From 060407d1cb6d348e6169db647a549ca51224c82c Mon Sep 17 00:00:00 2001 From: liuxueli Date: Thu, 29 Jun 2023 18:23:07 +0800 Subject: [PATCH] =?UTF-8?q?OMPUB-952:=20=E6=A0=B9=E6=8D=AE=E6=B5=81?= =?UTF-8?q?=E4=BF=A1=E6=81=AF=E8=8E=B7=E5=8F=96=E5=BD=93=E5=89=8D=E5=8C=85?= =?UTF-8?q?=E5=A4=B4=E9=83=A8=EF=BC=8C=E9=81=BF=E5=85=8D=E8=AE=BF=E9=97=AE?= =?UTF-8?q?=E7=A9=BA=E6=8C=87=E9=92=88?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/tsg_action.cpp | 4 ++-- src/tsg_entry.cpp | 4 ++-- test/src/gtest_common.cpp | 5 +++++ 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/src/tsg_action.cpp b/src/tsg_action.cpp index 86f266a..e07cd15 100644 --- a/src/tsg_action.cpp +++ b/src/tsg_action.cpp @@ -955,7 +955,7 @@ static unsigned char tsg_do_deny_action(const struct streaminfo *a_stream, struc unsigned char tsg_enforing_deny_application(const struct streaminfo *a_stream, struct maat_rule *p_result, enum TSG_PROTOCOL protocol, int app_id, enum ACTION_RETURN_TYPE type, const void *user_data) { struct app_id_dict *dict=(struct app_id_dict *)matched_rule_cites_app_id_dict(g_tsg_maat_feather, (long long)app_id); - if(dict==NULL) + if(dict==NULL || user_data==NULL) { set_drop_stream(a_stream, protocol); return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPPKT|PROT_STATE_DROPME: APP_STATE_DROPME|APP_STATE_DROPPKT); @@ -998,7 +998,7 @@ unsigned char tsg_enforing_deny(const struct streaminfo *a_stream, struct maat_r } struct maat_compile *maat_compile=(struct maat_compile *)matched_rule_cites_security_compile(g_tsg_maat_feather, p_result->rule_id); - if(maat_compile==NULL || maat_compile->user_region==NULL) + if(maat_compile==NULL || maat_compile->user_region==NULL || user_data==NULL) { set_drop_stream(a_stream, protocol); return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPPKT|PROT_STATE_DROPME: APP_STATE_DROPME|APP_STATE_DROPPKT); diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp index 37bd5e8..b6a0930 100644 --- a/src/tsg_entry.cpp +++ b/src/tsg_entry.cpp @@ -1967,7 +1967,7 @@ int session_app_identify_result_cb(const struct streaminfo *a_stream, int bridge srt_process_context->last_scan_time=tsg_get_current_time_ms(); size_t matched_cnt=session_app_id_and_properties_scan((struct streaminfo *)a_stream, rules, MAX_MATCHED_RULES_NUM, srt_process_context, scan_app, scan_app_num, identify_result->origin, (int)a_stream->threadnum); - srt_process_context->sync_cb_state=session_matched_rules_deal(a_stream, srt_process_context, rules, matched_cnt, NULL); + srt_process_context->sync_cb_state=session_matched_rules_deal(a_stream, srt_process_context, rules, matched_cnt, get_this_layer_header(a_stream)); return 0; } @@ -1994,7 +1994,7 @@ int session_flags_identify_result_cb(const struct streaminfo *a_stream, int brid struct maat_rule rules[MAX_MATCHED_RULES_NUM]={0}; size_t matched_cnt=tsg_scan_session_flags(a_stream, g_tsg_maat_feather, srt_process_context->session_flag, (srt_process_context->mid), rules, MAX_MATCHED_RULES_NUM); - srt_process_context->sync_cb_state=session_matched_rules_deal(a_stream, srt_process_context, rules, matched_cnt, NULL); + srt_process_context->sync_cb_state=session_matched_rules_deal(a_stream, srt_process_context, rules, matched_cnt, get_this_layer_header(a_stream)); return 0; } diff --git a/test/src/gtest_common.cpp b/test/src/gtest_common.cpp index 4c36ade..e2ff953 100644 --- a/test/src/gtest_common.cpp +++ b/test/src/gtest_common.cpp @@ -120,6 +120,11 @@ int MESA_get_stream_opt(const struct streaminfo * pstream, enum MESA_stream_opt return 0; } +const void *get_this_layer_header(const struct streaminfo * pstream) +{ + return NULL; +} + const void *get_rawpkt_from_streaminfo(const struct streaminfo *pstream) { return (void*)1;