mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
Fix packet filter memory leaks
This commit is contained in:
Jon Siwek
parent
7db84dfcb6
commit
a961f0b4c4
5 changed files with 52 additions and 20 deletions
|
|
@ -1,11 +1,25 @@
|
|||
#include "PacketFilter.h"
|
||||
|
||||
void PacketFilter::DeleteFilter(void* data)
|
||||
{
|
||||
auto f = static_cast<Filter*>(data);
|
||||
delete f;
|
||||
}
|
||||
|
||||
PacketFilter::PacketFilter(bool arg_default)
|
||||
{
|
||||
default_match = arg_default;
|
||||
src_filter.SetDeleteFunction(PacketFilter::DeleteFilter);
|
||||
dst_filter.SetDeleteFunction(PacketFilter::DeleteFilter);
|
||||
}
|
||||
|
||||
void PacketFilter::AddSrc(const IPAddr& src, uint32_t tcp_flags, double probability)
|
||||
{
|
||||
Filter* f = new Filter;
|
||||
f->tcp_flags = tcp_flags;
|
||||
f->probability = uint32_t(probability * RAND_MAX);
|
||||
src_filter.Insert(src, 128, f);
|
||||
auto prev = static_cast<Filter*>(src_filter.Insert(src, 128, f));
|
||||
delete prev;
|
||||
}
|
||||
|
||||
void PacketFilter::AddSrc(Val* src, uint32_t tcp_flags, double probability)
|
||||
|
|
@ -13,7 +27,8 @@ void PacketFilter::AddSrc(Val* src, uint32_t tcp_flags, double probability)
|
|||
Filter* f = new Filter;
|
||||
f->tcp_flags = tcp_flags;
|
||||
f->probability = uint32_t(probability * RAND_MAX);
|
||||
src_filter.Insert(src, f);
|
||||
auto prev = static_cast<Filter*>(src_filter.Insert(src, f));
|
||||
delete prev;
|
||||
}
|
||||
|
||||
void PacketFilter::AddDst(const IPAddr& dst, uint32_t tcp_flags, double probability)
|
||||
|
|
@ -21,7 +36,8 @@ void PacketFilter::AddDst(const IPAddr& dst, uint32_t tcp_flags, double probabil
|
|||
Filter* f = new Filter;
|
||||
f->tcp_flags = tcp_flags;
|
||||
f->probability = uint32_t(probability * RAND_MAX);
|
||||
dst_filter.Insert(dst, 128, f);
|
||||
auto prev = static_cast<Filter*>(dst_filter.Insert(dst, 128, f));
|
||||
delete prev;
|
||||
}
|
||||
|
||||
void PacketFilter::AddDst(Val* dst, uint32_t tcp_flags, double probability)
|
||||
|
|
@ -29,27 +45,36 @@ void PacketFilter::AddDst(Val* dst, uint32_t tcp_flags, double probability)
|
|||
Filter* f = new Filter;
|
||||
f->tcp_flags = tcp_flags;
|
||||
f->probability = uint32_t(probability * RAND_MAX);
|
||||
dst_filter.Insert(dst, f);
|
||||
auto prev = static_cast<Filter*>(dst_filter.Insert(dst, f));
|
||||
delete prev;
|
||||
}
|
||||
|
||||
bool PacketFilter::RemoveSrc(const IPAddr& src)
|
||||
{
|
||||
return src_filter.Remove(src, 128) != 0;
|
||||
auto f = static_cast<Filter*>(src_filter.Remove(src, 128));
|
||||
delete f;
|
||||
return f != nullptr;
|
||||
}
|
||||
|
||||
bool PacketFilter::RemoveSrc(Val* src)
|
||||
{
|
||||
return src_filter.Remove(src) != NULL;
|
||||
auto f = static_cast<Filter*>(src_filter.Remove(src));
|
||||
delete f;
|
||||
return f != nullptr;
|
||||
}
|
||||
|
||||
bool PacketFilter::RemoveDst(const IPAddr& dst)
|
||||
{
|
||||
return dst_filter.Remove(dst, 128) != NULL;
|
||||
auto f = static_cast<Filter*>(dst_filter.Remove(dst, 128));
|
||||
delete f;
|
||||
return f != nullptr;
|
||||
}
|
||||
|
||||
bool PacketFilter::RemoveDst(Val* dst)
|
||||
{
|
||||
return dst_filter.Remove(dst) != NULL;
|
||||
auto f = static_cast<Filter*>(dst_filter.Remove(dst));
|
||||
delete f;
|
||||
return f != nullptr;
|
||||
}
|
||||
|
||||
bool PacketFilter::Match(const IP_Hdr* ip, int len, int caplen)
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
|
||||
class PacketFilter {
|
||||
public:
|
||||
explicit PacketFilter(bool arg_default) { default_match = arg_default; }
|
||||
explicit PacketFilter(bool arg_default);
|
||||
~PacketFilter() {}
|
||||
|
||||
// Drops all packets from a particular source (which may be given
|
||||
|
|
@ -34,6 +34,8 @@ private:
|
|||
uint32_t probability;
|
||||
};
|
||||
|
||||
static void DeleteFilter(void* data);
|
||||
|
||||
bool MatchFilter(const Filter& f, const IP_Hdr& ip, int len, int caplen);
|
||||
|
||||
bool default_match;
|
||||
|
|
|
|||
|
|
@ -18,8 +18,8 @@ private:
|
|||
};
|
||||
|
||||
public:
|
||||
PrefixTable() { tree = New_Patricia(128); }
|
||||
~PrefixTable() { Destroy_Patricia(tree, 0); }
|
||||
PrefixTable() { tree = New_Patricia(128); delete_function = nullptr; }
|
||||
~PrefixTable() { Destroy_Patricia(tree, delete_function); }
|
||||
|
||||
// Addr in network byte order. If data is zero, acts like a set.
|
||||
// Returns ptr to old data if already existing.
|
||||
|
|
@ -43,7 +43,10 @@ public:
|
|||
void* Remove(const IPAddr& addr, int width);
|
||||
void* Remove(const Val* value);
|
||||
|
||||
void Clear() { Clear_Patricia(tree, 0); }
|
||||
void Clear() { Clear_Patricia(tree, delete_function); }
|
||||
|
||||
// Sets a function to call for each node when table is cleared/destroyed.
|
||||
void SetDeleteFunction(data_fn_t del_fn) { delete_function = del_fn; }
|
||||
|
||||
iterator InitIterator();
|
||||
void* GetNext(iterator* i);
|
||||
|
|
@ -53,4 +56,5 @@ private:
|
|||
static IPPrefix PrefixToIPPrefix(prefix_t* p);
|
||||
|
||||
patricia_tree_t* tree;
|
||||
data_fn_t delete_function;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -432,7 +432,7 @@ New_Patricia (int maxbits)
|
|||
*/
|
||||
|
||||
void
|
||||
Clear_Patricia (patricia_tree_t *patricia, void_fn_t func)
|
||||
Clear_Patricia (patricia_tree_t *patricia, data_fn_t func)
|
||||
{
|
||||
assert (patricia);
|
||||
if (patricia->head) {
|
||||
|
|
@ -476,7 +476,7 @@ Clear_Patricia (patricia_tree_t *patricia, void_fn_t func)
|
|||
|
||||
|
||||
void
|
||||
Destroy_Patricia (patricia_tree_t *patricia, void_fn_t func)
|
||||
Destroy_Patricia (patricia_tree_t *patricia, data_fn_t func)
|
||||
{
|
||||
Clear_Patricia (patricia, func);
|
||||
Delete (patricia);
|
||||
|
|
@ -489,7 +489,7 @@ Destroy_Patricia (patricia_tree_t *patricia, void_fn_t func)
|
|||
*/
|
||||
|
||||
void
|
||||
patricia_process (patricia_tree_t *patricia, void_fn_t func)
|
||||
patricia_process (patricia_tree_t *patricia, prefix_data_fn_t func)
|
||||
{
|
||||
patricia_node_t *node;
|
||||
assert (func);
|
||||
|
|
|
|||
|
|
@ -51,8 +51,6 @@
|
|||
|
||||
#include <sys/types.h>
|
||||
|
||||
/* typedef unsigned int u_int; */
|
||||
typedef void (*void_fn_t)();
|
||||
/* { from defs.h */
|
||||
#define prefix_touchar(prefix) ((u_char *)&(prefix)->add.sin)
|
||||
#define MAXLINE 1024
|
||||
|
|
@ -84,6 +82,9 @@ typedef struct _prefix_t {
|
|||
} add;
|
||||
} prefix_t;
|
||||
|
||||
typedef void (*data_fn_t)(void*);
|
||||
typedef void (*prefix_data_fn_t)(prefix_t*, void*);
|
||||
|
||||
/* } */
|
||||
|
||||
typedef struct _patricia_node_t {
|
||||
|
|
@ -110,9 +111,9 @@ patricia_node_t * patricia_search_best2 (patricia_tree_t *patricia, prefix_t *pr
|
|||
patricia_node_t *patricia_lookup (patricia_tree_t *patricia, prefix_t *prefix);
|
||||
void patricia_remove (patricia_tree_t *patricia, patricia_node_t *node);
|
||||
patricia_tree_t *New_Patricia (int maxbits);
|
||||
void Clear_Patricia (patricia_tree_t *patricia, void_fn_t func);
|
||||
void Destroy_Patricia (patricia_tree_t *patricia, void_fn_t func);
|
||||
void patricia_process (patricia_tree_t *patricia, void_fn_t func);
|
||||
void Clear_Patricia (patricia_tree_t *patricia, data_fn_t func);
|
||||
void Destroy_Patricia (patricia_tree_t *patricia, data_fn_t func);
|
||||
void patricia_process (patricia_tree_t *patricia, prefix_data_fn_t func);
|
||||
|
||||
void Deref_Prefix (prefix_t * prefix);
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue