TSG-13303,TSG-13304: 发送默认安全策略日志时访问空指针导致应用重启
This commit is contained in:
liuxueli
@@ -104,6 +104,7 @@ struct session_attribute_label
|
|||||||
struct umts_user_info *user_info;
|
struct umts_user_info *user_info;
|
||||||
struct tunnel_endpoint *client_endpoint;
|
struct tunnel_endpoint *client_endpoint;
|
||||||
struct tunnel_endpoint *server_endpoint;
|
struct tunnel_endpoint *server_endpoint;
|
||||||
|
unsigned long session_flags;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct policy_priority_label
|
struct policy_priority_label
|
||||||
|
|||||||
@@ -577,21 +577,12 @@ static unsigned char do_action_reset(const struct streaminfo *a_stream, Maat_rul
|
|||||||
|
|
||||||
static unsigned char do_action_drop(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, tsg_protocol_t protocol, const void *a_packet)
|
static unsigned char do_action_drop(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, tsg_protocol_t protocol, const void *a_packet)
|
||||||
{
|
{
|
||||||
if(user_region!=NULL && user_region->deny!=NULL)
|
|
||||||
{
|
|
||||||
send_icmp_unreachable(a_stream);
|
|
||||||
}
|
|
||||||
|
|
||||||
switch(protocol)
|
switch(protocol)
|
||||||
{
|
{
|
||||||
case PROTO_DNS:
|
case PROTO_DNS:
|
||||||
return STATE_GIVEME|STATE_DROPPKT;
|
return STATE_GIVEME|STATE_DROPPKT;
|
||||||
default:
|
default:
|
||||||
set_drop_stream(a_stream, protocol);
|
set_drop_stream(a_stream, protocol);
|
||||||
if(g_tsg_para.deploy_mode==DEPLOY_MODE_MIRROR)
|
|
||||||
{
|
|
||||||
return do_action_reset(a_stream, p_result, protocol);
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -870,7 +861,16 @@ static unsigned char tsg_do_deny_action(const struct streaminfo *a_stream, struc
|
|||||||
{
|
{
|
||||||
set_protocol_to_tcpall(a_stream, protocol, a_stream->threadnum);
|
set_protocol_to_tcpall(a_stream, protocol, a_stream->threadnum);
|
||||||
set_method_to_tcpall(a_stream, user_region->method_type, a_stream->threadnum);
|
set_method_to_tcpall(a_stream, user_region->method_type, a_stream->threadnum);
|
||||||
set_after_n_packet_to_tcpall(a_stream, user_region->deny->after_n_packets, a_stream->threadnum);
|
|
||||||
|
if(a_stream->type==STREAM_TYPE_UDP && type!=ACTION_RETURN_TYPE_PROT)
|
||||||
|
{
|
||||||
|
set_after_n_packet_to_tcpall(a_stream, user_region->deny->after_n_packets+1, a_stream->threadnum);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
set_after_n_packet_to_tcpall(a_stream, user_region->deny->after_n_packets, a_stream->threadnum);
|
||||||
|
}
|
||||||
|
|
||||||
tsg_set_policy_result(a_stream, PULL_FW_RESULT, p_result, protocol, a_stream->threadnum);
|
tsg_set_policy_result(a_stream, PULL_FW_RESULT, p_result, protocol, a_stream->threadnum);
|
||||||
local_state=((type==ACTION_RETURN_TYPE_PROT) ? (STATE_DROPME) : (STATE_DROPME|STATE_KILL_OTHER));
|
local_state=((type==ACTION_RETURN_TYPE_PROT) ? (STATE_DROPME) : (STATE_DROPME|STATE_KILL_OTHER));
|
||||||
break;
|
break;
|
||||||
|
|||||||
@@ -505,23 +505,27 @@ static int get_default_para(const struct streaminfo *a_stream, int compile_id)
|
|||||||
|
|
||||||
static int get_default_policy(int compile_id, struct Maat_rule_t *result)
|
static int get_default_policy(int compile_id, struct Maat_rule_t *result)
|
||||||
{
|
{
|
||||||
|
int ret=0;
|
||||||
struct Maat_rule_t p_result={0};
|
struct Maat_rule_t p_result={0};
|
||||||
struct compile_user_region *user_region=NULL;
|
struct compile_user_region *user_region=NULL;
|
||||||
|
|
||||||
p_result.config_id=compile_id;
|
p_result.config_id=compile_id;
|
||||||
user_region=(struct compile_user_region *)Maat_rule_get_ex_data(g_tsg_maat_feather, &p_result, g_tsg_para.table_id[TABLE_SECURITY_COMPILE]);
|
user_region=(struct compile_user_region *)Maat_rule_get_ex_data(g_tsg_maat_feather, &p_result, g_tsg_para.table_id[TABLE_SECURITY_COMPILE]);
|
||||||
if(user_region!=NULL && user_region->method_type==TSG_METHOD_TYPE_DEFAULT)
|
if(user_region!=NULL)
|
||||||
{
|
{
|
||||||
if(user_region->session_para!=NULL && user_region->session_para->result.action==TSG_ACTION_DENY)
|
if(user_region->method_type==TSG_METHOD_TYPE_DEFAULT)
|
||||||
{
|
{
|
||||||
memcpy(result, &(user_region->session_para->result), sizeof(struct Maat_rule_t));
|
if(user_region->session_para!=NULL && user_region->session_para->result.action==TSG_ACTION_DENY)
|
||||||
}
|
{
|
||||||
|
memcpy(result, &(user_region->session_para->result), sizeof(struct Maat_rule_t));
|
||||||
|
}
|
||||||
|
|
||||||
|
ret=1;
|
||||||
|
}
|
||||||
security_compile_free(g_tsg_para.table_id[TABLE_SECURITY_COMPILE], &p_result, NULL, (MAAT_RULE_EX_DATA *)&user_region, 0, NULL);
|
security_compile_free(g_tsg_para.table_id[TABLE_SECURITY_COMPILE], &p_result, NULL, (MAAT_RULE_EX_DATA *)&user_region, 0, NULL);
|
||||||
return 1;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int get_packet_sequence(const struct streaminfo *a_stream)
|
static int get_packet_sequence(const struct streaminfo *a_stream)
|
||||||
@@ -686,9 +690,6 @@ static int master_send_log(const struct streaminfo *a_stream, struct Maat_rule_t
|
|||||||
TLD_append(TLD_handle, schema_field_name, (void *)g_tsg_proto_name2id[PROTO_APP].name, TLD_TYPE_STRING);
|
TLD_append(TLD_handle, schema_field_name, (void *)g_tsg_proto_name2id[PROTO_APP].name, TLD_TYPE_STRING);
|
||||||
}
|
}
|
||||||
|
|
||||||
char *flags_field_name=log_field_id2name(g_tsg_log_instance, LOG_COMMON_FLAGS);
|
|
||||||
TLD_append(TLD_handle, flags_field_name, (void *)context->session_flag, TLD_TYPE_LONG);
|
|
||||||
|
|
||||||
if(context!=NULL && context->hited_app_id>0)
|
if(context!=NULL && context->hited_app_id>0)
|
||||||
{
|
{
|
||||||
char app_label_name[512]={0};
|
char app_label_name[512]={0};
|
||||||
@@ -1375,6 +1376,9 @@ void set_session_attribute_label(const struct streaminfo *a_stream, enum TSG_ATT
|
|||||||
memcpy(attribute_label->fqdn_category_id, value, sizeof(unsigned int)*value_len);
|
memcpy(attribute_label->fqdn_category_id, value, sizeof(unsigned int)*value_len);
|
||||||
attribute_label->fqdn_category_id_num=value_len;
|
attribute_label->fqdn_category_id_num=value_len;
|
||||||
break;
|
break;
|
||||||
|
case TSG_ATTRIBUTE_TYPE_SESSION_FLAGS:
|
||||||
|
attribute_label->session_flags=*(unsigned long *)(value);
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -1382,7 +1386,7 @@ void set_session_attribute_label(const struct streaminfo *a_stream, enum TSG_ATT
|
|||||||
return ;
|
return ;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int set_tcp_establish_latency_ms(const struct streaminfo *a_tcp, int thread_seq,const void *ip_hdr)
|
static char set_tcp_establish_latency_ms(const struct streaminfo *a_tcp, int thread_seq,const void *ip_hdr)
|
||||||
{
|
{
|
||||||
struct tcphdr *tcp=NULL;
|
struct tcphdr *tcp=NULL;
|
||||||
|
|
||||||
@@ -1973,7 +1977,6 @@ static int app_identify_result_cb(const struct streaminfo *a_stream, int bridge_
|
|||||||
}
|
}
|
||||||
|
|
||||||
context->sync_cb_state=master_deal_scan_result(a_stream, context, scan_result, hit_num, NULL);
|
context->sync_cb_state=master_deal_scan_result(a_stream, context, scan_result, hit_num, NULL);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1995,11 +1998,13 @@ static int session_flags_identify_result_cb(const struct streaminfo *a_stream, i
|
|||||||
}
|
}
|
||||||
|
|
||||||
context->session_flag=*(unsigned long *)(data);
|
context->session_flag=*(unsigned long *)(data);
|
||||||
|
set_session_attribute_label(a_stream, TSG_ATTRIBUTE_TYPE_SESSION_FLAGS, data, sizeof(unsigned long), a_stream->threadnum);
|
||||||
|
|
||||||
int hit_num=tsg_scan_session_flags(g_tsg_maat_feather, a_stream, scan_result, MAX_RESULT_NUM, &context->mid, g_tsg_para.table_id[TABLE_SESSION_FLAGS], context->session_flag, a_stream->threadnum);
|
int hit_num=tsg_scan_session_flags(g_tsg_maat_feather, a_stream, scan_result, MAX_RESULT_NUM, &context->mid, g_tsg_para.table_id[TABLE_SESSION_FLAGS], context->session_flag, a_stream->threadnum);
|
||||||
|
|
||||||
context->sync_cb_state=master_deal_scan_result(a_stream, context, scan_result, hit_num, NULL);
|
context->sync_cb_state=master_deal_scan_result(a_stream, context, scan_result, hit_num, NULL);
|
||||||
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2109,21 +2114,6 @@ static unsigned char tsg_master_data_entry(const struct streaminfo *a_stream, vo
|
|||||||
context->deal_pkt_num++;
|
context->deal_pkt_num++;
|
||||||
break;
|
break;
|
||||||
case OP_STATE_DATA:
|
case OP_STATE_DATA:
|
||||||
if(context->sync_cb_state&APP_STATE_KILL_OTHER || context->sync_cb_state&APP_STATE_DROPPKT)
|
|
||||||
{
|
|
||||||
if(a_stream->type==STREAM_TYPE_TCP) //tcpall
|
|
||||||
{
|
|
||||||
state=context->sync_cb_state|APP_STATE_DROPME;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(a_stream->type==STREAM_TYPE_UDP) // allow, Deny(after drop N packets)
|
|
||||||
{
|
|
||||||
state=context->sync_cb_state&(~(APP_STATE_DROPME));
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if(context->is_app_link==FLAG_FALSE && (context->deal_pkt_num++) == (g_tsg_para.identify_app_max_pkt_num+1))
|
if(context->is_app_link==FLAG_FALSE && (context->deal_pkt_num++) == (g_tsg_para.identify_app_max_pkt_num+1))
|
||||||
{
|
{
|
||||||
unknown_result.app_id_num=1;
|
unknown_result.app_id_num=1;
|
||||||
@@ -2140,6 +2130,13 @@ static unsigned char tsg_master_data_entry(const struct streaminfo *a_stream, vo
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(context->sync_cb_state&APP_STATE_KILL_OTHER || context->sync_cb_state&APP_STATE_DROPPKT)
|
||||||
|
{
|
||||||
|
//tcpall, udp -> allow, Deny(after drop N packets)
|
||||||
|
state=context->sync_cb_state|APP_STATE_DROPME;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
if(get_current_time_ms()-context->last_scan_time < (g_tsg_para.scan_time_interval*1000))
|
if(get_current_time_ms()-context->last_scan_time < (g_tsg_para.scan_time_interval*1000))
|
||||||
{
|
{
|
||||||
break;
|
break;
|
||||||
@@ -2211,12 +2208,12 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
|
|||||||
struct Maat_rule_t result[MAX_RESULT_NUM]={0};
|
struct Maat_rule_t result[MAX_RESULT_NUM]={0};
|
||||||
struct tcpall_context *all_context=(struct tcpall_context *)(*pme);
|
struct tcpall_context *all_context=(struct tcpall_context *)(*pme);
|
||||||
|
|
||||||
if(stream_state==OP_STATE_PENDING && all_context->method_type!=TSG_METHOD_TYPE_ALLOW)
|
if(stream_state==OP_STATE_PENDING && all_context->method_type!=TSG_METHOD_TYPE_ALLOW && !(all_context->udp_data_dropme))
|
||||||
{
|
{
|
||||||
if(all_context->method_type==TSG_METHOD_TYPE_UNKNOWN)
|
if(all_context->method_type==TSG_METHOD_TYPE_UNKNOWN)
|
||||||
{
|
{
|
||||||
all_context->method_type=TSG_METHOD_TYPE_DEFAULT;
|
all_context->method_type=TSG_METHOD_TYPE_DEFAULT;
|
||||||
all_context->after_n_packets=get_default_para(a_stream, g_tsg_para.default_compile_id);
|
all_context->default_policy_after_n_packets=get_default_para(a_stream, g_tsg_para.default_compile_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
hit_num=tsg_scan_nesting_addr(g_tsg_maat_feather, a_stream, PROTO_UNKONWN, &scan_mid, result, MAX_RESULT_NUM);
|
hit_num=tsg_scan_nesting_addr(g_tsg_maat_feather, a_stream, PROTO_UNKONWN, &scan_mid, result, MAX_RESULT_NUM);
|
||||||
@@ -2262,7 +2259,7 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case TSG_METHOD_TYPE_DEFAULT:
|
case TSG_METHOD_TYPE_DEFAULT:
|
||||||
if(!is_do_default_policy(a_stream, all_context->after_n_packets) || stream_state==OP_STATE_CLOSE)
|
if(!is_do_default_policy(a_stream, all_context->default_policy_after_n_packets) || stream_state==OP_STATE_CLOSE)
|
||||||
{
|
{
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -2275,16 +2272,28 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
|
|||||||
break;
|
break;
|
||||||
case TSG_METHOD_TYPE_DROP:
|
case TSG_METHOD_TYPE_DROP:
|
||||||
case TSG_METHOD_TYPE_APP_DROP:
|
case TSG_METHOD_TYPE_APP_DROP:
|
||||||
if((all_context->hited_para.after_n_packets-- > 0) || stream_state==OP_STATE_CLOSE)
|
// contain hited current packet, platform calls tcp first and tcpall secondary.
|
||||||
|
if(((all_context->hited_para.after_n_packets >= 0) && a_stream->type==STREAM_TYPE_TCP) ||
|
||||||
|
((all_context->hited_para.after_n_packets > 0) && a_stream->type==STREAM_TYPE_UDP)
|
||||||
|
|| stream_state==OP_STATE_CLOSE)
|
||||||
{
|
{
|
||||||
|
all_context->hited_para.after_n_packets--;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret=tsg_pull_policy_result((struct streaminfo *)a_stream,PULL_FW_RESULT, &result[0], 1, &tmp_identify_info);
|
ret=tsg_pull_policy_result((struct streaminfo *)a_stream,PULL_FW_RESULT, &result[0], 1, &tmp_identify_info);
|
||||||
if(ret>0)
|
if(ret<=0)
|
||||||
|
{
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(all_context->hited_para.hited_app_id<=0)
|
||||||
|
{
|
||||||
|
state=tsg_deal_deny_action(a_stream, &result[0], all_context->protocol, ACTION_RETURN_TYPE_TCPALL, a_packet);
|
||||||
|
}
|
||||||
|
else
|
||||||
{
|
{
|
||||||
state=tsg_deny_application(a_stream, &result[0], all_context->protocol, all_context->hited_para.hited_app_id, ACTION_RETURN_TYPE_TCPALL, a_packet);
|
state=tsg_deny_application(a_stream, &result[0], all_context->protocol, all_context->hited_para.hited_app_id, ACTION_RETURN_TYPE_TCPALL, a_packet);
|
||||||
//master_send_log(a_stream, &result[0], 1, data_context, thread_seq);
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
@@ -2324,9 +2333,19 @@ extern "C" unsigned char TSG_MASTER_UDP_ENTRY(const struct streaminfo *a_udp, vo
|
|||||||
set_struct_project(a_udp, g_tsg_para.tcpall_project_id, (void *)(context->all_entry));
|
set_struct_project(a_udp, g_tsg_para.tcpall_project_id, (void *)(context->all_entry));
|
||||||
}
|
}
|
||||||
|
|
||||||
state2=tsg_master_data_entry(a_udp, (void **)&(context->data_entry), thread_seq, a_packet);
|
if(context->all_entry->udp_data_dropme==0)
|
||||||
if(!(state2&APP_STATE_DROPME))
|
|
||||||
{
|
{
|
||||||
|
state2=tsg_master_data_entry(a_udp, (void **)&(context->data_entry), thread_seq, a_packet);
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!(state2&APP_STATE_DROPME) || context->all_entry->hited_para.after_n_packets>0)
|
||||||
|
{
|
||||||
|
if(state2&APP_STATE_DROPME)
|
||||||
|
{
|
||||||
|
context->all_entry->udp_data_dropme=1;
|
||||||
|
state2=state2&(~(APP_STATE_DROPME));
|
||||||
|
}
|
||||||
|
|
||||||
state1=tsg_master_all_entry(a_udp, a_udp->opstate, (void **)&(context->all_entry), thread_seq, a_packet);
|
state1=tsg_master_all_entry(a_udp, a_udp->opstate, (void **)&(context->all_entry), thread_seq, a_packet);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -168,6 +168,7 @@ enum TSG_ATTRIBUTE_TYPE
|
|||||||
TSG_ATTRIBUTE_TYPE_SUBSCRIBER_ID,
|
TSG_ATTRIBUTE_TYPE_SUBSCRIBER_ID,
|
||||||
TSG_ATTRIBUTE_TYPE_HTTP_ACTION_FILESIZE,
|
TSG_ATTRIBUTE_TYPE_HTTP_ACTION_FILESIZE,
|
||||||
TSG_ATTRIBUTE_TYPE_CATEGORY_ID,
|
TSG_ATTRIBUTE_TYPE_CATEGORY_ID,
|
||||||
|
TSG_ATTRIBUTE_TYPE_SESSION_FLAGS,
|
||||||
_MAX_TSG_ATTRIBUTE_TYPE
|
_MAX_TSG_ATTRIBUTE_TYPE
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -284,14 +285,16 @@ struct master_context
|
|||||||
|
|
||||||
struct tcpall_context
|
struct tcpall_context
|
||||||
{
|
{
|
||||||
int set_latency_flag;
|
char udp_data_dropme;
|
||||||
|
char set_latency_flag;
|
||||||
|
char padding[6];
|
||||||
enum TSG_METHOD_TYPE method_type;
|
enum TSG_METHOD_TYPE method_type;
|
||||||
tsg_protocol_t protocol;
|
tsg_protocol_t protocol;
|
||||||
union
|
union
|
||||||
{
|
{
|
||||||
struct leaky_bucket *bucket;
|
struct leaky_bucket *bucket;
|
||||||
long tamper_count;
|
long tamper_count;
|
||||||
int after_n_packets;
|
int default_policy_after_n_packets;
|
||||||
struct hited_app_para hited_para;
|
struct hited_app_para hited_para;
|
||||||
void *para;
|
void *para;
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -1698,6 +1698,11 @@ int set_session_attributes(struct tsg_log_instance_t *_instance, struct TLD_hand
|
|||||||
TLD_append(_handle, _instance->id2field[LOG_COMMON_TUNNELS_ENDPOINT_B_DESC].name, (void *)attribute_label->server_endpoint->description, TLD_TYPE_STRING);
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_TUNNELS_ENDPOINT_B_DESC].name, (void *)attribute_label->server_endpoint->description, TLD_TYPE_STRING);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(attribute_label->session_flags>0 && !(TLD_search(_handle, _instance->id2field[LOG_COMMON_FLAGS].name)))
|
||||||
|
{
|
||||||
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_FLAGS].name, (void *)attribute_label->session_flags, TLD_TYPE_LONG);
|
||||||
|
}
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user