diff -ru snort-orig/doc/snort_manual.tex snort-new/doc/snort_manual.tex --- snort-orig/doc/snort_manual.tex 2013-12-31 10:31:21.000000000 -0800 +++ snort-new/doc/snort_manual.tex 2014-01-30 18:07:36.000000000 -0800 @@ -19285,7 +19285,7 @@ Patches to Snort should be sent to the \verb!snort-devel () lists sourceforge net! mailing list. Patches should done with the command -\verb!diff -nu snort-orig snort-new!. +\verb!diff -ru snort-orig snort-new!. \section{Snort Data Flow} diff -ru snort-orig/src/active.h snort-new/src/active.h --- snort-orig/src/active.h 2013-12-31 08:07:53.000000000 -0800 +++ snort-new/src/active.h 2014-01-30 18:07:36.000000000 -0800 @@ -104,7 +104,7 @@ return ( active_suspend != 0 ); } -static tActiveDrop Active_GetDisposition (void) +static inline tActiveDrop Active_GetDisposition (void) { return active_drop_pkt; } diff -ru snort-orig/src/dynamic-preprocessors/dnp3/dnp3_roptions.c snort-new/src/dynamic-preprocessors/dnp3/dnp3_roptions.c --- snort-orig/src/dynamic-preprocessors/dnp3/dnp3_roptions.c 2013-12-31 08:07:54.000000000 -0800 +++ snort-new/src/dynamic-preprocessors/dnp3/dnp3_roptions.c 2014-01-30 18:07:36.000000000 -0800 @@ -145,7 +145,7 @@ int DNP3ObjInit(struct _SnortConfig *sc, char *name, char *params, void **data) { - char *endptr, *token, *saveptr; + char *endptr, *token, *saveptr = NULL; dnp3_option_data_t *dnp3_data; unsigned int obj_group, obj_var; @@ -199,7 +199,7 @@ int DNP3IndInit(struct _SnortConfig *sc, char *name, char *params, void **data) { dnp3_option_data_t *dnp3_data; - char *token, *saveptr; + char *token, *saveptr = NULL; uint16_t flags = 0; if (name == NULL || data == NULL) diff -ru snort-orig/src/dynamic-preprocessors/ssh/spp_ssh.c snort-new/src/dynamic-preprocessors/ssh/spp_ssh.c --- snort-orig/src/dynamic-preprocessors/ssh/spp_ssh.c 2013-12-31 08:07:54.000000000 -0800 +++ snort-new/src/dynamic-preprocessors/ssh/spp_ssh.c 2014-01-30 18:07:36.000000000 -0800 @@ -1092,7 +1092,7 @@ { SSH2Packet* ssh2packetp = NULL; unsigned int payload_size = packetp->payload_size; - const char *payload = packetp->payload; + const uint8_t *payload = packetp->payload; unsigned int ssh_length = 0; if (payload_size < sizeof(SSH2Packet) || (payload_size < (offset + sizeof(SSH2Packet))) @@ -1276,7 +1276,7 @@ { SSH2Packet* ssh2packetp = NULL; unsigned int payload_size = packetp->payload_size; - const char *payload = packetp->payload; + const uint8_t *payload = packetp->payload; unsigned int ssh_length; bool next_packet = true; unsigned int npacket_offset = 0; diff -ru snort-orig/src/file-process/file_capture.c snort-new/src/file-process/file_capture.c --- snort-orig/src/file-process/file_capture.c 2013-12-31 08:07:54.000000000 -0800 +++ snort-new/src/file-process/file_capture.c 2014-01-30 18:07:36.000000000 -0800 @@ -52,7 +52,7 @@ * This is used for debug purpose */ -#ifdef DEBUG +#ifdef DEBUG_MSGS #include "file_sha256.h" static void verify_file_capture_info(FileContext* context, FileCaptureInfo *fileInfo) diff -ru snort-orig/src/fpdetect.c snort-new/src/fpdetect.c --- snort-orig/src/fpdetect.c 2013-12-31 08:07:53.000000000 -0800 +++ snort-new/src/fpdetect.c 2014-01-30 18:07:36.000000000 -0800 @@ -1076,11 +1076,11 @@ { void * so; int start_state; - const uint8_t *tmp_payload; - uint16_t tmp_dsize; - void *tmp_iph; - void *tmp_ip6h; - void *tmp_ip4h; + const uint8_t *tmp_payload = NULL; + uint16_t tmp_dsize = 0; + void *tmp_iph = NULL; + void *tmp_ip6h = NULL; + void *tmp_ip4h = NULL; char repeat = 0; FastPatternConfig *fp = snort_conf->fast_pattern_config; PROFILE_VARS; diff -ru snort-orig/src/parser.c snort-new/src/parser.c --- snort-orig/src/parser.c 2013-12-31 08:07:53.000000000 -0800 +++ snort-new/src/parser.c 2014-01-30 18:07:36.000000000 -0800 @@ -10640,7 +10640,7 @@ priority = SnortStrtoul(args, &endptr, 0); if ((errno == ERANGE) || (*endptr != '\0')) { - ParseError("Invalid argument to 'gid' rule option: %s. " + ParseError("Invalid argument to 'priority' rule option: %s. " "Must be a positive integer.", args); } diff -ru snort-orig/src/preprocessors/perf-base.c snort-new/src/preprocessors/perf-base.c --- snort-orig/src/preprocessors/perf-base.c 2013-12-31 08:07:54.000000000 -0800 +++ snort-new/src/preprocessors/perf-base.c 2014-01-30 18:07:36.000000000 -0800 @@ -1421,11 +1421,16 @@ if (wrote != 1) { - WarningMessage("%s: Failed to write stats\n", __FUNCTION__); + WarningMessage("%s: Failed to write stats (%d)\n", __FUNCTION__, errno); // fseek to adjust offset; ftruncate doesn't do that for us. - fseek(fh, start, SEEK_SET); - ftruncate(fileno(fh), start); + int ret = fseek(fh, start, SEEK_SET); + if (ret == -1) + ErrorMessage("%s: Failed to rewind stats (%d)\n", __FUNCTION__, errno); + + ret = ftruncate(fileno(fh), start); + if (ret == -1) + ErrorMessage("%s: Failed to truncate stats (%d)\n", __FUNCTION__, errno); } fflush(fh); diff -ru snort-orig/src/preprocessors/Stream5/snort_stream5_ip.c snort-new/src/preprocessors/Stream5/snort_stream5_ip.c --- snort-orig/src/preprocessors/Stream5/snort_stream5_ip.c 2013-12-31 08:07:55.000000000 -0800 +++ snort-new/src/preprocessors/Stream5/snort_stream5_ip.c 2014-01-30 18:07:36.000000000 -0800 @@ -151,6 +151,8 @@ // ip ha stuff //------------------------------------------------------------------------- +#ifdef ENABLE_HA + static Stream5LWSession *GetLWIpSession (const SessionKey *key) { return GetLWSessionFromKey(ip_lws_cache, key); @@ -175,8 +177,6 @@ return 0; } -#ifdef ENABLE_HA - static HA_Api ha_ip_api = { /*.get_lws = */ GetLWIpSession, diff -ru snort-orig/src/preprocessors/Stream5/snort_stream5_tcp.c snort-new/src/preprocessors/Stream5/snort_stream5_tcp.c --- snort-orig/src/preprocessors/Stream5/snort_stream5_tcp.c 2013-12-31 08:07:55.000000000 -0800 +++ snort-new/src/preprocessors/Stream5/snort_stream5_tcp.c 2014-01-30 18:07:36.000000000 -0800 @@ -977,6 +977,8 @@ //------------------------------------------------------------------------- // tcp ha stuff +#ifdef ENABLE_HA + static Stream5LWSession *Stream5TCPCreateSession(const SessionKey *key) { setRuntimePolicy(getDefaultPolicy()); @@ -1008,6 +1010,8 @@ return 0; } +#endif + Stream5LWSession *GetLWTcpSession(const SessionKey *key) { return GetLWSessionFromKey(tcp_lws_cache, key); @@ -1533,7 +1537,7 @@ if (errno == ERANGE) { errno = 0; - FatalError("%s(%d) => Invalid Max Queued Bytes. Integer parameter required.\n", + FatalError("%s(%d) => Invalid Max Queued Segments. Integer parameter required.\n", file_name, file_line); } s5TcpPolicy->max_queued_segs = (uint32_t)long_val; @@ -1541,7 +1545,7 @@ if (!stoks[1] || (endPtr == &stoks[1][0])) { - FatalError("%s(%d) => Invalid Max Queued Bytes. Integer parameter required.\n", + FatalError("%s(%d) => Invalid Max Queued Segments. Integer parameter required.\n", file_name, file_line); } @@ -1549,7 +1553,7 @@ (long_val < S5_MIN_MAX_QUEUED_SEGS)) && (long_val != 0)) { - FatalError("%s(%d) => Invalid Max Queued Bytes." + FatalError("%s(%d) => Invalid Max Queued Segments." " Must be 0 (disabled) or between %d and %d\n", file_name, file_line, S5_MIN_MAX_QUEUED_SEGS, S5_MAX_MAX_QUEUED_SEGS); diff -ru snort-orig/src/preprocessors/Stream5/snort_stream5_udp.c snort-new/src/preprocessors/Stream5/snort_stream5_udp.c --- snort-orig/src/preprocessors/Stream5/snort_stream5_udp.c 2013-12-31 08:07:55.000000000 -0800 +++ snort-new/src/preprocessors/Stream5/snort_stream5_udp.c 2014-01-30 18:07:36.000000000 -0800 @@ -94,6 +94,8 @@ // TBD there may be some refactoring possible once tcp, icmp, and udp // are complete +#ifdef ENABLE_HA + static Stream5LWSession *Stream5UDPCreateSession(const SessionKey *key) { setRuntimePolicy(getDefaultPolicy()); @@ -111,8 +113,6 @@ return 0; } -#ifdef ENABLE_HA - static HA_Api ha_udp_api = { /*.get_lws = */ GetLWUdpSession, @@ -342,14 +342,18 @@ #ifdef DEBUG_STREAM5 static void PrintUdpSession(UdpSession *us) { + char buf[64]; + LogMessage("UdpSession:\n"); LogMessage(" ssn_time: %lu\n", us->ssn_time.tv_sec); - LogMessage(" sender IP: 0x%08X\n", us->udp_sender_ip); - LogMessage(" responder IP: 0x%08X\n", us->udp_responder_ip); + sfip_ntop(&us->udp_sender_ip, buf, sizeof(buf)); + LogMessage(" sender IP: %s\n", buf); + sfip_ntop(&us->udp_responder_ip, buf, sizeof(buf)); + LogMessage(" responder IP: %s\n", buf); LogMessage(" sender port: %d\n", us->udp_sender_port); - LogMessage(" responder port: %d\n", us->udp_responder_port); + LogMessage(" responder port: %d\n", us->udp_responder_port); - LogMessage(" flags: 0x%X\n", us->lwSsn->session_flags); + LogMessage(" flags: 0x%X\n", us->lwSsn->ha_state.session_flags); } #endif diff -ru snort-orig/src/preprocessors/Stream5/stream5_paf.c snort-new/src/preprocessors/Stream5/stream5_paf.c --- snort-orig/src/preprocessors/Stream5/stream5_paf.c 2013-12-31 08:07:55.000000000 -0800 +++ snort-new/src/preprocessors/Stream5/stream5_paf.c 2014-01-30 18:07:36.000000000 -0800 @@ -148,7 +148,7 @@ PAF_State* ps, void* ssn, const uint8_t* data, uint32_t len, uint32_t flags) { - PAF_Status paf; + PAF_Status paf = PAF_ABORT; uint8_t mask = ps->cb_mask; bool update = false; int i = 0; diff -ru snort-orig/src/profiler.h snort-new/src/profiler.h --- snort-orig/src/profiler.h 2013-12-31 08:07:54.000000000 -0800 +++ snort-new/src/profiler.h 2014-01-30 18:07:36.000000000 -0800 @@ -55,7 +55,7 @@ #define PROFILING_RULES ScProfileRules() #endif -#define NODE_PROFILE_VARS uint64_t node_ticks_start, node_ticks_end, node_ticks_delta, node_deltas = 0 +#define NODE_PROFILE_VARS uint64_t node_ticks_start = 0, node_ticks_end = 0, node_ticks_delta = 0, node_deltas = 0 #define NODE_PROFILE_START(node) \ if (PROFILING_RULES) { \ diff -ru snort-orig/src/target-based/Makefile.am snort-new/src/target-based/Makefile.am --- snort-orig/src/target-based/Makefile.am 2012-09-20 17:09:14.000000000 -0700 +++ snort-new/src/target-based/Makefile.am 2014-01-30 18:07:36.000000000 -0800 @@ -29,14 +29,11 @@ libtarget_based_a_SOURCES = sftarget_reader.c endif -.y.c: - $(YACC) -d -psfat_ -o$@ $? - -#### Ugly to get the header file built. -#### any other suggestions? -sf_attribute_table.h: sf_attribute_table.y - $(YACC) -d -psfat_ $? - mv y.tab.h $@ +#### This builds both the .c source file and the .h header file. +#%.c %.h: %.y +# $(YACC) -d -psfat_ -o$*.c $? +sf_attribute_table.c sf_attribute_table.h: sf_attribute_table.y + $(YACC) -d -psfat_ -osf_attribute_table.c $? .l.c: $(LEX) -i -o$@ $? diff -ru snort-orig/src/target-based/Makefile.in snort-new/src/target-based/Makefile.in --- snort-orig/src/target-based/Makefile.in 2013-12-31 10:30:46.000000000 -0800 +++ snort-new/src/target-based/Makefile.in 2014-01-30 18:07:36.000000000 -0800 @@ -622,14 +622,11 @@ tags tags-am uninstall uninstall-am -.y.c: - $(YACC) -d -psfat_ -o$@ $? - -#### Ugly to get the header file built. -#### any other suggestions? -sf_attribute_table.h: sf_attribute_table.y - $(YACC) -d -psfat_ $? - mv y.tab.h $@ +#### This builds both the .c source file and the .h header file. +#%.c %.h: %.y +# $(YACC) -d -psfat_ -o$*.c $? +sf_attribute_table.c sf_attribute_table.h: sf_attribute_table.y + $(YACC) -d -psfat_ -osf_attribute_table.c $? .l.c: $(LEX) -i -o$@ $? diff -ru snort-orig/src/util.c snort-new/src/util.c --- snort-orig/src/util.c 2013-12-31 08:07:54.000000000 -0800 +++ snort-new/src/util.c 2014-01-30 18:07:36.000000000 -0800 @@ -1542,9 +1542,10 @@ /* redirect stdin/stdout/stderr to /dev/null */ (void)open("/dev/null", O_RDWR); /* stdin, fd 0 */ #endif + int fd_ignored; - dup(0); /* stdout, fd 0 => fd 1 */ - dup(0); /* stderr, fd 0 => fd 2 */ + fd_ignored = dup(0); /* stdout, fd 0 => fd 1 */ + fd_ignored = dup(0); /* stderr, fd 0 => fd 2 */ SignalWaitingParent(); #endif /* ! WIN32 */