diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c index 6285b67d256c..b76d322d5a2b 100644 --- a/src/app-layer-parser.c +++ b/src/app-layer-parser.c @@ -698,10 +698,11 @@ uint64_t AppLayerParserGetTransactionInspectId(AppLayerParserState *pstate, uint { SCEnter(); - if (pstate == NULL) - SCReturnCT(0ULL, "uint64_t"); + if (pstate != NULL) + SCReturnCT(pstate->inspect_id[(direction & STREAM_TOSERVER) ? 0 : 1], "uint64_t"); - SCReturnCT(pstate->inspect_id[(direction & STREAM_TOSERVER) ? 0 : 1], "uint64_t"); + DEBUG_VALIDATE_BUG_ON(1); + SCReturnCT(0ULL, "uint64_t"); } inline uint64_t AppLayerParserGetTxDetectFlags(AppLayerTxData *txd, const uint8_t dir) diff --git a/src/detect-engine.c b/src/detect-engine.c index d1429f19f3c0..431e11341a70 100644 --- a/src/detect-engine.c +++ b/src/detect-engine.c @@ -1955,6 +1955,10 @@ static int DetectEngineInspectRulePayloadMatches( SCLogDebug("SIG_FLAG_REQUIRE_STREAM_ONLY, so no match"); return DETECT_ENGINE_INSPECT_SIG_NO_MATCH; } + if (s->flags & SIG_FLAG_REQUIRE_STREAM_ONLY) { + SCLogDebug("SIG_FLAG_REQUIRE_STREAM_ONLY, so no match"); + return false; + } if (DetectEngineInspectPacketPayload(de_ctx, det_ctx, s, p->flow, p) != 1) { return DETECT_ENGINE_INSPECT_SIG_NO_MATCH; } diff --git a/src/detect-flow.c b/src/detect-flow.c index c268dedb155f..3614f9e8d27d 100644 --- a/src/detect-flow.c +++ b/src/detect-flow.c @@ -416,6 +416,13 @@ int DetectFlowSetup (DetectEngineCtx *de_ctx, Signature *s, const char *flowstr) DetectFlowFree(de_ctx, fd); } + if (parse_flags & DETECT_FLOW_FLAG_ONLYSTREAM) { + s->flags |= (SIG_FLAG_REQUIRE_STREAM | SIG_FLAG_REQUIRE_STREAM_ONLY); + } + if (parse_flags & DETECT_FLOW_FLAG_NOSTREAM) { + s->flags |= SIG_FLAG_REQUIRE_PACKET; + } + if (parse_flags & DETECT_FLOW_FLAG_ONLYSTREAM) { s->flags |= (SIG_FLAG_REQUIRE_STREAM | SIG_FLAG_REQUIRE_STREAM_ONLY); } diff --git a/src/detect.c b/src/detect.c index b96d96d93a46..7542a79dd47e 100644 --- a/src/detect.c +++ b/src/detect.c @@ -1340,14 +1340,14 @@ static DetectTransaction GetDetectTx(const uint8_t ipproto, const AppProto alpro } uint64_t detect_flags = (flow_flags & STREAM_TOSERVER) ? txd->detect_flags_ts : txd->detect_flags_tc; - if (detect_flags & APP_LAYER_TX_INSPECTED_FLAG) { + if (unlikely(detect_flags & APP_LAYER_TX_INSPECTED_FLAG)) { SCLogDebug("%"PRIu64" tx already fully inspected for %s. Flags %016"PRIx64, tx_id, flow_flags & STREAM_TOSERVER ? "toserver" : "toclient", detect_flags); DetectTransaction no_tx = NO_TX; return no_tx; } - if (detect_flags & APP_LAYER_TX_SKIP_INSPECT_FLAG) { + if (unlikely(detect_flags & APP_LAYER_TX_SKIP_INSPECT_FLAG)) { SCLogDebug("%" PRIu64 " tx should not be inspected in direction %s. Flags %016" PRIx64, tx_id, flow_flags & STREAM_TOSERVER ? "toserver" : "toclient", detect_flags); DetectTransaction no_tx = NO_TX; diff --git a/src/tm-threads.c b/src/tm-threads.c index 5da183c311be..b9833d170c1e 100644 --- a/src/tm-threads.c +++ b/src/tm-threads.c @@ -2345,23 +2345,23 @@ uint16_t TmThreadsGetWorkerThreadMax(void) */ void TmThreadsInjectFlowById(Flow *f, const int id) { - BUG_ON(id <= 0 || id > (int)thread_store.threads_size); - - int idx = id - 1; - - Thread *t = &thread_store.threads[idx]; - ThreadVars *tv = t->tv; - - BUG_ON(tv == NULL || tv->flow_queue == NULL); - - FlowEnqueue(tv->flow_queue, f); - - /* wake up listening thread(s) if necessary */ - if (tv->inq != NULL) { - SCMutexLock(&tv->inq->pq->mutex_q); - SCCondSignal(&tv->inq->pq->cond_q); - SCMutexUnlock(&tv->inq->pq->mutex_q); - } else if (tv->break_loop) { - TmThreadsCaptureBreakLoop(tv); + if (id > 0 && id <= (int)thread_store.threads_size) { + int idx = id - 1; + Thread *t = &thread_store.threads[idx]; + ThreadVars *tv = t->tv; + if (tv != NULL && tv->flow_queue != NULL) { + FlowEnqueue(tv->flow_queue, f); + + /* wake up listening thread(s) if necessary */ + if (tv->inq != NULL) { + SCMutexLock(&tv->inq->pq->mutex_q); + SCCondSignal(&tv->inq->pq->cond_q); + SCMutexUnlock(&tv->inq->pq->mutex_q); + } else if (tv->break_loop) { + TmThreadsCaptureBreakLoop(tv); + } + return; + } } + BUG_ON(1); } diff --git a/src/util-prefilter.h b/src/util-prefilter.h index 51a65c55b443..125120480d9d 100644 --- a/src/util-prefilter.h +++ b/src/util-prefilter.h @@ -61,25 +61,24 @@ int PrefilterAddSidsResize(PrefilterRuleStore *pmq, uint32_t new_size); static inline void PrefilterAddSids( PrefilterRuleStore *pmq, const SigIntId *sids, uint32_t sids_size) { - if (sids_size == 0) - return; - - uint32_t new_size = pmq->rule_id_array_cnt + sids_size; - if (new_size > pmq->rule_id_array_size) { - if (PrefilterAddSidsResize(pmq, new_size) == 0) { - // Failed to allocate larger memory for all the SIDS, but - // keep as many as we can. - sids_size = pmq->rule_id_array_size - pmq->rule_id_array_cnt; + if (sids_size > 0) { + uint32_t new_size = pmq->rule_id_array_cnt + sids_size; + if (new_size > pmq->rule_id_array_size) { + if (PrefilterAddSidsResize(pmq, new_size) == 0) { + // Failed to allocate larger memory for all the SIDS, but + // keep as many as we can. + sids_size = pmq->rule_id_array_size - pmq->rule_id_array_cnt; + } } + SCLogDebug("Adding %u sids", sids_size); + // Add SIDs for this pattern to the end of the array + SigIntId *ptr = pmq->rule_id_array + pmq->rule_id_array_cnt; + SigIntId *end = ptr + sids_size; + do { + *ptr++ = *sids++; + } while (ptr != end); + pmq->rule_id_array_cnt += sids_size; } - SCLogDebug("Adding %u sids", sids_size); - // Add SIDs for this pattern to the end of the array - SigIntId *ptr = pmq->rule_id_array + pmq->rule_id_array_cnt; - SigIntId *end = ptr + sids_size; - do { - *ptr++ = *sids++; - } while (ptr != end); - pmq->rule_id_array_cnt += sids_size; } int PmqSetup(PrefilterRuleStore *);