gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add ci config

Browse Source
This commit is contained in:
liuwentan
2023-02-16 11:13:23 +08:00
parent 379efcf027
commit f688a99bd0
23 changed files with 2060 additions and 278 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/maat_api.c
View File

@@ -865,10 +865,9 @@ int maat_scan_integer(struct maat *maat_instance, int table_id, int thread_id,
}
int group_hit_cnt = interval_runtime_scan((struct interval_runtime *)interval_rt,
thread_id,
intval, group_ids,
MAX_SCANNER_HIT_GROUP_NUM,
vtable_id, mid);
thread_id, intval, group_ids,
MAX_SCANNER_HIT_GROUP_NUM,
vtable_id, mid);
if (group_hit_cnt < 0) {
return MAAT_SCAN_ERR;
}
@@ -1141,10 +1140,10 @@ int maat_scan_string(struct maat *maat_instance, int table_id, int thread_id,
}
int group_hit_cnt = expr_runtime_scan((struct expr_runtime *)expr_rt,
thread_id,
data, data_len, group_ids,
MAX_SCANNER_HIT_GROUP_NUM,
vtable_id, mid);
thread_id, data, data_len,
group_ids,
MAX_SCANNER_HIT_GROUP_NUM,
vtable_id, mid);
if (group_hit_cnt < 0) {
return MAAT_SCAN_ERR;
}

6
src/maat_compile.c
View File

@@ -1065,7 +1065,7 @@ maat_compile_bool_matcher_new(struct maat_compile *compile_hash,
//TODO:mytest need to delete
#if 0
printf("bool_matcher_new....................\n");
printf("bool_matcher_new....................expr_cnt:%zu\n", expr_cnt);
for (expr_index = 0; expr_index < expr_cnt; expr_index++) {
printf("bool_expr_array[%zu].expr_id:%llu, item_num:%zu\n", expr_index, bool_expr_array[expr_index].expr_id,
bool_expr_array[expr_index].item_num);
@@ -1780,9 +1780,9 @@ int maat_compile_state_update(struct maat_item *item_hash, int vtable_id,
for (size_t i = 0; i < hit_item_cnt; i++) {
HASH_FIND_INT(item_hash, &(hit_item_ids[i]), item);
assert(item != NULL);
//assert(item != NULL);
if (!item) {
// should not come here
// item config has been deleted
continue;
}

31
src/maat_expr.c
View File

@@ -41,6 +41,7 @@ struct expr_schema {
};
enum expr_type {
EXPR_TYPE_INVALID = -1,
EXPR_TYPE_STRING = 0,
EXPR_TYPE_AND,
EXPR_TYPE_REGEX,
@@ -91,7 +92,7 @@ struct expr_runtime {
enum expr_type int_to_expr_type(int expr_type)
{
enum expr_type type = EXPR_TYPE_MAX;
enum expr_type type = EXPR_TYPE_INVALID;
switch (expr_type) {
case 0:
@@ -115,7 +116,7 @@ enum expr_type int_to_expr_type(int expr_type)
enum hs_match_mode int_to_match_mode(int match_method)
{
enum hs_match_mode mode = HS_MATCH_MODE_MAX;
enum hs_match_mode mode = HS_MATCH_MODE_INVALID;
switch (match_method) {
case 0:
@@ -197,6 +198,12 @@ struct expr_item *expr_item_new(const char *line, struct expr_schema *expr_schem
expr_type = atoi(line + column_offset);
expr_item->expr_type = int_to_expr_type(expr_type);
if (expr_item->expr_type == EXPR_TYPE_INVALID) {
log_error(logger, MODULE_EXPR,
"expr table(table_id:%d) line:%s has invalid expr_type",
expr_schema->table_id, line);
goto error;
}
ret = get_column_pos(line, expr_schema->match_method_column, &column_offset, &column_len);
if (ret < 0) {
@@ -208,6 +215,12 @@ struct expr_item *expr_item_new(const char *line, struct expr_schema *expr_schem
match_method_type = atoi(line + column_offset);
expr_item->match_mode = int_to_match_mode(match_method_type);
if (expr_item->match_mode == HS_MATCH_MODE_INVALID) {
log_error(logger, MODULE_EXPR,
"expr table(table_id:%d) line:%s has invalid match_method",
expr_schema->table_id, line);
goto error;
}
ret = get_column_pos(line, expr_schema->is_hexbin_column, &column_offset, &column_len);
if (ret < 0) {
@@ -522,7 +535,7 @@ enum hs_pattern_type expr_type2pattern_type(enum expr_type expr_type)
return pattern_type;
}
int convertHextoint(char srctmp)
static int convertHextoint(char srctmp)
{
if (isdigit(srctmp)) {
return srctmp - '0';
@@ -533,7 +546,7 @@ int convertHextoint(char srctmp)
}
}
size_t hex2bin(char *hex, int hex_len, char *binary, size_t size)
static size_t hex2bin(char *hex, int hex_len, char *binary, size_t size)
{
size_t resultlen = 0;
int high,low;
@@ -559,8 +572,13 @@ and_expr_t *expr_item_to_expr_rule(struct expr_item *expr_item, void *user_data,
char *tmp = NULL;
char *saveptr = NULL;
char *sub_key_array[MAAT_MAX_EXPR_ITEM_NUM];
int key_left_offset[MAAT_MAX_EXPR_ITEM_NUM] = {-1};
int key_right_offset[MAAT_MAX_EXPR_ITEM_NUM] = {-1};
int key_left_offset[MAAT_MAX_EXPR_ITEM_NUM];
int key_right_offset[MAAT_MAX_EXPR_ITEM_NUM];
/* -1 means offset no limit, As long as the pattern appears in the scan data, it will hit */
memset(key_left_offset, -1, sizeof(key_left_offset));
memset(key_right_offset, -1, sizeof(key_right_offset));
and_expr_t *expr_rule = ALLOC(and_expr_t, 1);
switch (expr_item->expr_type) {
@@ -852,6 +870,7 @@ int expr_runtime_scan(struct expr_runtime *expr_rt, int thread_id,
struct maat_item_inner *item = NULL;
int real_hit_item_cnt = 0;
int district_id = state->district_id;
for (size_t i = 0; i < n_hit_item; i++) {
item = (struct maat_item_inner *)(hit_results[i].user_tag);
if (item->district_id == district_id || district_id == DISTRICT_ANY) {

3
src/maat_ip.c
View File

@@ -488,12 +488,13 @@ int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type,
struct ip_data scan_data;
if (ip_type == IPv4) {
scan_data.type = IPv4;
scan_data.ipv4 = *(uint32_t *)ip_addr;
scan_data.ipv4 = ntohl(*(uint32_t *)ip_addr);
} else {
scan_data.type = IPv6;
for (int i = 0; i < 4; i++) {
scan_data.ipv6[i] = *((uint32_t *)ip_addr + i);
}
ipv6_ntoh(scan_data.ipv6);
}
n_hit_item = ip_matcher_match(ip_rt->ip_matcher, &scan_data, scan_results, MAX_SCANNER_HIT_ITEM_NUM);

2
src/maat_table.c
View File

@@ -696,7 +696,7 @@ int table_manager_set_scan_district(struct table_manager *tbl_mgr, const char *d
int table_manager_get_district_id(struct table_manager *tbl_mgr, const char *district)
{
int district_id = -1;
int district_id = DISTRICT_ANY;
int map_ret = maat_kv_read(tbl_mgr->district_map, district, &district_id);
if (map_ret < 0) {

12
src/maat_utils.c
View File

@@ -447,7 +447,7 @@ int ip_format2range(int ip_type, enum maat_ip_format format, const char *ip1, co
return -1;
}
//ipv4_addr = ntohl(ipv4_addr);
ipv4_addr = ntohl(ipv4_addr);
uint32_t ipv4_range_end = 0;
uint32_t ipv4_mask = 0;
switch (format) {
@@ -457,7 +457,7 @@ int ip_format2range(int ip_type, enum maat_ip_format format, const char *ip1, co
if (ret <= 0) {
return -1;
}
//ipv4_range_end = ntohl(ipv4_range_end);
ipv4_range_end = ntohl(ipv4_range_end);
range_end[0] = ipv4_range_end;
break;
case IP_FORMAT_MASK:
@@ -465,7 +465,7 @@ int ip_format2range(int ip_type, enum maat_ip_format format, const char *ip1, co
if (ret <= 0) {
return -1;
}
//ipv4_mask = ntohl(ipv4_mask);
ipv4_mask = ntohl(ipv4_mask);
range_begin[0] = ipv4_addr & ipv4_mask;
range_end[0] = ipv4_addr | ~ipv4_mask;
break;
@@ -492,7 +492,7 @@ int ip_format2range(int ip_type, enum maat_ip_format format, const char *ip1, co
if (ret <= 0) {
return -1;
}
//ipv6_ntoh(ipv6_addr);
ipv6_ntoh(ipv6_addr);
switch (format) {
case IP_FORMAT_RANGE:
@@ -500,7 +500,7 @@ int ip_format2range(int ip_type, enum maat_ip_format format, const char *ip1, co
if (ret <= 0) {
return -1;
}
//ipv6_ntoh(ipv6_range_end);
ipv6_ntoh(ipv6_range_end);
memcpy(range_begin, ipv6_addr, sizeof(ipv6_addr));
memcpy(range_end, ipv6_range_end, sizeof(ipv6_range_end));
@@ -510,7 +510,7 @@ int ip_format2range(int ip_type, enum maat_ip_format format, const char *ip1, co
if (ret <= 0) {
return -1;
}
//ipv6_ntoh(ipv6_mask);
ipv6_ntoh(ipv6_mask);
for (i = 0; i < 4; i++) {
range_begin[i]=ipv6_addr[i] & ipv6_mask[i];