteSerializer::Connect(const IPAddr& ip, const size_t BUFSIZE = 1024; char* data = new char[BUFSIZE]; snprintf(data, BUFSIZE, - "%"PRI_PTR_COMPAT_UINT",%s,%s,%"PRIu16",%"PRIu32",%d", p->id, + "%" PRI_PTR_COMPAT_UINT",%s,%s,%" PRIu16",%" PRIu32",%d", p->id, ip.AsString().c_str(), zone_id.c_str(), port, uint32(retry), use_ssl); @@ -1267,7 +1267,7 @@ bool RemoteSerializer::Listen(const IPAddr& ip, uint16 port, bool expect_ssl, const size_t BUFSIZE = 1024; char* data = new char[BUFSIZE]; - snprintf(data, BUFSIZE, "%s,%"PRIu16",%d,%d,%s,%"PRIu32, + snprintf(data, BUFSIZE, "%s,%" PRIu16",%d,%d,%s,%" PRIu32, ip.AsString().c_str(), port, expect_ssl, ipv6, zone_id.c_str(), (uint32) retry); @@ -4075,7 +4075,7 @@ bool SocketComm::Connect(Peer* peer) const size_t BUFSIZE = 1024; char* data = new char[BUFSIZE]; - snprintf(data, BUFSIZE, "%s,%"PRIu32, peer->ip.AsString().c_str(), + snprintf(data, BUFSIZE, "%s,%" PRIu32, peer->ip.AsString().c_str(), peer->port); if ( ! SendToParent(MSG_CONNECTED, peer, data) ) @@ -4190,7 +4190,7 @@ bool SocketComm::Listen() setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0 ) Error(fmt("can't set IPV6_V6ONLY, %s", strerror(errno))); - if ( bind(fd, res->ai_addr, res->ai_addrlen) < 0 ) + if ( ::bind(fd, res->ai_addr, res->ai_addrlen) < 0 ) { Error(fmt("can't bind to %s:%s, %s", l_addr_str.c_str(), port_str, strerror(errno))); @@ -4287,7 +4287,7 @@ bool SocketComm::AcceptConnection(int fd) const size_t BUFSIZE = 1024; char* data = new char[BUFSIZE]; - snprintf(data, BUFSIZE, "%s,%"PRIu32, peer->ip.AsString().c_str(), + snprintf(data, BUFSIZE, "%s,%" PRIu32, peer->ip.AsString().c_str(), peer->port); if ( ! SendToParent(MSG_CONNECTED, peer, data) ) diff --git a/src/SerializationFormat.cc b/src/SerializationFormat.cc index 6a133d64e4..58935fe175 100644 --- a/src/SerializationFormat.cc +++ b/src/SerializationFormat.cc @@ -541,19 +541,19 @@ bool XMLSerializationFormat::Write(uint16 v, const char* tag) bool XMLSerializationFormat::Write(uint32 v, const char* tag) { - const char* tmp = fmt("%"PRIu32, v); + const char* tmp = fmt("%" PRIu32, v); return WriteElem(tag, "uint32", tmp, strlen(tmp)); } bool XMLSerializationFormat::Write(uint64 v, const char* tag) { - const char* tmp = fmt("%"PRIu64, v); + const char* tmp = fmt("%" PRIu64, v); return WriteElem(tag, "uint64", tmp, strlen(tmp)); } bool XMLSerializationFormat::Write(int64 v, const char* tag) { - const char* tmp = fmt("%"PRId64, v); + const char* tmp = fmt("%" PRId64, v); return WriteElem(tag, "int64", tmp, strlen(tmp)); } diff --git a/src/Sessions.cc b/src/Sessions.cc index 43e55dd95a..ffc2baf944 100644 --- a/src/Sessions.cc +++ b/src/Sessions.cc @@ -544,7 +544,7 @@ void NetSessions::DoNextPacket(double t, const struct pcap_pkthdr* hdr, if ( proto_typ != 0x0800 && proto_typ != 0x86dd ) { // Not IPv4/IPv6 payload. - Weird(fmt("unknown_gre_protocol_%"PRIu16, proto_typ), ip_hdr, + Weird(fmt("unknown_gre_protocol_%" PRIu16, proto_typ), ip_hdr, encapsulation); return; } diff --git a/src/Stats.cc b/src/Stats.cc index 6cf9a622e1..01ca0a41d3 100644 --- a/src/Stats.cc +++ b/src/Stats.cc @@ -160,7 +160,7 @@ void ProfileLogger::Log() file->Write(fmt("%.06f Connections expired due to inactivity: %d\n", network_time, killed_by_inactivity)); - file->Write(fmt("%.06f Total reassembler data: %"PRIu64"K\n", network_time, + file->Write(fmt("%.06f Total reassembler data: %" PRIu64"K\n", network_time, Reassembler::TotalMemoryAllocation() / 1024)); // Signature engine. diff --git a/src/analyzer/Analyzer.cc b/src/analyzer/Analyzer.cc index fb5602f96e..b4048af467 100644 --- a/src/analyzer/Analyzer.cc +++ b/src/analyzer/Analyzer.cc @@ -598,7 +598,7 @@ SupportAnalyzer* Analyzer::FirstSupportAnalyzer(bool orig) void Analyzer::DeliverPacket(int len, const u_char* data, bool is_orig, uint64 seq, const IP_Hdr* ip, int caplen) { - DBG_LOG(DBG_ANALYZER, "%s DeliverPacket(%d, %s, %"PRIu64", %p, %d) [%s%s]", + DBG_LOG(DBG_ANALYZER, "%s DeliverPacket(%d, %s, %" PRIu64", %p, %d) [%s%s]", fmt_analyzer(this).c_str(), len, is_orig ? "T" : "F", seq, ip, caplen, fmt_bytes((const char*) data, min(40, len)), len > 40 ? "..." : ""); } @@ -612,7 +612,7 @@ void Analyzer::DeliverStream(int len, const u_char* data, bool is_orig) void Analyzer::Undelivered(uint64 seq, int len, bool is_orig) { - DBG_LOG(DBG_ANALYZER, "%s Undelivered(%"PRIu64", %d, %s)", + DBG_LOG(DBG_ANALYZER, "%s Undelivered(%" PRIu64", %d, %s)", fmt_analyzer(this).c_str(), seq, len, is_orig ? "T" : "F"); } diff --git a/src/analyzer/protocol/http/HTTP.cc b/src/analyzer/protocol/http/HTTP.cc index e63c8280c9..924c958e43 100644 --- a/src/analyzer/protocol/http/HTTP.cc +++ b/src/analyzer/protocol/http/HTTP.cc @@ -416,7 +416,7 @@ void HTTP_Entity::SubmitHeader(mime::MIME_Header* h) int64_t len = l - f + 1; if ( DEBUG_http ) - DEBUG_MSG("Content-Range length = %"PRId64"\n", len); + DEBUG_MSG("Content-Range length = %" PRId64"\n", len); if ( len > 0 ) { @@ -1060,7 +1060,7 @@ void HTTP_Analyzer::Undelivered(uint64 seq, int len, bool is_orig) { if ( msg ) msg->SubmitEvent(mime::MIME_EVENT_CONTENT_GAP, - fmt("seq=%"PRIu64", len=%d", seq, len)); + fmt("seq=%" PRIu64", len=%d", seq, len)); } // Check if the content gap falls completely within a message body diff --git a/src/analyzer/protocol/smtp/SMTP.cc b/src/analyzer/protocol/smtp/SMTP.cc index 61ed1a4949..a835672378 100644 --- a/src/analyzer/protocol/smtp/SMTP.cc +++ b/src/analyzer/protocol/smtp/SMTP.cc @@ -21,7 +21,9 @@ static const char* smtp_cmd_word[] = { #include "SMTP_cmd.def" }; -#define SMTP_CMD_WORD(code) ((code >= 0) ? smtp_cmd_word[code] : "(UNKNOWN)") +static const char* unknown_cmd = "(UNKNOWN)"; + +#define SMTP_CMD_WORD(code) ((code >= 0) ? smtp_cmd_word[code] : unknown_cmd) SMTP_Analyzer::SMTP_Analyzer(Connection* conn) @@ -83,7 +85,7 @@ void SMTP_Analyzer::Undelivered(uint64 seq, int len, bool is_orig) if ( len <= 0 ) return; - const char* buf = fmt("seq = %"PRIu64", len = %d", seq, len); + const char* buf = fmt("seq = %" PRIu64", len = %d", seq, len); int buf_len = strlen(buf); Unexpected(is_orig, "content gap", buf_len, buf); @@ -422,7 +424,6 @@ void SMTP_Analyzer::NewReply(const int reply_code) if ( state == SMTP_AFTER_GAP && reply_code > 0 ) { state = SMTP_GAP_RECOVERY; - const char* unknown_cmd = SMTP_CMD_WORD(-1); RequestEvent(strlen(unknown_cmd), unknown_cmd, 0, ""); /* if ( line_after_gap ) diff --git a/src/analyzer/protocol/snmp/snmp-analyzer.pac b/src/analyzer/protocol/snmp/snmp-analyzer.pac index cc190e6ebe..feb4474feb 100644 --- a/src/analyzer/protocol/snmp/snmp-analyzer.pac +++ b/src/analyzer/protocol/snmp/snmp-analyzer.pac @@ -84,7 +84,7 @@ StringVal* asn1_oid_to_val(const ASN1Encoding* oid) if ( i > 0 ) { rval += "."; - snprintf(tmp, sizeof(tmp), "%"PRIu64, subidentifier_values[i]); + snprintf(tmp, sizeof(tmp), "%" PRIu64, subidentifier_values[i]); rval += tmp; } else diff --git a/src/analyzer/protocol/tcp/TCP.cc b/src/analyzer/protocol/tcp/TCP.cc index f9fb0fb2b7..88def89689 100644 --- a/src/analyzer/protocol/tcp/TCP.cc +++ b/src/analyzer/protocol/tcp/TCP.cc @@ -1901,7 +1901,7 @@ void TCP_ApplicationAnalyzer::DeliverPacket(int len, const u_char* data, const IP_Hdr* ip, int caplen) { Analyzer::DeliverPacket(len, data, is_orig, seq, ip, caplen); - DBG_LOG(DBG_ANALYZER, "TCP_ApplicationAnalyzer ignoring DeliverPacket(%d, %s, %"PRIu64", %p, %d) [%s%s]", + DBG_LOG(DBG_ANALYZER, "TCP_ApplicationAnalyzer ignoring DeliverPacket(%d, %s, %" PRIu64", %p, %d) [%s%s]", len, is_orig ? "T" : "F", seq, ip, caplen, fmt_bytes((const char*) data, min(40, len)), len > 40 ? "..." : ""); } @@ -2053,7 +2053,7 @@ int TCPStats_Endpoint::DataSent(double /* t */, uint64 seq, int len, int caplen, num_rxmit_bytes += len; } - DEBUG_MSG("%.6f rexmit %"PRIu64" + %d <= %"PRIu64" data_in_flight = %d\n", + DEBUG_MSG("%.6f rexmit %" PRIu64" + %d <= %" PRIu64" data_in_flight = %d\n", network_time, seq, len, max_top_seq, data_in_flight); if ( tcp_rexmit ) diff --git a/src/analyzer/protocol/tcp/TCP_Reassembler.cc b/src/analyzer/protocol/tcp/TCP_Reassembler.cc index 0f7699011e..e00e32ef1b 100644 --- a/src/analyzer/protocol/tcp/TCP_Reassembler.cc +++ b/src/analyzer/protocol/tcp/TCP_Reassembler.cc @@ -188,7 +188,7 @@ void TCP_Reassembler::Undelivered(uint64 up_to_seq) if ( DEBUG_tcp_contents ) { - DEBUG_MSG("%.6f Undelivered: IsOrig()=%d up_to_seq=%"PRIu64", last_reassm=%"PRIu64", " + DEBUG_MSG("%.6f Undelivered: IsOrig()=%d up_to_seq=%" PRIu64", last_reassm=%" PRIu64", " "endp: FIN_cnt=%d, RST_cnt=%d, " "peer: FIN_cnt=%d, RST_cnt=%d\n", network_time, IsOrig(), up_to_seq, last_reassem_seq, @@ -219,7 +219,7 @@ void TCP_Reassembler::Undelivered(uint64 up_to_seq) { if ( DEBUG_tcp_contents ) { - DEBUG_MSG("%.6f Undelivered: IsOrig()=%d, seq=%"PRIu64", len=%"PRIu64", " + DEBUG_MSG("%.6f Undelivered: IsOrig()=%d, seq=%" PRIu64", len=%" PRIu64", " "skip_deliveries=%d\n", network_time, IsOrig(), last_reassem_seq, up_to_seq - last_reassem_seq, @@ -350,7 +350,7 @@ void TCP_Reassembler::RecordBlock(DataBlock* b, BroFile* f) void TCP_Reassembler::RecordGap(uint64 start_seq, uint64 upper_seq, BroFile* f) { - if ( f->Write(fmt("\n<>\n", upper_seq - start_seq)) ) + if ( f->Write(fmt("\n<>\n", upper_seq - start_seq)) ) return; reporter->Error("TCP_Reassembler contents gap write failed"); @@ -420,7 +420,7 @@ void TCP_Reassembler::BlockInserted(DataBlock* start_block) void TCP_Reassembler::Overlap(const u_char* b1, const u_char* b2, uint64 n) { if ( DEBUG_tcp_contents ) - DEBUG_MSG("%.6f TCP contents overlap: %"PRIu64" IsOrig()=%d\n", network_time, n, IsOrig()); + DEBUG_MSG("%.6f TCP contents overlap: %" PRIu64" IsOrig()=%d\n", network_time, n, IsOrig()); if ( rexmit_inconsistency && memcmp((const void*) b1, (const void*) b2, n) && @@ -465,7 +465,7 @@ int TCP_Reassembler::DataSent(double t, uint64 seq, int len, if ( DEBUG_tcp_contents ) { - DEBUG_MSG("%.6f DataSent: IsOrig()=%d seq=%"PRIu64" upper=%"PRIu64" ack=%"PRIu64"\n", + DEBUG_MSG("%.6f DataSent: IsOrig()=%d seq=%" PRIu64" upper=%" PRIu64" ack=%" PRIu64"\n", network_time, IsOrig(), seq, upper_seq, ack); } diff --git a/src/cq.c b/src/cq.c index c5405e526a..8005544400 100644 --- a/src/cq.c +++ b/src/cq.c @@ -357,7 +357,7 @@ cq_remove(register struct cq_handle *hp, register double pri, /* The priority must be positive and the cookie non-null */ if (pri <= 0.0 || cookie == NULL) - return (-0); + return (0); bp = hp->buckets + PRI2BUCKET(hp, pri); if (! BUCKETINUSE(bp)) @@ -370,7 +370,7 @@ cq_remove(register struct cq_handle *hp, register double pri, } if ( ! bp ) - return (-0); + return (0); /* Unlink entry */ if ( ! bp2 ) { From 832a2b7bab35e794ed8166452d76387cf433cc78 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Mon, 27 Oct 2014 13:03:46 -0500 Subject: [PATCH 02/14] Updating CHANGES and VERSION. --- CHANGES | 4 ++++ VERSION | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 60f6c515e2..b41bb8a200 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,8 @@ +2.3-260 | 2014-10-27 12:54:17 -0500 + + * Fix errors/warnings when compiling with -std=c++11 (Jon Siwek) + 2.3-259 | 2014-10-27 10:04:04 -0500 * Documentation fixes. (Vicente Jimenez Aguilar and Stefano Azzalini) diff --git a/VERSION b/VERSION index 2ca780950f..30b361afe2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.3-259 +2.3-260 From ed73c83b61910b7c5916e46f8a37dfdb145487ef Mon Sep 17 00:00:00 2001 From: Johanna Amann Date: Tue, 28 Oct 2014 07:20:26 -0700 Subject: [PATCH 03/14] Fix checking of fwrite return values --- src/File.cc | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/src/File.cc b/src/File.cc index bf6a7e7f51..be46615581 100644 --- a/src/File.cc +++ b/src/File.cc @@ -708,10 +708,10 @@ void BroFile::InitEncrypt(const char* keyfile) secret_len = htonl(secret_len); - if ( ! (fwrite("BROENC1", 7, 1, f) && - fwrite(&secret_len, sizeof(secret_len), 1, f) && - fwrite(secret, ntohl(secret_len), 1, f) && - fwrite(iv, iv_len, 1, f)) ) + if ( fwrite("BROENC1", 7, 1, f) < 7 || + fwrite(&secret_len, sizeof(secret_len), 1, f) < sizeof(secret_len) || + fwrite(secret, ntohl(secret_len), 1, f) < ntohl(secret_len) || + fwrite(iv, iv_len, 1, f) < iv_len ) { reporter->Error("can't write header to log file %s: %s", name, strerror(errno)); @@ -736,7 +736,7 @@ void BroFile::FinishEncrypt() int outl; EVP_SealFinal(cipher_ctx, cipher_buffer, &outl); - if ( outl && ! fwrite(cipher_buffer, outl, 1, f) ) + if ( outl && fwrite(cipher_buffer, outl, 1, f) < outl ) { reporter->Error("write error for %s: %s", name, strerror(errno)); @@ -777,7 +777,7 @@ int BroFile::Write(const char* data, int len) return 0; } - if ( outl && ! fwrite(cipher_buffer, outl, 1, f) ) + if ( outl && fwrite(cipher_buffer, outl, 1, f) < outl ) { reporter->Error("write error for %s: %s", name, strerror(errno)); @@ -792,8 +792,7 @@ int BroFile::Write(const char* data, int len) return 1; } - len = fwrite(data, 1, len, f); - if ( len <= 0 ) + if ( fwrite(data, 1, len, f) < len ) return false; if ( rotate_size && current_size < rotate_size && current_size + len >= rotate_size ) From e5f75cde9340c203744d6808554ac64f6a289079 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Tue, 28 Oct 2014 14:21:16 -0500 Subject: [PATCH 04/14] BIT-1280: Fix checking vector indices via "in". $ cat test.bro local vec: vector of string = { "zero" }; vec[2] = "two"; print 0 in vec, 1 in vec, 2 in vec; $ bro -b test.bro T, F, T --- src/Expr.cc | 12 +++++++++--- .../Baseline/language.vector-in-operator/out | 11 +++++++++++ testing/btest/language/vector-in-operator.bro | 17 +++++++++++++++++ 3 files changed, 37 insertions(+), 3 deletions(-) create mode 100644 testing/btest/Baseline/language.vector-in-operator/out create mode 100644 testing/btest/language/vector-in-operator.bro diff --git a/src/Expr.cc b/src/Expr.cc index 4a29c11cb5..c7ea906865 100644 --- a/src/Expr.cc +++ b/src/Expr.cc @@ -636,7 +636,7 @@ Val* BinaryExpr::Eval(Frame* f) const return v_result; } - if ( is_vec1 || is_vec2 ) + if ( IsVector(Type()->Tag()) && (is_vec1 || is_vec2) ) { // fold vector against scalar VectorVal* vv = (is_vec1 ? v1 : v2)->AsVectorVal(); VectorVal* v_result = new VectorVal(Type()->AsVectorType()); @@ -4703,8 +4703,14 @@ Val* InExpr::Fold(Val* v1, Val* v2) const v2->Type()->Tag() == TYPE_SUBNET ) return new Val(v2->AsSubNetVal()->Contains(v1->AsAddr()), TYPE_BOOL); - TableVal* vt = v2->AsTableVal(); - if ( vt->Lookup(v1, false) ) + Val* res; + + if ( is_vector(v2) ) + res = v2->AsVectorVal()->Lookup(v1); + else + res = v2->AsTableVal()->Lookup(v1, false); + + if ( res ) return new Val(1, TYPE_BOOL); else return new Val(0, TYPE_BOOL); diff --git a/testing/btest/Baseline/language.vector-in-operator/out b/testing/btest/Baseline/language.vector-in-operator/out new file mode 100644 index 0000000000..5d4600a188 --- /dev/null +++ b/testing/btest/Baseline/language.vector-in-operator/out @@ -0,0 +1,11 @@ +[zero, one, , , , five, , seven] +vec[0] = zero.exe +vec[1] = one.exe +vec[2] = +vec[3] = +vec[4] = +vec[5] = five.exe +vec[6] = +vec[7] = seven.exe +vec[8] = +vec[9] = diff --git a/testing/btest/language/vector-in-operator.bro b/testing/btest/language/vector-in-operator.bro new file mode 100644 index 0000000000..5936145363 --- /dev/null +++ b/testing/btest/language/vector-in-operator.bro @@ -0,0 +1,17 @@ +# @TEST-EXEC: bro -b %INPUT >out +# @TEST-EXEC: btest-diff out + +local ten = "0123456789"; +local vec: vector of string = { "zero", "one" }; +local n = 0; +vec[5] = "five"; +vec[7] = "seven"; +print vec; +vec = vec + ".exe"; + +for ( c in ten ) + { + local is_set: bool = (n in vec); + print fmt("vec[%s] = %s", n, is_set ? vec[n] : ""); + ++n; + } From 1f7facda5b6a589d5d1046b078435821a1766468 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Thu, 30 Oct 2014 12:19:25 -0500 Subject: [PATCH 05/14] Fix segfault if when statement's RHS is unitialized. If it is ever assigned a value, the body of the when can be triggered as usual. Addresses BIT-1176. --- src/Trigger.cc | 2 +- .../language.when-unitialized-rhs/out | 38 +++++++++++++++++++ .../btest/language/when-unitialized-rhs.bro | 32 ++++++++++++++++ 3 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 testing/btest/Baseline/language.when-unitialized-rhs/out create mode 100644 testing/btest/language/when-unitialized-rhs.bro diff --git a/src/Trigger.cc b/src/Trigger.cc index ed5d0e18f6..c2ca9aeb6b 100644 --- a/src/Trigger.cc +++ b/src/Trigger.cc @@ -206,7 +206,7 @@ bool Trigger::Eval() return false; } - if ( v->IsZero() ) + if ( ! v || v->IsZero() ) { // Not true. Perhaps next time... DBG_LOG(DBG_NOTIFIERS, "%s: trigger condition is false", Name()); diff --git a/testing/btest/Baseline/language.when-unitialized-rhs/out b/testing/btest/Baseline/language.when-unitialized-rhs/out new file mode 100644 index 0000000000..620b384da2 --- /dev/null +++ b/testing/btest/Baseline/language.when-unitialized-rhs/out @@ -0,0 +1,38 @@ +error in /Users/jsiwek/Projects/bro/bro/testing/btest/.tmp/language.when-unitialized-rhs/when-unitialized-rhs.bro, line 9: value used but not set (crashMe) +error in /Users/jsiwek/Projects/bro/bro/testing/btest/.tmp/language.when-unitialized-rhs/when-unitialized-rhs.bro, line 14: value used but not set (x) +1 +2 +3 +4 +5 +6 +7 +8 +9 +10 +2nd when stmt executing, 999 +1st when stmt executing, not anymore you don't +11 +12 +13 +14 +15 +16 +17 +18 +19 +20 +21 +22 +23 +24 +25 +26 +27 +28 +29 +30 +31 +32 +33 +34 diff --git a/testing/btest/language/when-unitialized-rhs.bro b/testing/btest/language/when-unitialized-rhs.bro new file mode 100644 index 0000000000..21b94c6e02 --- /dev/null +++ b/testing/btest/language/when-unitialized-rhs.bro @@ -0,0 +1,32 @@ +# @TEST-EXEC: bro -b -r $TRACES/wikipedia.trace %INPUT >out 2>&1 +# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out + +global crashMe: function(): string; +global x: int; + +event bro_init() + { + when( local result = crashMe() ) + { + print "1st when stmt executing", result; + } + + when( local other_result = x ) + { + print "2nd when stmt executing", other_result; + } + } + +global conn_count = 0; + +event new_connection(c: connection) + { + ++conn_count; + print conn_count; + + if ( conn_count == 10 ) + { + x = 999; + crashMe = function(): string { return "not anymore you don't"; }; + } + } From dec96234e3604302c612ddbee4a8c84ce24bfe44 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Thu, 30 Oct 2014 13:25:29 -0500 Subject: [PATCH 06/14] Fix some minor Coverity Scan complaints. --- CHANGES | 4 ++++ VERSION | 2 +- src/Flare.cc | 2 +- src/iosource/PktSrc.cc | 1 + src/iosource/PktSrc.h | 4 ++++ src/iosource/pcap/Source.cc | 3 +++ 6 files changed, 14 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index beadb32a63..7c7da83804 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,8 @@ +2.3-264 | 2014-10-30 13:25:57 -0500 + + * Fix some minor Coverity Scan complaints. (Jon Siwek) + 2.3-263 | 2014-10-28 15:09:10 -0500 * Fix checking of fwrite return values (Johanna Amann) diff --git a/VERSION b/VERSION index a24ec6faab..b62bade18f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.3-263 +2.3-264 diff --git a/src/Flare.cc b/src/Flare.cc index dcb5fa2c1f..5df6d663aa 100644 --- a/src/Flare.cc +++ b/src/Flare.cc @@ -22,7 +22,7 @@ static void bad_pipe_op(const char* which) void Flare::Fire() { - char tmp; + char tmp = 0; for ( ; ; ) { diff --git a/src/iosource/PktSrc.cc b/src/iosource/PktSrc.cc index eaf85bbfa4..527dadd393 100644 --- a/src/iosource/PktSrc.cc +++ b/src/iosource/PktSrc.cc @@ -506,6 +506,7 @@ bool PktSrc::ApplyBPFFilter(int index, const struct pcap_pkthdr *hdr, const u_ch { Error(fmt("BPF filter %d not compiled", index)); Close(); + return false; } if ( code->MatchesAnything() ) diff --git a/src/iosource/PktSrc.h b/src/iosource/PktSrc.h index 9c05115257..7137798129 100644 --- a/src/iosource/PktSrc.h +++ b/src/iosource/PktSrc.h @@ -266,7 +266,11 @@ protected: Properties() { + selectable_fd = -1; + link_type = -1; + hdr_size = -1; netmask = PCAP_NETMASK_UNKNOWN; + is_live = false; } }; diff --git a/src/iosource/pcap/Source.cc b/src/iosource/pcap/Source.cc index e96933aaa6..72b19b2f14 100644 --- a/src/iosource/pcap/Source.cc +++ b/src/iosource/pcap/Source.cc @@ -21,6 +21,9 @@ PcapSource::PcapSource(const std::string& path, bool is_live) { props.path = path; props.is_live = is_live; + pd = 0; + memset(¤t_hdr, 0, sizeof(current_hdr)); + memset(&last_hdr, 0, sizeof(last_hdr)); last_data = 0; } From 28770937b5f57cf73354beb850efcfc3a0b5b4af Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Thu, 30 Oct 2014 17:11:46 -0500 Subject: [PATCH 07/14] Add configure options to fine tune local state dirs used by BroControl. --logdir: logs produced at run time --spooldir: other data produced at run time --localstatedir: contains spool or log dirs if those options aren't set Addresses BIT-1166. --- aux/broctl | 2 +- configure | 16 ++++++++++++++++ pkg/make-deb-packages | 5 +++-- pkg/make-rpm-packages | 5 +++-- 4 files changed, 23 insertions(+), 5 deletions(-) diff --git a/aux/broctl b/aux/broctl index 2b13bfcc94..9461f1e1ad 160000 --- a/aux/broctl +++ b/aux/broctl @@ -1 +1 @@ -Subproject commit 2b13bfcc941018c76f74b81a6e74e5e4e723c747 +Subproject commit 9461f1e1ad6f7d2e141af1f543ac1d9bc635770b diff --git a/configure b/configure index 5747586db8..2b1c568b26 100755 --- a/configure +++ b/configure @@ -24,6 +24,13 @@ Usage: $0 [OPTION]... [VAR=VALUE]... --prefix=PREFIX installation directory [/usr/local/bro] --scriptdir=PATH root installation directory for Bro scripts [PREFIX/share/bro] + --localstatedir=PATH when using BroControl, path to store log files + and run-time data (within log/ and spool/ subdirs) + [PREFIX] + --spooldir=PATH when using BroControl, path to store run-time data + [PREFIX/spool] + --logdir=PATH when using BroControl, path to store log file + [PREFIX/logs] --conf-files-dir=PATH config files installation directory [PREFIX/etc] Optional Features: @@ -144,6 +151,15 @@ while [ $# -ne 0 ]; do append_cache_entry BRO_ETC_INSTALL_DIR PATH $optarg user_set_conffilesdir="true" ;; + --localstatedir=*) + append_cache_entry BRO_LOCAL_STATE_DIR PATH $optarg + ;; + --spooldir=*) + append_cache_entry BRO_SPOOL_DIR PATH $optarg + ;; + --logdir=*) + append_cache_entry BRO_LOG_DIR PATH $optarg + ;; --enable-debug) append_cache_entry ENABLE_DEBUG BOOL true ;; diff --git a/pkg/make-deb-packages b/pkg/make-deb-packages index 432de8336a..0a435a756f 100755 --- a/pkg/make-deb-packages +++ b/pkg/make-deb-packages @@ -16,6 +16,7 @@ the 'dpkg-dev' package, please install it first. } prefix=/opt/bro +localstatedir=/var/opt/bro # During the packaging process, `dpkg-shlibs` will fail if used on a library # that links to other internal/project libraries unless an RPATH is used or @@ -31,7 +32,7 @@ cd .. ( cd build && make package ) # Full Bro package -./configure --prefix=${prefix} --pkg-name-prefix=Bro --binary-package +./configure --prefix=${prefix} --localstatedir=${localstatedir} --pkg-name-prefix=Bro --binary-package ( cd build && make package ) # Broccoli @@ -42,6 +43,6 @@ cd ../.. # Broctl cd aux/broctl -./configure --prefix=${prefix} --binary-package +./configure --prefix=${prefix} --localstatedir=${localstatedir} --binary-package ( cd build && make package && mv *.deb ../../../build/ ) cd ../.. diff --git a/pkg/make-rpm-packages b/pkg/make-rpm-packages index 9560cc80ff..43b962f417 100755 --- a/pkg/make-rpm-packages +++ b/pkg/make-rpm-packages @@ -15,6 +15,7 @@ the 'rpm-build' package, please install it first. } prefix=/opt/bro +localstatedir=/var/opt/bro cd .. @@ -24,7 +25,7 @@ cd .. ( cd build && make package ) # Full Bro package -./configure --prefix=${prefix} --pkg-name-prefix=Bro --binary-package +./configure --prefix=${prefix} --localstatedir=${localstatedir} --pkg-name-prefix=Bro --binary-package ( cd build && make package ) # Broccoli @@ -35,6 +36,6 @@ cd ../.. # Broctl cd aux/broctl -./configure --prefix=${prefix} --binary-package +./configure --prefix=${prefix} --localstatedir=${localstatedir} --binary-package ( cd build && make package && mv *.rpm ../../../build/ ) cd ../.. From 2a181a88c5806b8392c0fa004f22789a58cf0a67 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Fri, 31 Oct 2014 10:35:02 -0500 Subject: [PATCH 08/14] Allow arbitrary when statement timeout expressions BIT-1284 #close --- CHANGES | 5 +++++ VERSION | 2 +- src/Trigger.cc | 7 ++++--- testing/btest/language/when.bro | 16 ++++++++++++++-- 4 files changed, 24 insertions(+), 6 deletions(-) diff --git a/CHANGES b/CHANGES index 522c40bc49..7c4d0a9798 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,9 @@ +2.3-267 | 2014-10-31 10:35:02 -0500 + + * BIT-1284: Allow arbitrary when statement timeout expressions + (Jon Siwek) + 2.3-266 | 2014-10-31 09:21:28 -0500 * BIT-1166: Add configure options to fine tune local state dirs used diff --git a/VERSION b/VERSION index e509a66a4e..aad560167b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.3-266 +2.3-267 diff --git a/src/Trigger.cc b/src/Trigger.cc index ed5d0e18f6..3e275ac6d9 100644 --- a/src/Trigger.cc +++ b/src/Trigger.cc @@ -131,18 +131,19 @@ Trigger::Trigger(Expr* arg_cond, Stmt* arg_body, Stmt* arg_timeout_stmts, arg_frame->SetDelayed(); } - Val* timeout = arg_timeout ? arg_timeout->ExprVal() : 0; + Val* timeout_val = arg_timeout ? arg_timeout->Eval(arg_frame) : 0; // Make sure we don't get deleted if somebody calls a method like // Timeout() while evaluating the trigger. Ref(this); - if ( ! Eval() && timeout ) + if ( ! Eval() && timeout_val ) { - timer = new TriggerTimer(timeout->AsInterval(), this); + timer = new TriggerTimer(timeout_val->AsInterval(), this); timer_mgr->Add(timer); } + Unref(timeout_val); Unref(this); } diff --git a/testing/btest/language/when.bro b/testing/btest/language/when.bro index 84c1f06cef..d996d1c026 100644 --- a/testing/btest/language/when.bro +++ b/testing/btest/language/when.bro @@ -8,13 +8,25 @@ event bro_init() { - local h1: addr = 127.0.0.1; + local h: addr = 127.0.0.1; - when ( local h1name = lookup_addr(h1) ) + when ( local hname = lookup_addr(h) ) { print "lookup successful"; terminate(); } + timeout 10sec + { + print "timeout (1)"; + } + + local to = 5sec; + # Just checking that timeouts can use arbitrary expressions... + when ( local hname2 = lookup_addr(h) ) {} + timeout to {} + when ( local hname3 = lookup_addr(h) ) {} + timeout to + 2sec {} + print "done"; } From 3b4e5eda5542d5fa947a41161cfff64867f494be Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Fri, 31 Oct 2014 12:12:22 -0500 Subject: [PATCH 09/14] BIT-1283: Fix crash when using &encrypt. --- CHANGES | 4 ++++ VERSION | 2 +- src/File.cc | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index 7c4d0a9798..a6b5fa8b6a 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,8 @@ +2.3-268 | 2014-10-31 12:12:22 -0500 + + * BIT-1283: Fix crash when using &encrypt. (Jon Siwek) + 2.3-267 | 2014-10-31 10:35:02 -0500 * BIT-1284: Allow arbitrary when statement timeout expressions diff --git a/VERSION b/VERSION index aad560167b..a841cc8a65 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.3-267 +2.3-268 diff --git a/src/File.cc b/src/File.cc index 8d1c063a15..e62ca732cd 100644 --- a/src/File.cc +++ b/src/File.cc @@ -527,7 +527,7 @@ void BroFile::SetAttrs(Attributes* arg_attrs) if ( ef->AttrExpr() ) InitEncrypt(ef->AttrExpr()->ExprVal()->AsString()->CheckString()); else - InitEncrypt(log_encryption_key->AsString()->CheckString()); + InitEncrypt(opt_internal_string("log_encryption_key")->CheckString()); } if ( attrs->FindAttr(ATTR_RAW_OUTPUT) ) From 5ef6dd0e3c68d01561fbd6566653f8b0a139ad0d Mon Sep 17 00:00:00 2001 From: Robin Sommer Date: Fri, 31 Oct 2014 17:44:58 -0700 Subject: [PATCH 10/14] Adding call to new binpac::init() function. --- aux/binpac | 2 +- src/main.cc | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/aux/binpac b/aux/binpac index 3a4684801a..3c80db8b56 160000 --- a/aux/binpac +++ b/aux/binpac @@ -1 +1 @@ -Subproject commit 3a4684801aafa0558383199e9abd711650b53af9 +Subproject commit 3c80db8b5697c7b95e1d0d48ce01b625cf70c5a1 diff --git a/src/main.cc b/src/main.cc index 63949c5093..15aea3d3fe 100644 --- a/src/main.cc +++ b/src/main.cc @@ -775,6 +775,9 @@ int main(int argc, char** argv) // DEBUG_MSG("HMAC key: %s\n", md5_digest_print(shared_hmac_md5_key)); init_hash_function(); + // Must come after hash initialization. + binpac::init(); + ERR_load_crypto_strings(); OPENSSL_add_all_algorithms_conf(); SSL_library_init(); From 395f06d93caa9729018d8bd31d7049d63c772e1f Mon Sep 17 00:00:00 2001 From: Robin Sommer Date: Fri, 31 Oct 2014 17:45:25 -0700 Subject: [PATCH 11/14] Updating submodule(s). [nomail] --- CHANGES | 4 ++++ VERSION | 2 +- aux/binpac | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index 47bf14c0de..3109d4670e 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,8 @@ +2.3-274 | 2014-10-31 17:45:25 -0700 + + * Adding call to new binpac::init() function. (Robin Sommer) + 2.3-272 | 2014-10-31 16:29:42 -0700 * Fix segfault if when statement's RHS is unitialized. Addresses diff --git a/VERSION b/VERSION index 88a48cd475..a11a6bac50 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.3-272 +2.3-274 diff --git a/aux/binpac b/aux/binpac index 3c80db8b56..3a4684801a 160000 --- a/aux/binpac +++ b/aux/binpac @@ -1 +1 @@ -Subproject commit 3c80db8b5697c7b95e1d0d48ce01b625cf70c5a1 +Subproject commit 3a4684801aafa0558383199e9abd711650b53af9 From e0d9adc9c9098ba1ead88adb98c52dc431d80688 Mon Sep 17 00:00:00 2001 From: Robin Sommer Date: Fri, 31 Oct 2014 17:49:02 -0700 Subject: [PATCH 12/14] Updating submodule(s). [nomail] --- aux/binpac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aux/binpac b/aux/binpac index 3a4684801a..7f440d060e 160000 --- a/aux/binpac +++ b/aux/binpac @@ -1 +1 @@ -Subproject commit 3a4684801aafa0558383199e9abd711650b53af9 +Subproject commit 7f440d060e0df675c1aab3357ff7b93fcf1c2cae From 705989da39a89074849b8d1e4a2cc9588f8a3a28 Mon Sep 17 00:00:00 2001 From: Johanna Amann Date: Sat, 1 Nov 2014 19:37:27 -0700 Subject: [PATCH 13/14] add new curves from draft-ietf-tls-negotiated-ff-dhe --- scripts/base/protocols/ssl/consts.bro | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/scripts/base/protocols/ssl/consts.bro b/scripts/base/protocols/ssl/consts.bro index 54952988f0..278a2a37ae 100644 --- a/scripts/base/protocols/ssl/consts.bro +++ b/scripts/base/protocols/ssl/consts.bro @@ -158,6 +158,12 @@ export { [26] = "brainpoolP256r1", [27] = "brainpoolP384r1", [28] = "brainpoolP512r1", + # draft-ietf-tls-negotiated-ff-dhe-02 + [256] = "ffdhe2432", + [257] = "ffdhe3072", + [258] = "ffdhe4096", + [259] = "ffdhe6144", + [260] = "ffdhe8192", [0xFF01] = "arbitrary_explicit_prime_curves", [0xFF02] = "arbitrary_explicit_char2_curves" } &default=function(i: count):string { return fmt("unknown-%d", i); }; From 25a58f501bbd40dbf3c3e4288cbf5a1447751b1f Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Mon, 3 Nov 2014 10:19:48 -0600 Subject: [PATCH 14/14] Updating submodule(s). [nomail] --- aux/binpac | 2 +- aux/bro-aux | 2 +- aux/broccoli | 2 +- aux/broctl | 2 +- cmake | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/aux/binpac b/aux/binpac index 7f440d060e..77a86591dc 160000 --- a/aux/binpac +++ b/aux/binpac @@ -1 +1 @@ -Subproject commit 7f440d060e0df675c1aab3357ff7b93fcf1c2cae +Subproject commit 77a86591dcf89d7252d3676d3f1199d6c927d073 diff --git a/aux/bro-aux b/aux/bro-aux index 95afe42e74..977654dc51 160000 --- a/aux/bro-aux +++ b/aux/bro-aux @@ -1 +1 @@ -Subproject commit 95afe42e7474113a16cb2cb09ebdf8b552c59744 +Subproject commit 977654dc51ab08a2afde32241f108cdb4a581d8f diff --git a/aux/broccoli b/aux/broccoli index 33d0ed4a54..acb8fbe8e7 160000 --- a/aux/broccoli +++ b/aux/broccoli @@ -1 +1 @@ -Subproject commit 33d0ed4a54a6ecf08a0b5fe18831aa413b437066 +Subproject commit acb8fbe8e7bc6ace5135fb73dca8e29432cdc1ca diff --git a/aux/broctl b/aux/broctl index 2f808bc854..39e865dec9 160000 --- a/aux/broctl +++ b/aux/broctl @@ -1 +1 @@ -Subproject commit 2f808bc8541378b1a4953cca02c58c43945d154f +Subproject commit 39e865dec9611b9b53b609cbc8df519cebae0a1e diff --git a/cmake b/cmake index 03de0cc467..1316c07f70 160000 --- a/cmake +++ b/cmake @@ -1 +1 @@ -Subproject commit 03de0cc467d2334dcb851eddd843d59fef217909 +Subproject commit 1316c07f7059647b6c4a496ea36e4b83bb5d8f0f