Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dynamic alprotos : make SNMP totally dynamic v8 #12533

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

Dynamic alprotos : make SNMP totally dynamic v8 #12533

wants to merge 8 commits into from
+152 −81

Conversation

catenacyber
Copy link
Contributor

Link to ticket: https://redmine.openinfosecfoundation.org/issues/
https://redmine.openinfosecfoundation.org/issues/5053

Describe changes:

  • detect: fix overflow for files protocol as reported by coverity
  • snmp: register protocol dynamically, to do so :
    • make some arrays even more dynamic
    • add an helper function AppProtoNewProtoFromString
    • have plugins be able to log flow or packet direction (update SC_PLUGIN_API_VERSION)

#12470 with needed rebase

@catenacyber
detect: fix overflow for files protocol
96c2d05 
CID 1640392

Would happen only if we reached 15 protocols handling files
@catenacyber
app-layer: make some arrays even more dynamic
63c2eec 
Ticket: 5053

Do not asume that we know the number of alprotos at the end
of AppLayerNamesSetup, but make arrays allocated by later
AppLayerProtoDetectSetup dynamic so that it can be reallocated
from AppLayerParserRegisterProtocolParsers

This helps have a single entry point for a protocol like SNMP
@catenacyber
app-layer: helper function AppProtoNewProtoFromString
77c98cc 
So that we do not have to know g_alproto_max to register
dynamically a new protocol from its name
@catenacyber
output: plugins can log flow or packet direction
11819f9
@catenacyber
rust: export C functions for dynamic alproto registration
ae60b42 
Ticket: 5053

Move enum OutputJsonLogDirection and struct
EveJsonTxLoggerRegistrationData from C to rust
@catenacyber
snmp: make log function use the generic prototype
79caec6 
and cast

and also remove unneeded mut

and rustfmt
@catenacyber
snmp: register protocol dynamically
9b52d6c 
Ticket: 5053
@catenacyber
snmp: restrict rust visibility
d9ec188
@catenacyber catenacyber mentioned this pull request Feb 6, 2025
Closed
@catenacyber catenacyber changed the title Applayer plugin 5053 v4.8 Dynamic alprotos : make SNMP totally dynamic v8 Feb 6, 2025
@catenacyber catenacyber mentioned this pull request Feb 6, 2025
Open
jasonish
jasonish reviewed Feb 6, 2025
View reviewed changes
src/suricata-plugin.h
#define SC_PLUGIN_API_VERSION 8
#define SC_PLUGIN_API_VERSION 0x801
Copy link
Member

@jasonish jasonish Feb 6, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still don't think we should be twiddling this for a development release.

For 8.0, we should use something like 800000, or something.. 9.0, 900000. If we did an 8.1 then 800100.

But if we are going to twiddle it, just start at 1.. Then 2, then 3, etc..

@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 24663

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish jasonish left review comments

@victorjulien victorjulien Awaiting requested review from victorjulien victorjulien is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@catenacyber @suricata-qa @jasonish