Actions
Bug #4348
closedftp: "g_expectation_data_id" and "g_expectation_id" in AppLayerExpectationHandle function
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport, Needs backport to 5.0, Needs backport to 6.0
Description
Why use "g_expectation_id" in FlowGetStorageById() and "g_expectation_data_id" in FlowSetStorageById()? This caused FlowGetStorageById() to find the correct Storage.
AppProto AppLayerExpectationHandle(Flow *f, uint8_t flags)
{
AppProto alproto = ALPROTO_UNKNOWN;
IPPair *ipp = NULL;
Expectation *lexp = NULL;
Expectation *exp = NULL;
int x = SC_ATOMIC_GET(expectation_count);
if (x == 0) {
return ALPROTO_UNKNOWN;
}
/* Call will take reference of the ip pair in 'ipp' */
ExpectationList *exp_list = AppLayerExpectationLookup(f, &ipp);
if (exp_list == NULL)
goto out;
time_t ctime = f->lastts.tv_sec;
CIRCLEQ_FOREACH_SAFE(exp, &exp_list->list, entries, lexp) {
if ((exp->direction & flags) && ((exp->sp == 0) || (exp->sp == f->sp)) &&
((exp->dp == 0) || (exp->dp == f->dp))) {
alproto = exp->alproto;
f->alproto_ts = alproto;
f->alproto_tc = alproto;
void *fdata = FlowGetStorageById(f, g_expectation_id);
if (fdata) {
/* We already have an expectation so let's clean this one */
ExpectationDataFree(exp->data);
} else {
/* Transfer ownership of Expectation data to the Flow */
if (FlowSetStorageById(f, g_expectation_data_id, exp->data) != 0) {
SCLogDebug("Unable to set flow storage");
}
}
exp->data = NULL;
exp_list = AppLayerExpectationRemove(ipp, exp_list, exp);
if (exp_list == NULL)
goto out;
continue;
}
/* Cleaning remove old entries */
if (ctime > exp->ts.tv_sec + EXPECTATION_TIMEOUT) {
exp_list = AppLayerExpectationRemove(ipp, exp_list, exp);
if (exp_list == NULL)
goto out;
continue;
}
}
out:
if (ipp)
IPPairRelease(ipp);
return alproto;
}
Updated by Victor Julien almost 4 years ago
- Status changed from New to Assigned
- Assignee set to Eric Leblond
- Effort deleted (
high) - Label deleted (
C, Needs backport to 4.1)
Updated by Victor Julien almost 4 years ago
- Related to Bug #4424: ftp: Memory leak with duplicate FTP expectation added
Updated by Victor Julien almost 4 years ago
- Subject changed from "g_expectation_data_id" and "g_expectation_id" in AppLayerExpectationHandle function to ftp: "g_expectation_data_id" and "g_expectation_id" in AppLayerExpectationHandle function
- Assignee changed from Eric Leblond to Philippe Antoine
- Target version set to 7.0.0-beta1
Updated by Philippe Antoine almost 4 years ago
- Status changed from Assigned to Closed
Updated by Jeff Lucovsky over 3 years ago
- Copied to Bug #4464: ftp: "g_expectation_data_id" and "g_expectation_id" in AppLayerExpectationHandle function added
Updated by Jeff Lucovsky over 3 years ago
- Copied to Bug #4465: ftp: "g_expectation_data_id" and "g_expectation_id" in AppLayerExpectationHandle function added
Updated by Philippe Antoine over 3 years ago
- Has duplicate Bug #4461: ftp: Memory leak with duplicate FTP expectation added
Updated by Victor Julien over 2 years ago
- Has duplicate Bug #3455: asan ftp related leaks on the current gitmaster added
Actions