solve invalid read

2023-04-22 10:46:21 +08:00
parent 98d21b50af
commit 72066281dc
9 changed files with 48 additions and 23 deletions
--- a/scanner/adapter_hs/adapter_hs.cpp
+++ b/scanner/adapter_hs/adapter_hs.cpp
@@ -667,6 +667,7 @@ void adapter_hs_stream_close(struct adapter_hs_stream *hs_stream)
    hs_stream->ref_hs_rt = NULL;
    hs_stream->matched_pat->ref_hs_attr = NULL;
    utarray_free(hs_stream->matched_pat->pattern_ids);
+    hs_stream->matched_pat->pattern_ids = NULL;

    FREE(hs_stream->matched_pat);
    FREE(hs_stream);
--- a/src/maat_compile.c
+++ b/src/maat_compile.c
@@ -199,6 +199,7 @@ void maat_compile_free(struct maat_compile *compile)
 	struct maat_clause_state *clause_state = NULL;
 	if (compile->user_data && compile->user_data_free) {
 		compile->user_data_free(compile->user_data);
+        compile->user_data = NULL;
 	}

 	for (int i = 0; i < MAX_ITEMS_PER_BOOL_EXPR; i++) {
--- a/src/maat_config_monitor.c
+++ b/src/maat_config_monitor.c
@@ -434,11 +434,6 @@ int load_maat_json_file(struct maat *maat_instance, const char *json_filename,
 		return -1;
 	}
 	
-	if (!maat_instance->is_running) {
-        size_t len = MIN(strlen(json_filename), sizeof(maat_instance->json_ctx.json_file));
-		strncpy(maat_instance->json_ctx.json_file, json_filename, len);
-	}
-	
 	ret = stat(json_filename, &fstat_buf);
 	maat_instance->json_ctx.last_md5_time = fstat_buf.st_ctim;
 	
--- a/src/maat_ex_data.c
+++ b/src/maat_ex_data.c
@@ -70,6 +70,7 @@ void ex_data_runtime_free(struct ex_data_runtime *ex_data_rt)

    if (ex_data_rt->htable != NULL) {
        rcu_hash_free(ex_data_rt->htable);
+        ex_data_rt->htable = NULL;
    }

    FREE(ex_data_rt);
@@ -172,6 +173,7 @@ void ex_container_free(void *user_ctx, void *data)
    /* free ex_container->custom_data */
    if (container->custom_data != NULL && container_schema->custom_data_free != NULL) {
        container_schema->custom_data_free(container->custom_data);
+        container->custom_data = NULL;
    }

    /* free ex_container->ex_data */
@@ -179,6 +181,7 @@ void ex_container_free(void *user_ctx, void *data)
        container_schema->ex_schema.free_func(container_schema->table_id, &(container->ex_data),
                                              container_schema->ex_schema.argl,
                                              container_schema->ex_schema.argp);
+        container->ex_data = NULL;
    }

    FREE(container);
--- a/src/maat_expr.c
+++ b/src/maat_expr.c
@@ -1071,7 +1071,7 @@ void expr_runtime_perf_stat(struct expr_runtime *expr_rt, size_t scan_len,
            expr_rt->scan_cpu_time = alignment_int64_array_alloc(expr_rt->n_worker_thread);
        }

-        long long consume_time = (end->tv_sec - start->tv_sec) * 1000000000 + end->tv_nsec - start->tv_nsec;
+        long long consume_time = (end->tv_sec - start->tv_sec) * 1000000000 + (end->tv_nsec - start->tv_nsec);
        alignment_int64_array_add(expr_rt->scan_cpu_time, thread_id, consume_time);
    }
 }
--- a/src/maat_rule.c
+++ b/src/maat_rule.c
@@ -32,8 +32,8 @@

 #define MODULE_MAAT_RULE	 module_name_str("maat.rule")

-struct maat_item *maat_item_new(long long item_id, long long group_id, void *user_data,
-                                void (*user_data_free)(void *))
+struct maat_item *maat_item_new(long long item_id, long long group_id,
+                                void *user_data, void (*user_data_free)(void *))
 {
 	struct maat_item *item = NULL;
 	item = ALLOC(struct maat_item, 1);
@@ -53,7 +53,7 @@ void maat_item_free(void *maat_item)
 		item->user_data = NULL;
 	}

-	free(item);
+	FREE(item);
 }

 static int compare_each_tag(cJSON *tag_obj, const struct rule_tag *accept_tags, size_t n_accept_tag)
--- a/src/maat_stat.c
+++ b/src/maat_stat.c
@@ -31,8 +31,7 @@ enum MAAT_FS_STATUS {
 	STATUS_GROUP_REF_NUM,
 	STATUS_GROUP_REF_NOT_NUM,
 	STATUS_COMPILE_RULE_NUM,
-	STATUS_OUTER_MID_NUM,
-	STATUS_INNER_MID_NUM,
+	STATUS_MAAT_STATE_NUM,
 	STATUS_GARBAGE_QSIZE,
 	STATUS_TOTAL_SCAN_LEN,
 	STATUS_TOTAL_SCAN_CNT,
@@ -90,8 +89,8 @@ void maat_fieldstat_register(struct maat_stat *stat)
                                                                     "compile", NULL, 0);
    stat->fs_status_id[STATUS_GARBAGE_QSIZE] = fieldstat_register(stat->fs_handle, FIELD_TYPE_GAUGE, 
                                                                  "garbage_num", NULL, 0);
-    stat->fs_status_id[STATUS_OUTER_MID_NUM] = fieldstat_register(stat->fs_handle, FIELD_TYPE_GAUGE, 
-                                                                  "outer_mid", NULL, 0);
+    stat->fs_status_id[STATUS_MAAT_STATE_NUM] = fieldstat_register(stat->fs_handle, FIELD_TYPE_GAUGE, 
+                                                                  "maat_state", NULL, 0);
    stat->fs_status_id[STATUS_ZOMBIE_RS_STREAM] = fieldstat_register(stat->fs_handle, FIELD_TYPE_GAUGE, 
                                                                     "z_stream", NULL, 0);
    stat->fs_status_id[STATUS_NOT_GROUP_HIT] = fieldstat_register(stat->fs_handle, FIELD_TYPE_GAUGE, 
--- a/src/maat_table.c
+++ b/src/maat_table.c
@@ -471,11 +471,6 @@ void maat_table_free(struct maat_table *maat_tbl)
        return;
    }

-    if (maat_tbl->schema != NULL) {
-        maat_table_schema_free(maat_tbl->schema, maat_tbl->table_type);
-        maat_tbl->schema = NULL;
-    }
-
    if (maat_tbl->runtime != NULL) {
        maat_table_runtime_free(maat_tbl->runtime, maat_tbl->table_type);
        maat_tbl->runtime = NULL;
@@ -486,6 +481,11 @@ void maat_table_free(struct maat_table *maat_tbl)
        maat_tbl->updating_runtime = NULL;
    }
    
+    if (maat_tbl->schema != NULL) {
+        maat_table_schema_free(maat_tbl->schema, maat_tbl->table_type);
+        maat_tbl->schema = NULL;
+    }
+    
    FREE(maat_tbl);
 }

--- a/test/maat_framework_gtest.cpp
+++ b/test/maat_framework_gtest.cpp
@@ -348,6 +348,7 @@ protected:

        struct maat_options *opts = maat_options_new();
        maat_options_set_iris(opts, "./redis_dump", "./redis_dump");
+        maat_options_set_stat_file(opts, "./stat.log");
        maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
        maat_options_set_accept_tags(opts, accept_tags);

@@ -403,10 +404,35 @@ TEST_F(MaatIris, basic) {
    clock_gettime(CLOCK_MONOTONIC, &end);
    long long consume_us1 = (end.tv_sec - start.tv_sec) * 1000000 + (end.tv_nsec - start.tv_nsec) / 1000;
    printf("ipv4 consume time:%lldus\n", consume_us1/100000);
+
+    clock_gettime(CLOCK_MONOTONIC, &start);
+    for (int i = 0; i < 100000; i++)
+    {
+        
+        int table_id = maat_get_table_id(maat_instance, "TSG_SECURITY_SOURCE_ADDR");
+        ASSERT_GT(table_id, 0);
+        int ret = maat_scan_ipv4(maat_instance, table_id, sip_addr, sport, 6,
+                                 results, ARRAY_SIZE, &n_hit_result, state);
+        EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
+
+        table_id = maat_get_table_id(maat_instance, "TSG_OBJ_APP_ID");
+        ASSERT_GT(table_id, 0);
+
+        ret = maat_scan_integer(maat_instance, table_id, 32, results, ARRAY_SIZE,
+                                &n_hit_result, state);
+        EXPECT_EQ(ret, MAAT_SCAN_HIT);
+        EXPECT_EQ(n_hit_result, 1);
+        EXPECT_EQ(results[0], 1054275);
+        maat_state_reset(state);
+        
+    }
+    clock_gettime(CLOCK_MONOTONIC, &end);
+    long long consume_us = (end.tv_sec - start.tv_sec) * 1000000 + (end.tv_nsec - start.tv_nsec) / 1000;
+    printf("consume time:%lldus\n", consume_us/100000);
 }
 #endif

-#if 1
+#if 0
 class MaatFlagScan : public testing::Test
 {
 protected:
@@ -3167,7 +3193,7 @@ TEST_F(TableInfo, Conjunction) {
    maat_state_free(state);
    state = NULL;
 }
-
+#endif
 class MaatFileTest : public testing::Test
 {
 protected:
@@ -3181,8 +3207,8 @@ protected:
        maat_options_set_caller_thread_number(opts, g_thread_num);
        maat_options_set_instance_name(opts, "files");
        maat_options_set_iris(opts, rule_folder, rule_folder);
-        maat_options_set_rule_update_checking_interval_ms(opts, scan_interval_ms);
-        maat_options_set_rule_effect_interval_ms(opts, effective_interval_ms);
+        //maat_options_set_rule_update_checking_interval_ms(opts, scan_interval_ms);
+        //maat_options_set_rule_effect_interval_ms(opts, effective_interval_ms);
        maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);

        _shared_maat_instance = maat_new(opts, table_info);
@@ -3263,7 +3289,7 @@ TEST_F(MaatFileTest, StreamFiles) {

    free(name_list);
 }
-
+#if 0
 class HierarchyTest : public testing::Test
 {
 protected: