Merge remote-tracking branch 'origin/topic/timw/iptunnel-coverity-findings'

* origin/topic/timw/iptunnel-coverity-findings: Fix Coverity findings from recent IPTunnel dumping changes
2025-10-02 14:48:21 +00:00 · 2025-03-04 08:52:13 -07:00 · 2025-03-04 08:52:13 -07:00 · a2a30f2a2b
commit a2a30f2a2b
parent dfa011a3ee 19d22ad53b
3 changed files with 19 additions and 11 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+7.2.0-dev.255 | 2025-03-04 08:52:13 -0700
+
+  * Fix Coverity findings from recent IPTunnel dumping changes (Tim Wojtulewicz, Corelight)
+
 7.2.0-dev.253 | 2025-03-04 13:38:32 +0000

  * RDP: cookie is optional (Johanna Amann, Corelight)
--- a/2
+++ b/2
@ -1 +1 @@
-7.2.0-dev.253
+7.2.0-dev.255
--- a/src/packet_analysis/protocol/iptunnel/IPTunnel.cc
+++ b/src/packet_analysis/protocol/iptunnel/IPTunnel.cc
@ -101,22 +101,24 @@ bool IPTunnelAnalyzer::ProcessEncapsulatedPacket(double t, Packet* pkt, const st
    else
        data = (const u_char*)inner->IP6_Hdr();

-    auto outer = prev ? prev : std::make_shared<EncapsulationStack>();
+    auto outer = prev ? std::move(prev) : std::make_shared<EncapsulationStack>();
    outer->Add(ec);

    // Construct fake packet containing the inner packet so it can be processed
    // like a normal one.
    Packet p;
    p.Init(DLT_RAW, &ts, caplen, len, data, false, "");
-    p.encap = outer;
+    p.encap = std::move(outer);

    // Forward the packet back to the IP analyzer.
    bool return_val = ForwardPacket(len, data, &p);

    // Propagate the flags from fake inner packet to outer packet
+    if ( pkt ) {
        pkt->processed = p.processed;
        pkt->dump_packet = p.dump_packet;
        pkt->dump_size = (p.dump_size > 0) ? static_cast<int>(data - pkt->data) + p.dump_size : p.dump_size;
+    }

    return return_val;
 }
@ -137,23 +139,25 @@ bool IPTunnelAnalyzer::ProcessEncapsulatedPacket(double t, Packet* pkt, uint32_t
        ts.tv_usec = (suseconds_t)((run_state::network_time - (double)ts.tv_sec) * 1000000);
    }

-    auto outer = prev ? prev : std::make_shared<EncapsulationStack>();
+    auto outer = prev ? std::move(prev) : std::make_shared<EncapsulationStack>();
    outer->Add(ec);

    // Construct fake packet containing the inner packet so it can be processed
    // like a normal one.
    Packet p;
    p.Init(link_type, &ts, caplen, len, data, false, "");
-    p.encap = outer;
+    p.encap = std::move(outer);

    // Process the packet as if it was a brand new packet by passing it back
    // to the packet manager.
    bool return_val = packet_mgr->ProcessInnerPacket(&p);

    // Propagate the flags from fake inner packet to outer packet
+    if ( pkt ) {
        pkt->processed = p.processed;
        pkt->dump_packet = p.dump_packet;
        pkt->dump_size = (p.dump_size > 0) ? static_cast<int>(data - pkt->data) + p.dump_size : p.dump_size;
+    }

    return return_val;
 }