diff --git a/CHANGES b/CHANGES index 024276620f..6e4b211418 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,22 @@ +2.1-386 | 2013-03-22 12:41:50 -0700 + + * Added reverse() function to strings.bif. (Yun Zheng Hu) + +2.1-384 | 2013-03-22 12:10:14 -0700 + + * Fix record constructors in table initializer indices. Addresses + #660. (Jon Siwek) + +2.1-382 | 2013-03-22 12:01:34 -0700 + + * Add support for 802.1ah (Q-in-Q). Addresses #641. (Seth Hall) + +2.1-380 | 2013-03-18 12:18:10 -0700 + + * Fix gcc compile warnings in base64 encoder and benchmark reader. + (Bernhard Amann) + 2.1-377 | 2013-03-17 17:36:09 -0700 * Fixing potential leak in DNS error case. (Vlad Grigorescu) diff --git a/VERSION b/VERSION index ccb2f89fe9..95253817be 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.1-377 +2.1-386 diff --git a/aux/bro-aux b/aux/bro-aux index ae14da422b..7068100754 160000 --- a/aux/bro-aux +++ b/aux/bro-aux @@ -1 +1 @@ -Subproject commit ae14da422bfb252c8a53bd00d3e5fd7da8bc112e +Subproject commit 70681007546aad6e5648494e882b71adb9165105 diff --git a/aux/broctl b/aux/broctl index 3e3ada3c2e..2b35d03313 160000 --- a/aux/broctl +++ b/aux/broctl @@ -1 +1 @@ -Subproject commit 3e3ada3c2efebeda1278b8897859dd7c7d61e671 +Subproject commit 2b35d0331366865fbf0119919cc9692d55c4538c diff --git a/src/Base64.cc b/src/Base64.cc index d953ec3557..d3abd9b563 100644 --- a/src/Base64.cc +++ b/src/Base64.cc @@ -30,9 +30,9 @@ void Base64Converter::Encode(int len, const unsigned char* data, int* pblen, cha for ( int i = 0, j = 0; (i < len) && ( j < blen ); ) { - uint32_t bit32 = ((i < len ? data[i++] : 0) << 16) + - ((i < len ? data[i++] : 0 & i++) << 8) + - ( i < len ? data[i++] : 0 & i++); + uint32_t bit32 = data[i++] << 16; + bit32 += (i++ < len ? data[i-1] : 0) << 8; + bit32 += i++ < len ? data[i-1] : 0; buf[j++] = alphabet[(bit32 >> 18) & 0x3f]; buf[j++] = alphabet[(bit32 >> 12) & 0x3f]; diff --git a/src/Expr.cc b/src/Expr.cc index 511464d91f..dd514df74b 100644 --- a/src/Expr.cc +++ b/src/Expr.cc @@ -4984,14 +4984,22 @@ Val* ListExpr::InitVal(const BroType* t, Val* aggr) const { ListVal* v = new ListVal(TYPE_ANY); + const type_list* tl = type->AsTypeList()->Types(); + if ( exprs.length() != tl->length() ) + { + Error("index mismatch", t); + return 0; + } + loop_over_list(exprs, i) { - Val* vi = exprs[i]->InitVal(t, 0); + Val* vi = exprs[i]->InitVal((*tl)[i], 0); if ( ! vi ) { Unref(v); return 0; } + v->Append(vi); } return v; diff --git a/src/PktSrc.cc b/src/PktSrc.cc index 2e6953f7f8..105dc90d30 100644 --- a/src/PktSrc.cc +++ b/src/PktSrc.cc @@ -231,6 +231,15 @@ void PktSrc::Process() data += get_link_header_size(datalink); data += 4; // Skip the vlan header pkt_hdr_size = 0; + + // Check for 802.1ah (Q-in-Q) containing IP. + // Only do a second layer of vlan tag + // stripping because there is no + // specification that allows for deeper + // nesting. + if ( ((data[2] << 8) + data[3]) == 0x0800 ) + data += 4; + break; // PPPoE carried over the ethernet frame. diff --git a/src/input/readers/Benchmark.cc b/src/input/readers/Benchmark.cc index 0c25092e08..0584037e05 100644 --- a/src/input/readers/Benchmark.cc +++ b/src/input/readers/Benchmark.cc @@ -8,6 +8,7 @@ #include #include #include +#include #include "../../threading/Manager.h" @@ -71,7 +72,9 @@ string Benchmark::RandomString(const int len) double Benchmark::CurrTime() { struct timeval tv; - assert ( gettimeofday(&tv, 0) >= 0 ); + if ( gettimeofday(&tv, 0) != 0 ) { + FatalError(Fmt("Could not get time: %d", errno)); + } return double(tv.tv_sec) + double(tv.tv_usec) / 1e6; } diff --git a/src/strings.bif b/src/strings.bif index 6c1ca15c5a..e19e970aa0 100644 --- a/src/strings.bif +++ b/src/strings.bif @@ -1122,3 +1122,16 @@ function hexdump%(data_str: string%) : string return result; %} + +## Returns a reversed copy of the string +## +## str: The string to reverse. +## +## Returns: A reversed copy of *str* +## +function reverse%(str: string%) : string + %{ + string s = string((const char*)str->Bytes(), str->Len()); + reverse(s.begin(), s.end()); + return new StringVal(s.length(), (const char*)s.c_str()); + %} diff --git a/testing/btest/Baseline/bifs.reverse/out b/testing/btest/Baseline/bifs.reverse/out new file mode 100644 index 0000000000..97b53df561 --- /dev/null +++ b/testing/btest/Baseline/bifs.reverse/out @@ -0,0 +1,7 @@ +!dlrow olleh +hello world! +risetovotesir +ff00 +00ff +3039 +A diff --git a/testing/btest/Baseline/core.q-in-q/conn.log b/testing/btest/Baseline/core.q-in-q/conn.log new file mode 100644 index 0000000000..00b1b9894f --- /dev/null +++ b/testing/btest/Baseline/core.q-in-q/conn.log @@ -0,0 +1,11 @@ +#separator \x09 +#set_separator , +#empty_field (empty) +#unset_field - +#path conn +#open 2013-03-22-16-36-54 +#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents +#types time string addr port addr port enum string interval count count string bool count string count count count count table[string] +1363900699.548138 UWkUyAuUGXf 172.19.51.37 47808 172.19.51.63 47808 udp - 0.000100 36 0 S0 - 0 D 2 92 0 0 (empty) +1363900699.549647 arKYeMETxOg 193.1.186.60 9875 224.2.127.254 9875 udp - 0.000139 552 0 S0 - 0 D 2 608 0 0 (empty) +#close 2013-03-22-16-36-54 diff --git a/testing/btest/Baseline/language.table-init-record-idx-2/output b/testing/btest/Baseline/language.table-init-record-idx-2/output new file mode 100644 index 0000000000..1496863177 --- /dev/null +++ b/testing/btest/Baseline/language.table-init-record-idx-2/output @@ -0,0 +1,25 @@ +following should all be true... +T +T +T +T +T +T +T +T +1 +1 +1 +following should all be false... +F +F +F +now here's the foo table... +{ +[[a=foo, b=2], 2] = 2, +[[a=baz, b=6], 6] = 6, +[[a=bar, b=4], 4] = 4, +[[a=baz, b=5], 5] = 5, +[[a=bar, b=3], 3] = 3, +[[a=foo, b=1], 1] = 1 +} diff --git a/testing/btest/Baseline/language.table-init-record-idx-3/output b/testing/btest/Baseline/language.table-init-record-idx-3/output new file mode 100644 index 0000000000..b8d1540d0a --- /dev/null +++ b/testing/btest/Baseline/language.table-init-record-idx-3/output @@ -0,0 +1,25 @@ +following should all be true... +T +T +T +T +T +T +T +T +1 +1 +1 +following should all be false... +F +F +F +now here's the foo table... +{ +[[a=baz, b=5]] = 5, +[[a=foo, b=2]] = 2, +[[a=baz, b=6]] = 6, +[[a=foo, b=1]] = 1, +[[a=bar, b=4]] = 4, +[[a=bar, b=3]] = 3 +} diff --git a/testing/btest/Baseline/language.table-init-record-idx-4/language.table-init-record-idx-2/output b/testing/btest/Baseline/language.table-init-record-idx-4/language.table-init-record-idx-2/output new file mode 100644 index 0000000000..1496863177 --- /dev/null +++ b/testing/btest/Baseline/language.table-init-record-idx-4/language.table-init-record-idx-2/output @@ -0,0 +1,25 @@ +following should all be true... +T +T +T +T +T +T +T +T +1 +1 +1 +following should all be false... +F +F +F +now here's the foo table... +{ +[[a=foo, b=2], 2] = 2, +[[a=baz, b=6], 6] = 6, +[[a=bar, b=4], 4] = 4, +[[a=baz, b=5], 5] = 5, +[[a=bar, b=3], 3] = 3, +[[a=foo, b=1], 1] = 1 +} diff --git a/testing/btest/Baseline/language.table-init-record-idx-4/output b/testing/btest/Baseline/language.table-init-record-idx-4/output new file mode 100644 index 0000000000..1496863177 --- /dev/null +++ b/testing/btest/Baseline/language.table-init-record-idx-4/output @@ -0,0 +1,25 @@ +following should all be true... +T +T +T +T +T +T +T +T +1 +1 +1 +following should all be false... +F +F +F +now here's the foo table... +{ +[[a=foo, b=2], 2] = 2, +[[a=baz, b=6], 6] = 6, +[[a=bar, b=4], 4] = 4, +[[a=baz, b=5], 5] = 5, +[[a=bar, b=3], 3] = 3, +[[a=foo, b=1], 1] = 1 +} diff --git a/testing/btest/Baseline/language.table-init-record-idx/output b/testing/btest/Baseline/language.table-init-record-idx/output new file mode 100644 index 0000000000..b8d1540d0a --- /dev/null +++ b/testing/btest/Baseline/language.table-init-record-idx/output @@ -0,0 +1,25 @@ +following should all be true... +T +T +T +T +T +T +T +T +1 +1 +1 +following should all be false... +F +F +F +now here's the foo table... +{ +[[a=baz, b=5]] = 5, +[[a=foo, b=2]] = 2, +[[a=baz, b=6]] = 6, +[[a=foo, b=1]] = 1, +[[a=bar, b=4]] = 4, +[[a=bar, b=3]] = 3 +} diff --git a/testing/btest/Traces/q-in-q.trace b/testing/btest/Traces/q-in-q.trace new file mode 100644 index 0000000000..39969c8063 Binary files /dev/null and b/testing/btest/Traces/q-in-q.trace differ diff --git a/testing/btest/bifs/reverse.bro b/testing/btest/bifs/reverse.bro new file mode 100644 index 0000000000..bbb386bb80 --- /dev/null +++ b/testing/btest/bifs/reverse.bro @@ -0,0 +1,19 @@ +# +# @TEST-EXEC: bro -b %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local s1 = "hello world!"; + local s2 = "rise to vote sir"; + local s3 = "\xff\x00"; + local s4 = "\xff\x39\x30\xff"; + + print reverse(s1); + print reverse(reverse(s1)); + print subst_string(reverse(s2), " ", ""); + print bytestring_to_hexstr(s3); + print bytestring_to_hexstr(reverse(s3)); + print bytestring_to_hexstr(reverse(sub_bytes(s4, 2, 2))); + print reverse("A"); + } diff --git a/testing/btest/core/q-in-q.bro b/testing/btest/core/q-in-q.bro new file mode 100644 index 0000000000..7444e7b458 --- /dev/null +++ b/testing/btest/core/q-in-q.bro @@ -0,0 +1,2 @@ +# @TEST-EXEC: bro -r $TRACES/q-in-q.trace +# @TEST-EXEC: btest-diff conn.log diff --git a/testing/btest/language/table-init-container-ctors.bro b/testing/btest/language/table-init-container-ctors.bro index 4829f41688..1f9e18d848 100644 --- a/testing/btest/language/table-init-container-ctors.bro +++ b/testing/btest/language/table-init-container-ctors.bro @@ -2,7 +2,7 @@ # @TEST-EXEC: btest-diff output # The various container constructor expressions should work in table -# initialization lists. +# initialization lists (as yields). type set_yield: set[string, count]; type vector_yield: vector of count; diff --git a/testing/btest/language/table-init-record-idx.bro b/testing/btest/language/table-init-record-idx.bro new file mode 100644 index 0000000000..db9716dc42 --- /dev/null +++ b/testing/btest/language/table-init-record-idx.bro @@ -0,0 +1,216 @@ +# @TEST-EXEC: bro -b %INPUT >output +# @TEST-EXEC: btest-diff output + +# Record constructors should work in table initializers + +type r: record { + a: string; + b: count; +}; + +global a: r = [$a="foo", $b=1]; +global b: r = [$a="foo", $b=2]; +global c: r = [$a="bar", $b=3]; +global d: r = [$a="bar", $b=4]; +global e: r = [$a="baz", $b=5]; +global f: r = [$a="baz", $b=6]; + +global foo: table[r] of count = { + [a] = 1, + [record($a="foo", $b=2)] = 2, + [[$a="bar", $b=3]] = 3, +}; + +foo[d] = 4; +foo[[$a="baz", $b=5]] = 5; +foo[record($a="baz", $b=6)] = 6; + +print "following should all be true..."; + +print a in foo; +print b in foo; +print c in foo; +print d in foo; +print e in foo; +print f in foo; + +print [$a="foo", $b=1] in foo; +print record($a="foo", $b=1) in foo; + +print foo[a]; +print foo[[$a="foo", $b=1]]; +print foo[record($a="foo", $b=1)]; + +print "following should all be false..."; + +local bah: r = [$a="bah", $b=0]; + +print bah in foo; +print [$a="bah", $b=0] in foo; +print record($a="bah", $b=0) in foo; + +print "now here's the foo table..."; + +print foo; + +# @TEST-START-NEXT + +# They can be part of a compound index type, too... + +type r: record { + a: string; + b: count; +}; + +global a: r = [$a="foo", $b=1]; +global b: r = [$a="foo", $b=2]; +global c: r = [$a="bar", $b=3]; +global d: r = [$a="bar", $b=4]; +global e: r = [$a="baz", $b=5]; +global f: r = [$a="baz", $b=6]; + +global foo: table[r, count] of count = { + [a, 1] = 1, + [record($a="foo", $b=2), 2] = 2, + [[$a="bar", $b=3], 3] = 3, +}; + +foo[d, 4] = 4; +foo[[$a="baz", $b=5], 5] = 5; +foo[record($a="baz", $b=6), 6] = 6; + +print "following should all be true..."; + +print [a, 1] in foo; +print [b, 2] in foo; +print [c, 3] in foo; +print [d, 4] in foo; +print [e, 5] in foo; +print [f, 6] in foo; + +print [[$a="foo", $b=1], 1] in foo; +print [record($a="foo", $b=1), 1] in foo; + +print foo[a, 1]; +print foo[[$a="foo", $b=1], 1]; +print foo[record($a="foo", $b=1), 1]; + +print "following should all be false..."; + +local bah: r = [$a="bah", $b=0]; + +print [bah, 0] in foo; +print [[$a="bah", $b=0], 0] in foo; +print [record($a="bah", $b=0), 0] in foo; + +print "now here's the foo table..."; + +print foo; + +# @TEST-START-NEXT + +# Now checking table() ctor versus { } initializer + +type r: record { + a: string; + b: count; +}; + +global a: r = [$a="foo", $b=1]; +global b: r = [$a="foo", $b=2]; +global c: r = [$a="bar", $b=3]; +global d: r = [$a="bar", $b=4]; +global e: r = [$a="baz", $b=5]; +global f: r = [$a="baz", $b=6]; + +global foo: table[r] of count = table( + [a] = 1, + [record($a="foo", $b=2)] = 2, + [[$a="bar", $b=3]] = 3 +); + +foo[d] = 4; +foo[[$a="baz", $b=5]] = 5; +foo[record($a="baz", $b=6)] = 6; + +print "following should all be true..."; + +print a in foo; +print b in foo; +print c in foo; +print d in foo; +print e in foo; +print f in foo; + +print [$a="foo", $b=1] in foo; +print record($a="foo", $b=1) in foo; + +print foo[a]; +print foo[[$a="foo", $b=1]]; +print foo[record($a="foo", $b=1)]; + +print "following should all be false..."; + +local bah: r = [$a="bah", $b=0]; + +print bah in foo; +print [$a="bah", $b=0] in foo; +print record($a="bah", $b=0) in foo; + +print "now here's the foo table..."; + +print foo; + +# @TEST-START-NEXT + +# Now checking table() ctor versus { } initializer for compound index + +type r: record { + a: string; + b: count; +}; + +global a: r = [$a="foo", $b=1]; +global b: r = [$a="foo", $b=2]; +global c: r = [$a="bar", $b=3]; +global d: r = [$a="bar", $b=4]; +global e: r = [$a="baz", $b=5]; +global f: r = [$a="baz", $b=6]; + +global foo: table[r, count] of count = table( + [a, 1] = 1, + [record($a="foo", $b=2), 2] = 2, + [[$a="bar", $b=3], 3] = 3 +); + +foo[d, 4] = 4; +foo[[$a="baz", $b=5], 5] = 5; +foo[record($a="baz", $b=6), 6] = 6; + +print "following should all be true..."; + +print [a, 1] in foo; +print [b, 2] in foo; +print [c, 3] in foo; +print [d, 4] in foo; +print [e, 5] in foo; +print [f, 6] in foo; + +print [[$a="foo", $b=1], 1] in foo; +print [record($a="foo", $b=1), 1] in foo; + +print foo[a, 1]; +print foo[[$a="foo", $b=1], 1]; +print foo[record($a="foo", $b=1), 1]; + +print "following should all be false..."; + +local bah: r = [$a="bah", $b=0]; + +print [bah, 0] in foo; +print [[$a="bah", $b=0], 0] in foo; +print [record($a="bah", $b=0), 0] in foo; + +print "now here's the foo table..."; + +print foo;