diff --git a/rust/Cargo.lock.in b/rust/Cargo.lock.in index a52fca5254d8..bc0a4b75e198 100644 --- a/rust/Cargo.lock.in +++ b/rust/Cargo.lock.in @@ -90,7 +90,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "726535892e8eae7e70657b4c8ea93d26b8553afb1ce617caee529ef96d7dee6c" dependencies = [ "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "syn 1.0.109", "synstructure", ] @@ -102,7 +102,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2777730b2039ac0f95f093556e61b6d26cebed5393ca6f152717777cec3a42ed" dependencies = [ "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "syn 1.0.109", ] @@ -129,9 +129,9 @@ dependencies = [ [[package]] name = "bitflags" -version = "1.2.1" +version = "2.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" +checksum = "487f1e0fcbe47deb8b0574e646def1c903389d95241dd1bbcc6ce4a715dfc0c1" [[package]] name = "block-buffer" @@ -248,7 +248,7 @@ version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c73af209b6a5dc8ca7cbaba720732304792cddc933cfea3d74509c2b1ef2f436" dependencies = [ - "num-bigint 0.4.3", + "num-bigint 0.4.4", "num-traits 0.2.16", "syn 1.0.109", ] @@ -274,7 +274,7 @@ dependencies = [ "asn1-rs", "displaydoc", "nom", - "num-bigint 0.4.3", + "num-bigint 0.4.4", "num-traits 0.2.16", "rusticata-macros", ] @@ -297,8 +297,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2 1.0.66", - "quote 1.0.32", - "syn 2.0.28", + "quote 1.0.33", + "syn 2.0.29", ] [[package]] @@ -326,16 +326,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "aa4da3c766cd7a0db8242e326e9e4e081edd567072893ed320008189715366a4" dependencies = [ "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "syn 1.0.109", "synstructure", ] [[package]] name = "flate2" -version = "1.0.26" +version = "1.0.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b9429470923de8e8cbd4d2dc513535400b4b3fef0319fb5c4e1f520a7bef743" +checksum = "c6c98ee8095e9d1dcbf2fcc6d95acccb90d1c81db1e44725c6a984b1dbdfb010" dependencies = [ "crc32fast", "miniz_oxide", @@ -503,7 +503,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cd0b9a93a84b0d3ec3e70e02d332dc33ac6dfac9cde63e17fcb77172dededa62" dependencies = [ "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "syn 1.0.109", ] @@ -544,9 +544,9 @@ dependencies = [ [[package]] name = "num-bigint" -version = "0.4.3" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f" +checksum = "608e7659b5c3d7cba262d894801b9ec9d00de989e8a82bd4bef91d08da45cdc0" dependencies = [ "autocfg", "num-integer", @@ -642,7 +642,7 @@ checksum = "dcbff9bc912032c62bf65ef1d5aea88983b420f4f839db1e9b0c281a25c9c799" dependencies = [ "proc-macro-crate", "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "syn 1.0.109", ] @@ -765,9 +765,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.32" +version = "1.0.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50f3b39ccfb720540debaa0164757101c08ecb8d326b15358ce76a62c7e85965" +checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" dependencies = [ "proc-macro2 1.0.66", ] @@ -860,7 +860,7 @@ checksum = "49a585d3c22887d23bb06dd602b8ce96c2a716e1fa89beec8bfb49e466f2d643" dependencies = [ "proc-macro-crate", "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "syn 1.0.109", ] @@ -878,9 +878,23 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.179" +version = "1.0.188" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf9e0fcba69a370eed61bcf2b728575f726b50b55cba78064753d708ddc7549e" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.188" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a5bf42b8d227d4abf38a1ddb08602e229108a517cd4e5bb28f9c7eaafdce5c0" +checksum = "4eca7ac642d82aa35b60049a6eccb4be6be75e599bd2e9adb5f875a737654af2" +dependencies = [ + "proc-macro2 1.0.66", + "quote 1.0.33", + "syn 2.0.29", +] [[package]] name = "sha1" @@ -906,9 +920,9 @@ dependencies = [ [[package]] name = "siphasher" -version = "0.3.10" +version = "0.3.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7bd3e3206899af3f8b12af284fafc038cc1dc2b41d1b89dd17297221c5d225de" +checksum = "38b58827f4464d87d377d175e90bf58eb00fd8716ff0a62f80356b5e61555d0d" [[package]] name = "snmp-parser" @@ -980,7 +994,7 @@ version = "7.0.1-dev" dependencies = [ "proc-macro-crate", "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "syn 1.0.109", ] @@ -1002,18 +1016,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" dependencies = [ "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "unicode-ident", ] [[package]] name = "syn" -version = "2.0.28" +version = "2.0.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "04361975b3f5e348b2189d8dc55bc942f278b2d482a6a0365de5bdd62d351567" +checksum = "c324c494eba9d92503e6f1ef2e6df781e78f6a7705a0202d9801b198807d518a" dependencies = [ "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "unicode-ident", ] @@ -1024,7 +1038,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f36bdaa60a83aca3921b5259d5400cbf5e90fc51931376a9bd4a0eb79aa7210f" dependencies = [ "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "syn 1.0.109", "unicode-xid 0.2.4", ] @@ -1037,29 +1051,29 @@ checksum = "956044ef122917dde830c19dec5f76d0670329fde4104836d62ebcb14f4865f1" dependencies = [ "cfg-if", "proc-macro2 1.0.66", - "quote 1.0.32", + "quote 1.0.33", "syn 1.0.109", "version_check", ] [[package]] name = "thiserror" -version = "1.0.44" +version = "1.0.47" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "611040a08a0439f8248d1990b111c95baa9c704c805fa1f62104b39655fd7f90" +checksum = "97a802ec30afc17eee47b2855fc72e0c4cd62be9b4efe6591edde0ec5bd68d8f" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.44" +version = "1.0.47" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "090198534930841fab3a5d1bb637cde49e339654e606195f8d9c76eeb081dc96" +checksum = "6bb623b56e39ab7dcd4b1b98bb6c8f8d907ed255b18de254088016b27a8ee19b" dependencies = [ "proc-macro2 1.0.66", - "quote 1.0.32", - "syn 2.0.28", + "quote 1.0.33", + "syn 2.0.29", ] [[package]] @@ -1163,9 +1177,9 @@ checksum = "c168940144dd21fd8046987c16a46a33d5fc84eec29ef9dcddc2ac9e31526b7c" [[package]] name = "x509-parser" -version = "0.15.0" +version = "0.15.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bab0c2f54ae1d92f4fcb99c0b7ccf0b1e3451cbd395e5f115ccbdbcb18d4f634" +checksum = "7069fba5b66b9193bd2c5d3d4ff12b839118f6bcbef5328efafafb5395cf63da" dependencies = [ "asn1-rs", "data-encoding", diff --git a/rust/Cargo.toml.in b/rust/Cargo.toml.in index 303994aac491..ea710e104d2f 100644 --- a/rust/Cargo.toml.in +++ b/rust/Cargo.toml.in @@ -23,7 +23,7 @@ debug-validate = [] [dependencies] nom7 = { version="7.0", package="nom" } -bitflags = "~1.2.1" +bitflags = "~2.4.0" byteorder = "~1.4.2" uuid = "~0.8.2" crc = "~1.8.1" diff --git a/rust/src/applayer.rs b/rust/src/applayer.rs index 33fa83a92d00..255fa1593c2b 100644 --- a/rust/src/applayer.rs +++ b/rust/src/applayer.rs @@ -44,7 +44,7 @@ impl StreamSlice { #[cfg(test)] pub fn from_slice(slice: &[u8], flags: u8, offset: u64) -> Self { Self { - input: slice.as_ptr() as *const u8, + input: slice.as_ptr(), input_len: slice.len() as u32, flags, offset diff --git a/rust/src/dcerpc/dcerpc.rs b/rust/src/dcerpc/dcerpc.rs index 759d5c26343a..f1e5ce744f36 100644 --- a/rust/src/dcerpc/dcerpc.rs +++ b/rust/src/dcerpc/dcerpc.rs @@ -38,54 +38,12 @@ pub const DCERPC_UUID_ENTRY_FLAG_FF: u16 = 0x0001; pub const PFC_FIRST_FRAG: u8 = 0x01; // Value to indicate last fragment pub const PFC_LAST_FRAG: u8 = 0x02; -// Cancel was pending at sender -pub const PFC_PENDING_CANCEL: u8 = 0x04; -pub const PFC_RESERVED_1: u8 = 0x08; -// supports concurrent multiplexing of a single connection. -pub const PFC_CONC_MPX: u8 = 0x10; -// only meaningful on `fault' packet; if true, guaranteed -// call did not execute. -pub const PFC_DID_NOT_EXECUTE: u8 = 0x20; -// `maybe' call semantics requested -pub const PFC_MAYBE: u8 = 0x40; -// if true, a non-nil object UUID was specified in the handle, and -// is present in the optional object field. If false, the object field -// is omitted. -pub const PFC_OBJECT_UUID: u8 = 0x80; // Flag bits in first flag field in connectionless PDU header. -pub const PFCL1_RESERVED_01: u8 = 0x01; // Reserved for use by implementations pub const PFCL1_LASTFRAG: u8 = 0x02; // If set, the PDU is the last fragment // of a multi-PDU transmission pub const PFCL1_FRAG: u8 = 0x04; // If set, the PDU is a fragment // of a multi-PDU transmission -pub const PFCL1_NOFACK: u8 = 0x08; // If set, the receiver is not requested - // to send a `fack' PDU for the fragment -pub const PFCL1_MAYBE: u8 = 0x10; // If set, the PDU is for a `maybe' request -pub const PFCL1_IDEMPOTENT: u8 = 0x20; // If set, the PDU is for - // an idempotent request -pub const PFCL1_BROADCAST: u8 = 0x40; // If set, the PDU is for - // a broadcast request -pub const PFCL1_RESERVED_80: u8 = 0x80; // Reserved for use by implementations - -// Flag bits in second flag field in connectionless PDU header. -pub const PFCL2_RESERVED_01: u8 = 0x01; // Reserved for use by implementations -pub const PFCL2_CANCEL_PENDING: u8 = 0x02; // Cancel pending at the call end -pub const PFCL2_RESERVED_04: u8 = 0x04; // Reserved for future use -pub const PFCL2_RESERVED_08: u8 = 0x08; // Reserved for future use -pub const PFCL2_RESERVED_10: u8 = 0x10; // Reserved for future use -pub const PFCL2_RESERVED_20: u8 = 0x20; // Reserved for future use -pub const PFCL2_RESERVED_40: u8 = 0x40; // Reserved for future use -pub const PFCL2_RESERVED_80: u8 = 0x80; // Reserved for future use - -pub const REASON_NOT_SPECIFIED: u8 = 0; -pub const TEMPORARY_CONGESTION: u8 = 1; -pub const LOCAL_LIMIT_EXCEEDED: u8 = 2; -pub const CALLED_PADDR_UNKNOWN: u8 = 3; /* not used */ -pub const PROTOCOL_VERSION_NOT_SUPPORTED: u8 = 4; -pub const DEFAULT_CONTEXT_NOT_SUPPORTED: u8 = 5; /* not used */ -pub const USER_DATA_NOT_READABLE: u8 = 6; /* not used */ -pub const NO_PSAP_AVAILABLE: u8 = 7; /* not used */ // DCERPC Header packet types pub const DCERPC_TYPE_REQUEST: u8 = 0; diff --git a/rust/src/detect/byte_math.rs b/rust/src/detect/byte_math.rs index 0cc60e52bfd7..80bd3d5ee178 100644 --- a/rust/src/detect/byte_math.rs +++ b/rust/src/detect/byte_math.rs @@ -432,7 +432,7 @@ pub unsafe extern "C" fn ScByteMathParse(c_arg: *const c_char) -> *mut DetectByt } }; match parse_bytemath(arg) { - Ok((_, detect)) => return Box::into_raw(Box::new(detect)) as *mut DetectByteMathData, + Ok((_, detect)) => return Box::into_raw(Box::new(detect)), Err(_) => return std::ptr::null_mut(), } } @@ -440,7 +440,7 @@ pub unsafe extern "C" fn ScByteMathParse(c_arg: *const c_char) -> *mut DetectByt #[no_mangle] pub unsafe extern "C" fn ScByteMathFree(ptr: *mut DetectByteMathData) { if !ptr.is_null() { - let _ = Box::from_raw(ptr as *mut DetectByteMathData); + let _ = Box::from_raw(ptr); } } diff --git a/rust/src/detect/iprep.rs b/rust/src/detect/iprep.rs index 4018ea97a45e..a2042325ec26 100644 --- a/rust/src/detect/iprep.rs +++ b/rust/src/detect/iprep.rs @@ -84,7 +84,7 @@ pub fn detect_parse_iprep(i: &str) -> IResult<&str, DetectIPRepData> { let (i, name) = take_while(is_alphanumeric_or_slash)(i)?; // copy as to have final zero let namez = CString::new(name).unwrap(); - let cat = unsafe { SRepCatGetByShortname(namez.as_ptr() as *const i8) }; + let cat = unsafe { SRepCatGetByShortname(namez.as_ptr()) }; if cat == 0 { return Err(Err::Error(make_error(i, ErrorKind::MapOpt))); } diff --git a/rust/src/ffi/base64.rs b/rust/src/ffi/base64.rs index 0019a6ff2b6f..ea72a344c393 100644 --- a/rust/src/ffi/base64.rs +++ b/rust/src/ffi/base64.rs @@ -46,7 +46,7 @@ pub unsafe extern "C" fn Base64Encode( if encoded.len() + 1 > *output_len as usize { return Base64ReturnCode::SC_BASE64_OVERFLOW; } - let output = std::slice::from_raw_parts_mut(&mut *(output as *mut u8), *output_len as usize); + let output = std::slice::from_raw_parts_mut(&mut *output, *output_len as usize); output[0..encoded.len()].copy_from_slice(encoded.as_bytes()); output[encoded.len()] = 0; *output_len = encoded.len() as c_ulong; diff --git a/rust/src/pgsql/parser.rs b/rust/src/pgsql/parser.rs index bb1a9ea09e35..ae07d5d5a078 100644 --- a/rust/src/pgsql/parser.rs +++ b/rust/src/pgsql/parser.rs @@ -593,7 +593,7 @@ pub fn pgsql_parse_startup_packet(i: &[u8]) -> IResult<&[u8], PgsqlFEMessage> { let (i, b) = take(len - PGSQL_LENGTH_FIELD)(i)?; let (_, message) = match proto_major { - 1 | 2 | 3 => { + 1..=3 => { let (b, proto_major) = be_u16(b)?; let (b, proto_minor) = be_u16(b)?; let (b, params) = pgsql_parse_startup_parameters(b)?; diff --git a/rust/src/rdp/parser.rs b/rust/src/rdp/parser.rs index 604d10a19c4d..8148dd97549c 100644 --- a/rust/src/rdp/parser.rs +++ b/rust/src/rdp/parser.rs @@ -139,7 +139,7 @@ pub struct NegotiationRequest { // rdp-spec, section 2.2.1.1.1 bitflags! { - #[derive(Default)] + #[derive(Default, PartialEq, Eq, Clone, Debug)] pub struct NegotiationRequestFlags: u8 { const RESTRICTED_ADMIN_MODE_REQUIRED = 0x1; const REDIRECTED_AUTHENTICATION_MODE_REQUIRED = 0x2; @@ -159,8 +159,10 @@ pub enum Protocol { // rdp-spec, section 2.2.1.1.1 bitflags! { + #[derive(Clone, PartialEq, Eq, Debug)] pub struct ProtocolFlags: u32 { - const PROTOCOL_RDP = Protocol::ProtocolRdp as u32; + //Protocol::ProtocolRdp is 0 as always supported + //and bitflags crate does not like zero-bit flags const PROTOCOL_SSL = Protocol::ProtocolSsl as u32; const PROTOCOL_HYBRID = Protocol::ProtocolHybrid as u32; const PROTOCOL_RDSTLS = Protocol::ProtocolRdsTls as u32; @@ -196,7 +198,7 @@ pub struct NegotiationResponse { // rdp-spec, section 2.2.1.2.1 bitflags! { - #[derive(Default)] + #[derive(Default, Clone, PartialEq, Eq, Debug)] pub struct NegotiationResponseFlags: u8 { const EXTENDED_CLIENT_DATA_SUPPORTED = 0x1; const DYNVC_GFX_PROTOCOL_SUPPORTED = 0x2; @@ -366,7 +368,7 @@ pub enum HighColorDepth { // rdp-spec, section 2.2.1.3.2 Client Core Data bitflags! { - #[derive(Default)] + #[derive(Default, Clone, PartialEq, Eq, Debug)] pub struct SupportedColorDepth: u16 { const RNS_UD_24_BPP_SUPPORT = 0x1; const RNS_UD_16_BPP_SUPPORT = 0x2; @@ -377,7 +379,7 @@ bitflags! { // rdp-spec, section 2.2.1.3.2 Client Core Data bitflags! { - #[derive(Default)] + #[derive(Default, Clone, PartialEq, Eq, Debug)] pub struct EarlyCapabilityFlags: u16 { const RNS_UD_CS_SUPPORT_ERRINFO_PDF = 0x1; const RNS_UD_CS_WANT_32BPP_SESSION = 0x2; @@ -1089,7 +1091,7 @@ mod tests_negotiate_49350 { cookie: None, negotiation_request: Some(NegotiationRequest { flags: NegotiationRequestFlags::empty(), - protocols: ProtocolFlags::PROTOCOL_RDP, + protocols: ProtocolFlags::from_bits_retain(Protocol::ProtocolRdp as u32), }), data: Vec::new(), }), @@ -1179,7 +1181,7 @@ mod tests_core_49350 { ), client_dig_product_id: Some(String::from("")), connection_hint: Some(ConnectionHint::ConnectionHintNotProvided), - server_selected_protocol: Some(ProtocolFlags::PROTOCOL_RDP), + server_selected_protocol: Some(ProtocolFlags::from_bits_retain(Protocol::ProtocolRdp as u32)), desktop_physical_width: None, desktop_physical_height: None, desktop_orientation: None, diff --git a/rust/src/smb/smb2_records.rs b/rust/src/smb/smb2_records.rs index 4a7721cdaa0a..7de9e6607dda 100644 --- a/rust/src/smb/smb2_records.rs +++ b/rust/src/smb/smb2_records.rs @@ -32,11 +32,6 @@ pub struct Smb2SecBlobRecord<'a> { pub data: &'a [u8], } -pub fn parse_smb2_sec_blob(i: &[u8]) -> IResult<&[u8], Smb2SecBlobRecord> { - let (i, data) = rest(i)?; - Ok((i, Smb2SecBlobRecord { data })) -} - #[derive(Debug, PartialEq, Eq)] pub struct Smb2RecordDir { pub request: bool, diff --git a/src/output-json.c b/src/output-json.c index d19bc3da1545..5d4255cd2897 100644 --- a/src/output-json.c +++ b/src/output-json.c @@ -638,18 +638,6 @@ static bool CalculateCommunityFlowIdv4(const Flow *f, return false; } -static inline bool FlowHashRawAddressIPv6LtU32(const uint32_t *a, const uint32_t *b) -{ - for (int i = 0; i < 4; i++) { - if (a[i] < b[i]) - return true; - if (a[i] > b[i]) - break; - } - - return false; -} - static bool CalculateCommunityFlowIdv6(const Flow *f, const uint16_t seed, unsigned char *base64buf) { @@ -673,9 +661,8 @@ static bool CalculateCommunityFlowIdv6(const Flow *f, dp = htons(dp); ipv6.seed = htons(seed); - if (FlowHashRawAddressIPv6LtU32(f->src.addr_data32, f->dst.addr_data32) || - ((memcmp(&f->src, &f->dst, sizeof(f->src)) == 0) && sp < dp)) - { + int cmp_r = memcmp(&f->src, &f->dst, sizeof(f->src)); + if ((cmp_r < 0) || (cmp_r == 0 && sp < dp)) { memcpy(&ipv6.src, &f->src.addr_data32, 16); memcpy(&ipv6.dst, &f->dst.addr_data32, 16); ipv6.sp = sp; diff --git a/src/reputation.c b/src/reputation.c index b9f2186d0100..75f3ba0c3fa4 100644 --- a/src/reputation.c +++ b/src/reputation.c @@ -282,7 +282,8 @@ static int SRepSplitLine(SRepCIDRTree *cidr_ctx, char *line, Address *ip, uint8_ char *origline = line; while (i < (int)line_len) { - if (line[i] == ',' || line[i] == '\n' || line[i] == '\0' || i == (int)(line_len - 1)) { + if (line[i] == ',' || line[i] == '\n' || line[i] == '\r' || line[i] == '\0' || + i == (int)(line_len - 1)) { line[i] = '\0'; ptrs[idx] = line;