mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
Merge remote-tracking branch 'origin/topic/jsiwek/reporter-weird-sampling-api-tweaks'
* origin/topic/jsiwek/reporter-weird-sampling-api-tweaks: Improve Reporter weird-sampling-whitelist getters/setters
This commit is contained in:
Jon Siwek
commit
b620ace06b
4 changed files with 40 additions and 11 deletions
29
CHANGES
29
CHANGES
|
|
@ -1,4 +1,33 @@
|
|||
|
||||
3.3.0-dev.258 | 2020-09-09 10:46:37 -0700
|
||||
|
||||
* Improve Reporter weird-sampling-whitelist getters/setters (Jon Siwek, Corelight)
|
||||
|
||||
- getter methods return const-ref
|
||||
- setter methods pass by value and std::move()
|
||||
- ranged-for loops over the whitelists access by const-ref
|
||||
|
||||
* Fix memory leak caused by re-entering GTPv1 parsing (Jon Siwek, Corelight)
|
||||
|
||||
If the inner packet of a decapsulated GTPv1 frame maps to the same
|
||||
Connection as the outer packet and also contains another GTPv1
|
||||
encapsulation, the same GTPv1 analyzer attempts to parse the inner
|
||||
packet. In the process, the inner parsing method overwrites pointers to
|
||||
memory resources the outer parsing method has not yet released and
|
||||
results in a memory leak.
|
||||
|
||||
* Fix memory leak caused by re-entering AYIYA parsing (Jon Siwek, Corelight)
|
||||
|
||||
If the inner packet of a decapsulated AYIYA frame maps to the same
|
||||
Connection as the outer packet and also contains another AYIYA
|
||||
encapsulation, the same AYIYA analyzer attempts to parse the inner
|
||||
packet. In the process, the inner parsing method overwrites pointers to
|
||||
memory resources the outer parsing method has not yet released and
|
||||
results in a memory leak.
|
||||
|
||||
Credit to OSS-Fuzz for discovery
|
||||
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25256
|
||||
|
||||
3.3.0-dev.254 | 2020-09-08 17:21:16 -0700
|
||||
|
||||
* GH-343: Change HTTP DPD signatures to trigger analyzer independent of peer state. (Robin Sommer, Corelight)
|
||||
|
|
|
|||
2
VERSION
2
VERSION
|
|
@ -1 +1 @@
|
|||
3.3.0-dev.254
|
||||
3.3.0-dev.258
|
||||
|
|
|
|||
|
|
@ -175,7 +175,7 @@ public:
|
|||
/**
|
||||
* Gets the weird sampling whitelist.
|
||||
*/
|
||||
WeirdSet GetWeirdSamplingWhitelist() const
|
||||
const WeirdSet& GetWeirdSamplingWhitelist() const
|
||||
{
|
||||
return weird_sampling_whitelist;
|
||||
}
|
||||
|
|
@ -185,15 +185,15 @@ public:
|
|||
*
|
||||
* @param weird_sampling_whitelist New weird sampling whitelist.
|
||||
*/
|
||||
void SetWeirdSamplingWhitelist(const WeirdSet& weird_sampling_whitelist)
|
||||
void SetWeirdSamplingWhitelist(WeirdSet weird_sampling_whitelist)
|
||||
{
|
||||
this->weird_sampling_whitelist = weird_sampling_whitelist;
|
||||
this->weird_sampling_whitelist = std::move(weird_sampling_whitelist);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the weird sampling global list.
|
||||
*/
|
||||
WeirdSet GetWeirdSamplingGlobalList() const
|
||||
const WeirdSet& GetWeirdSamplingGlobalList() const
|
||||
{
|
||||
return weird_sampling_global_list;
|
||||
}
|
||||
|
|
@ -203,9 +203,9 @@ public:
|
|||
*
|
||||
* @param weird_sampling_global list New weird sampling global list.
|
||||
*/
|
||||
void SetWeirdSamplingGlobalList(const WeirdSet& weird_sampling_global_list)
|
||||
void SetWeirdSamplingGlobalList(WeirdSet weird_sampling_global_list)
|
||||
{
|
||||
this->weird_sampling_global_list = weird_sampling_global_list;
|
||||
this->weird_sampling_global_list = std::move(weird_sampling_global_list);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -164,7 +164,7 @@ function Reporter::file_weird%(name: string, f: fa_file, addl: string &default="
|
|||
function Reporter::get_weird_sampling_whitelist%(%): string_set
|
||||
%{
|
||||
auto set = zeek::make_intrusive<zeek::TableVal>(zeek::id::string_set);
|
||||
for ( auto el : reporter->GetWeirdSamplingWhitelist() )
|
||||
for ( const auto& el : reporter->GetWeirdSamplingWhitelist() )
|
||||
{
|
||||
auto idx = zeek::make_intrusive<zeek::StringVal>(el);
|
||||
set->Assign(std::move(idx), nullptr);
|
||||
|
|
@ -194,7 +194,7 @@ function Reporter::set_weird_sampling_whitelist%(weird_sampling_whitelist: strin
|
|||
whitelist_set.emplace(move(key));
|
||||
delete k;
|
||||
}
|
||||
reporter->SetWeirdSamplingWhitelist(whitelist_set);
|
||||
reporter->SetWeirdSamplingWhitelist(std::move(whitelist_set));
|
||||
return zeek::val_mgr->True();
|
||||
%}
|
||||
|
||||
|
|
@ -204,7 +204,7 @@ function Reporter::set_weird_sampling_whitelist%(weird_sampling_whitelist: strin
|
|||
function Reporter::get_weird_sampling_global_list%(%): string_set
|
||||
%{
|
||||
auto set = zeek::make_intrusive<zeek::TableVal>(zeek::id::string_set);
|
||||
for ( auto el : reporter->GetWeirdSamplingGlobalList() )
|
||||
for ( const auto& el : reporter->GetWeirdSamplingGlobalList() )
|
||||
{
|
||||
auto idx = zeek::make_intrusive<zeek::StringVal>(el);
|
||||
set->Assign(std::move(idx), nullptr);
|
||||
|
|
@ -234,7 +234,7 @@ function Reporter::set_weird_sampling_global_list%(weird_sampling_global_list: s
|
|||
global_list_set.emplace(move(key));
|
||||
delete k;
|
||||
}
|
||||
reporter->SetWeirdSamplingGlobalList(global_list_set);
|
||||
reporter->SetWeirdSamplingGlobalList(std::move(global_list_set));
|
||||
return zeek::val_mgr->True();
|
||||
%}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue