diff --git a/CHANGES b/CHANGES index fcf8dff913..18d42005b1 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,10 @@ +2.3-121 | 2014-08-22 15:22:15 -0700 + + * Detect functions that try to bind variables from an outer scope + and raise an error saying that's not supported. Addresses + BIT-1233. (Jon Siwek) + 2.3-116 | 2014-08-21 16:04:13 -0500 * Adding plugin testing to Makefile's test-all. (Robin Sommer) @@ -36,7 +42,7 @@ 2.3-86 | 2014-07-31 14:19:58 -0700 * Fix for redefining built-in constants. (Robin Sommer) - + * Adding missing check that a plugin's API version matches what Bro defines. (Robin Sommer) @@ -54,7 +60,7 @@ main functionality. Changes coming with this: - Replacing the old Plugin macro magic with a new API. - + - The plugin API changed to generally use std::strings instead of const char*. @@ -123,7 +129,7 @@ 2.3-7 | 2014-06-26 17:35:18 -0700 * Extending "make test-all" to include aux/bro-aux. (Robin Sommer) - + 2.3-6 | 2014-06-26 17:24:10 -0700 * DataSeries compilation issue fixed. (mlaterman) @@ -246,7 +252,7 @@ and the load balancing FAQ on the website. (Daniel Thayer) * Update some doc tests and line numbers (Daniel Thayer) - + 2.2-457 | 2014-05-16 14:38:31 -0700 * New script policy/protocols/ssl/validate-ocsp.bro that adds OSCP @@ -261,7 +267,7 @@ Amann) * Improved Heartbleed attack/scan detection. (Bernhard Amann) - + * Let TLS analyzer fail better when no longer in sync with the data stream. (Bernhard Amann) @@ -298,12 +304,12 @@ *Undelivered methods now use a uint64 in place of an int for the relative sequence space offset parameter. - Addresses BIT-348. + Addresses BIT-348. * Fixing compiler warnings. (Robin Sommer) - + * Update SNMP analyzer's DeliverPacket method signature. (Jon Siwek) - + 2.2-417 | 2014-05-07 10:59:22 -0500 * Change handling of atypical OpenSSL error case in x509 verification. (Jon Siwek) @@ -343,7 +349,7 @@ 2.2-397 | 2014-05-01 20:29:20 -0700 * Fix reference counting for lookup_ID() usages. (Jon Siwek) - + 2.2-395 | 2014-05-01 20:25:48 -0700 * Fix missing "irc-dcc-data" service field from IRC DCC connections. @@ -356,7 +362,7 @@ Siwek) * Improve file analysis manager shutdown/cleanup. (Jon Siwek) - + 2.2-388 | 2014-04-24 18:38:07 -0700 * Fix decoding of MIME quoted-printable. (Mareq) @@ -369,11 +375,11 @@ 2.2-381 | 2014-04-24 17:08:45 -0700 * Add Java version to software framework. (Brian Little) - + 2.2-379 | 2014-04-24 17:06:21 -0700 * Remove unused Val::attribs member. (Jon Siwek) - + 2.2-377 | 2014-04-24 16:57:54 -0700 * A larger set of SSL improvements and extensions. Addresses @@ -386,7 +392,7 @@ server_name, alpn, and ec-curves. - Adds support for the heartbeat events. - + - Add Heartbleed detector script. - Adds basic support for OCSP stapling. @@ -397,7 +403,7 @@ 2.2-353 | 2014-04-24 16:12:30 -0700 * Adapt HTTP partial content to cache file analysis IDs. (Jon Siwek) - + * Adapt SSL analyzer to generate file analysis handles itself. (Jon Siwek) @@ -413,11 +419,11 @@ Siwek) * Refactor file analysis file ID lookup. (Jon Siwek) - + 2.2-344 | 2014-04-22 20:13:30 -0700 * Refactor various hex escaping code. (Jon Siwek) - + 2.2-341 | 2014-04-17 18:01:41 -0500 * Fix duplicate DNS log entries. (Robin Sommer) @@ -425,9 +431,9 @@ 2.2-341 | 2014-04-17 18:01:01 -0500 * Refactor initialization of ASCII log writer options. (Jon Siwek) - + * Fix a memory leak in ASCII log writer. (Jon Siwek) - + 2.2-338 | 2014-04-17 17:48:17 -0500 * Disable input/logging threads setting their names on every @@ -439,7 +445,7 @@ 2.2-335 | 2014-04-10 15:04:57 -0700 * Small logic fix for main SSL script. (Bernhard Amann) - + * Update DPD signatures for detecting TLS 1.2. (Bernhard Amann) * Remove unused data member of SMTP_Analyzer to silence a Coverity @@ -463,7 +469,7 @@ 2.2-317 | 2014-04-03 10:51:31 -0400 - * Add a uid field to the signatures.log. Addresses BIT-1171 + * Add a uid field to the signatures.log. Addresses BIT-1171 (Anthony Verez) 2.2-315 | 2014-04-01 16:50:01 -0700 @@ -474,7 +480,7 @@ 2.2-313 | 2014-04-01 16:40:19 -0700 * Fix a couple nits reported by Coverity.(Jon Siwek) - + * Fix potential memory leak in IP frag reassembly reported by Coverity. (Jon Siwek) @@ -564,14 +570,14 @@ 2.2-271 | 2014-03-30 20:25:17 +0200 * Add unit tests covering vector/set/table ctors/inits. (Jon Siwek) - + * Fix parsing of "local" named table constructors. (Jon Siwek) * Improve type checking of records. Addresses BIT-1159. (Jon Siwek) - + 2.2-267 | 2014-03-30 20:21:43 +0200 - * Improve documentation of Bro clusters. Addresses BIT-1160. + * Improve documentation of Bro clusters. Addresses BIT-1160. (Daniel Thayer) 2.2-263 | 2014-03-30 20:19:05 +0200 @@ -598,7 +604,7 @@ 2.2-254 | 2014-03-30 19:55:22 +0200 * Update instructions on how to build Bro docs. (Daniel Thayer) - + 2.2-251 | 2014-03-28 08:37:37 -0400 * Quick fix to the ElasticSearch writer. (Seth Hall) @@ -628,7 +634,7 @@ formatter work. * Fixing compiler error. (Robin Sommer) - + * Fixing (very unlikely) double delete in HTTP analyzer when decapsulating CONNECTs. (Robin Sommer) @@ -654,7 +660,7 @@ Addresses BIT-1134. (Jon Siwek) * Enable fake DNS mode for test suites. - + * Improve analysis of TCP SYN/SYN-ACK reversal situations. (Jon Siwek) @@ -686,7 +692,7 @@ (Jon Siwek) * Silences some documentation warnings from Sphinx. (Jon Siwek) - + 2.2-215 | 2014-03-10 11:10:15 -0700 * Fix non-deterministic logging of unmatched DNS msgs. Addresses @@ -724,7 +730,7 @@ HTTP traffic. (Seth Hall) * Fixing removal of support analyzers. (Robin Sommer) - + 2.2-199 | 2014-03-03 16:34:20 -0800 * Allow iterating over bif functions with result type vector of any. @@ -739,11 +745,11 @@ 2.2-194 | 2014-02-28 14:50:53 -0800 * Remove packet sorter. Addresses BIT-700. (Bernhard Amann) - + 2.2-192 | 2014-02-28 09:46:43 -0800 * Update Mozilla root bundle. (Bernhard Amann) - + 2.2-190 | 2014-02-27 07:34:44 -0800 * Adjust timings of a few leak tests. (Bernhard Amann) @@ -773,7 +779,7 @@ 2.2-177 | 2014-02-20 17:27:46 -0800 * Update to libmagic version 5.17. Addresses BIT-1136. (Jon Siwek) - + 2.2-174 | 2014-02-14 12:07:04 -0800 * Support for MPLS over VLAN. (Chris Kanich) @@ -802,7 +808,7 @@ defined, but we see it being actively used. (Bernhard Amann) * Test baseline updates for DNS change. (Robin Sommer) - + 2.2-158 | 2014-02-09 23:45:39 -0500 * Change dns.log to include only standard DNS queries. (Jon Siwek) @@ -878,7 +884,7 @@ 2.2-128 | 2014-01-30 15:58:47 -0800 * Add leak test for Exec module. (Bernhard Amann) - + * Fix file_over_new_connection event to trigger when entire file is missed. (Jon Siwek) @@ -891,7 +897,7 @@ "detect_filtered_trace". (Jon Siwek) * Improve TCP FIN retransmission handling. (Jon Siwek) - + 2.2-120 | 2014-01-28 10:25:23 -0800 * Fix and extend x509_extension() event, which now actually returns @@ -909,10 +915,10 @@ 2.2-115 | 2014-01-22 12:11:18 -0800 * Add unit tests for new Bro Manual docs. (Jon Siwek) - + * New content for the "Using Bro" section of the manual. (Rafael Bonilla/Jon Siwek) - + 2.2-105 | 2014-01-20 12:16:48 -0800 * Support GRE tunnel decapsulation, including enhanced GRE headers. @@ -921,7 +927,7 @@ Addresses BIT-867. (Jon Siwek) * Simplify FragReassembler memory management. (Jon Siwek) - + 2.2-102 | 2014-01-20 12:00:29 -0800 * Include file information (MIME type and description) into notice @@ -930,7 +936,7 @@ 2.2-100 | 2014-01-20 11:54:58 -0800 * Fix caching of recently validated SSL certifcates. (Justin Azoff) - + 2.2-98 | 2014-01-20 11:50:32 -0800 * For notice suppresion, instead of storing the entire notice in @@ -958,7 +964,7 @@ the city database instead of just the former. (Jon Siwek) * Broxygen init fixes. Addresses BIT-1110. (Jon Siwek) - + - Don't check mtime of bro binary if BRO_DISABLE_BROXYGEN env var set. - Fix failure to locate bro binary if invoking from a relative @@ -971,7 +977,7 @@ len field being set to zero. (Seth Hall) * Canonify output of a unit test. (Jon Siwek) - + * A set of documentation updates. (Daniel Thayer) - Fix typo in Bro 2.2 NEWS on string indexing. @@ -1018,9 +1024,9 @@ (Jon Siwek) * Close signature files after done parsing. (Jon Siwek) - + * Fix unlikely null ptr deref in broxygen::Manager. (Jon Siwek) - + * FreeBSD build fix addendum: unintended variable shadowing. (Jon Siwek) @@ -1039,7 +1045,7 @@ were cleaned up. Addresses BIT-1103. (Bernhard Amann) * Minor Broxygen improvements. Addresses BIT-1098. (Jon Siwek) - + 2.2-51 | 2013-12-05 07:53:37 -0800 * Improve a unit test involving 'when' conditionals. (Jon Siwek) @@ -1064,7 +1070,7 @@ 2.2-44 | 2013-12-04 12:41:51 -0800 * Fix string slice notation. Addresses BIT-1097. (Jon Siwek) - + Slice ranges were not correctly determined for negative indices and also off by one in general (included one more element at the end of the substring than what actually matched the index range). @@ -1119,7 +1125,7 @@ 2.2-11 | 2013-12-03 10:56:28 -0800 * Unit test for broccoli vector support. (Jon Siwek) - + * Changed ordering of Bro type tag enum, which was out of sync. (Jon Siwek) @@ -1131,14 +1137,14 @@ 2.2-6 | 2013-11-15 07:05:15 -0800 * Make "install-example-configs" target use DESTDIR. (Jon Siwek) - + 2.2-5 | 2013-11-11 13:47:54 -0800 * Fix the irc_reply event for certain server message types. (Seth Hall) * Fixed Segmentation fault in SQLite Writer. (Jon Crussell) - + 2.2 | 2013-11-07 10:25:50 -0800 * Release 2.2. diff --git a/VERSION b/VERSION index 0c55fc3b06..99c4783780 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.3-116 +2.3-121 diff --git a/src/Stmt.cc b/src/Stmt.cc index 3571cad197..cb716b3f15 100644 --- a/src/Stmt.cc +++ b/src/Stmt.cc @@ -660,8 +660,13 @@ void Case::Describe(ODesc* d) const TraversalCode Case::Traverse(TraversalCallback* cb) const { - TraversalCode tc = cases->Traverse(cb); - HANDLE_TC_STMT_PRE(tc); + TraversalCode tc; + + if ( cases ) + { + tc = cases->Traverse(cb); + HANDLE_TC_STMT_PRE(tc); + } tc = s->Traverse(cb); HANDLE_TC_STMT_PRE(tc); diff --git a/src/Var.cc b/src/Var.cc index aa45faaf41..0a196b9cac 100644 --- a/src/Var.cc +++ b/src/Var.cc @@ -9,6 +9,7 @@ #include "Serializer.h" #include "RemoteSerializer.h" #include "EventRegistry.h" +#include "Traverse.h" static Val* init_val(Expr* init, const BroType* t, Val* aggr) { @@ -392,6 +393,34 @@ void begin_func(ID* id, const char* module_name, function_flavor flavor, } } +class OuterIDBindingFinder : public TraversalCallback { +public: + OuterIDBindingFinder(Scope* s) + : scope(s) { } + + virtual TraversalCode PreExpr(const Expr*); + + Scope* scope; + vector outer_id_references; +}; + +TraversalCode OuterIDBindingFinder::PreExpr(const Expr* expr) + { + if ( expr->Tag() != EXPR_NAME ) + return TC_CONTINUE; + + const NameExpr* e = static_cast(expr); + + if ( e->Id()->IsGlobal() ) + return TC_CONTINUE; + + if ( scope->GetIDs()->Lookup(e->Id()->Name()) ) + return TC_CONTINUE; + + outer_id_references.push_back(e); + return TC_CONTINUE; + } + void end_func(Stmt* body, attr_list* attrs) { int frame_size = current_scope()->Length(); @@ -429,6 +458,16 @@ void end_func(Stmt* body, attr_list* attrs) } } + if ( streq(id->Name(), "anonymous-function") ) + { + OuterIDBindingFinder cb(scope); + body->Traverse(&cb); + + for ( size_t i = 0; i < cb.outer_id_references.size(); ++i ) + cb.outer_id_references[i]->Error( + "referencing outer function IDs not supported"); + } + if ( id->HasVal() ) id->ID_Val()->AsFunc()->AddBody(body, inits, frame_size, priority); else diff --git a/testing/btest/Baseline/language.outer_param_binding/out b/testing/btest/Baseline/language.outer_param_binding/out new file mode 100644 index 0000000000..28ad03c85a --- /dev/null +++ b/testing/btest/Baseline/language.outer_param_binding/out @@ -0,0 +1,3 @@ +error in /home/robin/bro/master/testing/btest/.tmp/language.outer_param_binding/outer_param_binding.bro, line 16: referencing outer function IDs not supported (c) +error in /home/robin/bro/master/testing/btest/.tmp/language.outer_param_binding/outer_param_binding.bro, line 16: referencing outer function IDs not supported (d) +error in /home/robin/bro/master/testing/btest/.tmp/language.outer_param_binding/outer_param_binding.bro, line 17: referencing outer function IDs not supported (b) diff --git a/testing/btest/language/outer_param_binding.bro b/testing/btest/language/outer_param_binding.bro new file mode 100644 index 0000000000..fb37fd4712 --- /dev/null +++ b/testing/btest/language/outer_param_binding.bro @@ -0,0 +1,27 @@ +# @TEST-EXEC-FAIL: bro -b %INPUT >out 2>&1 +# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out + +type Foo: record { + x: function(a: string) : string; +}; + +function bar(b: string, c: string) + { + local f: Foo; + local d = 8; + f = [$x=function(a: string) : string + { + local x = 0; + print x; + print c, d; + return cat(a, " ", b); + } + ]; + + print f$x("2"); + } + +event bro_init() + { + bar("1", "20"); + }