Project

General

Profile

Actions
Copy link

Bug #1484

open

Remove BUG_ON(1) statements in the packet path

Added by Victor Julien almost 10 years ago. Updated 7 months ago.

Status:
New
Priority:
Normal
Assignee:
OISF Dev
Target version:
TBD
Affected Versions:
Effort:
Difficulty:
Label:
Beginner, Hardening

Description

As issue #1482, but review all the BUG_ON's.

Actions
Copy link
 #1

Updated by Jason Ish almost 10 years ago

Do you really want them out of the packet path?

One school of thought is to liberally use assertions, but have them enabled as a compile time option - typically enabled during development, but off by default for production use.

Actions
Copy link
 #2

Updated by Victor Julien almost 10 years ago

I don't mind keeping them in some form (DEBUG_VALIDATION comes to mind), but we can't just switch the BUG_ON macro to do that w/o reviewing all places it is used now. In this specific case, the assertion would have to move up a bit, and only trigger the EBUSY case. Thats the only bug/issue really, as the NOMEM case could be triggered by memcaps being reached.

Actions
Copy link
 #3

Updated by Victor Julien over 9 years ago

  • Target version changed from 3.0RC1 to 70
Actions
Copy link
 #4

Updated by Victor Julien about 9 years ago

  • % Done changed from 0 to 20

DNS BUG_ON's removed through: https://github.com/inliniac/suricata/pull/1915

Not sure how many are left.

Actions
Copy link
 #5

Updated by Victor Julien over 6 years ago

  • Assignee changed from Jason Ish to OISF Dev
Actions
Copy link
 #6

Updated by Andreas Herz almost 6 years ago

Some are left :)

src/detect-tag.c:            BUG_ON(1);
src/detect-flowint.c:                BUG_ON(1);
src/util-unittest.h:            BUG_ON(1);                                 \
src/detect-engine-sigorder.c:                BUG_ON(1);
src/detect-engine-sigorder.c:                BUG_ON(1);
src/detect-engine-sigorder.c:                BUG_ON(1);
src/detect-engine-sigorder.c:                BUG_ON(1);
src/detect-engine-sigorder.c:                    BUG_ON(1);
src/detect-engine-sigorder.c:                    BUG_ON(1);
src/detect-engine.c:        BUG_ON(1);
src/detect-engine.c:        BUG_ON(1);
src/detect-engine.c:        BUG_ON(1);
src/detect-engine.c:        BUG_ON(1);
src/detect-engine-mpm.c:            BUG_ON(1);
src/detect-engine-port.c:        BUG_ON(1);
src/app-layer-ssh.c:            BUG_ON(1);// we only call this when we have enough data
src/source-af-packet.c:        BUG_ON(1);
src/detect-filestore.c:        BUG_ON(1);
src/detect-engine-content-inspection.c:        BUG_ON(1);
src/flow-timeout.c:            BUG_ON(1);
src/tm-threads.c:            BUG_ON(1);
src/detect-engine-build.c:            BUG_ON(1);
src/util-validate.h:            BUG_ON(1);                              \
src/util-unittest-helper.c:            BUG_ON(1);
src/util-unittest-helper.c:            BUG_ON(1);
src/tests/detect.c:        BUG_ON(1);
src/tests/detect.c:        BUG_ON(1);
src/tests/detect.c:        BUG_ON(1);
src/tests/detect.c:        BUG_ON(1);
Actions
Copy link
 #7

Updated by Andreas Herz almost 6 years ago

  • Target version changed from 70 to TBD
Actions
Copy link
 #8

Updated by Victor Julien over 5 years ago

  • Status changed from Assigned to New
  • Label Beginner added
Actions
Copy link
 #9

Updated by Philippe Antoine 7 months ago

  • Label Hardening added
Actions
Copy link
 #10

Updated by Philippe Antoine 7 months ago

Also some direct `abort()`

Actions
Copy link

Also available in: Atom PDF