Applayer plugin 5053 v3.4

src/app-layer-detect-proto.c

@@ -159,7 +159,10 @@ typedef struct AppLayerProtoDetectCtx_ {
     /* Indicates the protocols that have registered themselves
      * for protocol detection.  This table is independent of the
      * ipproto. */
-    const char *alproto_names[ALPROTO_MAX];
+    const char **alproto_names;
+
+    /* Protocol expectations, like ftp-data on tcp */
+    uint8_t *expectation_proto;
 } AppLayerProtoDetectCtx;
 
 typedef struct AppLayerProtoDetectAliases_ {
@@ -1718,6 +1721,15 @@ int AppLayerProtoDetectSetup(void)
         }
     }
 
+    alpd_ctx.alproto_names = SCCalloc(ALPROTO_MAX, sizeof(char *));
+    if (unlikely(alpd_ctx.alproto_names == NULL)) {
+        FatalError("Unable to alloc alproto_names.");
+    }
+    // to realloc when dynamic protos are added
+    alpd_ctx.expectation_proto = SCCalloc(ALPROTO_MAX, sizeof(uint8_t));
+    if (unlikely(alpd_ctx.expectation_proto == NULL)) {
+        FatalError("Unable to alloc expectation_proto.");
+    }
     AppLayerExpectationSetup();
 
     SCReturnInt(0);
@@ -1749,6 +1761,11 @@ int AppLayerProtoDetectDeSetup(void)
         }
     }
 
+    SCFree(alpd_ctx.alproto_names);
+    alpd_ctx.alproto_names = NULL;
+    SCFree(alpd_ctx.expectation_proto);
+    alpd_ctx.expectation_proto = NULL;
+
     SpmDestroyGlobalThreadCtx(alpd_ctx.spm_global_thread_ctx);
 
     AppLayerProtoDetectFreeAliases();
@@ -1762,6 +1779,7 @@ void AppLayerProtoDetectRegisterProtocol(AppProto alproto, const char *alproto_n
 {
     SCEnter();
 
+    // should have just been realloced when dynamic protos is added
     if (alpd_ctx.alproto_names[alproto] == NULL)
         alpd_ctx.alproto_names[alproto] = alproto_name;
 
@@ -2111,27 +2129,25 @@ void AppLayerProtoDetectSupportedAppProtocols(AppProto *alprotos)
     SCReturn;
 }
 
-uint8_t expectation_proto[ALPROTO_MAX];
-
 static void AppLayerProtoDetectPEGetIpprotos(AppProto alproto,
                                              uint8_t *ipprotos)
 {
-    if (expectation_proto[alproto] == IPPROTO_TCP) {
+    if (alpd_ctx.expectation_proto[alproto] == IPPROTO_TCP) {
         ipprotos[IPPROTO_TCP / 8] |= 1 << (IPPROTO_TCP % 8);
     }
-    if (expectation_proto[alproto] == IPPROTO_UDP) {
+    if (alpd_ctx.expectation_proto[alproto] == IPPROTO_UDP) {
         ipprotos[IPPROTO_UDP / 8] |= 1 << (IPPROTO_UDP % 8);
     }
 }
 
 void AppLayerRegisterExpectationProto(uint8_t proto, AppProto alproto)
 {
-    if (expectation_proto[alproto]) {
-        if (proto != expectation_proto[alproto]) {
+    if (alpd_ctx.expectation_proto[alproto]) {
+        if (proto != alpd_ctx.expectation_proto[alproto]) {
             SCLogError("Expectation on 2 IP protocols are not supported");
         }
     }
-    expectation_proto[alproto] = proto;
+    alpd_ctx.expectation_proto[alproto] = proto;
 }
 
 /***** Unittests *****/

src/app-layer-frames.c

@@ -33,15 +33,24 @@
 struct FrameConfig {
     SC_ATOMIC_DECLARE(uint64_t, types);
 };
-static struct FrameConfig frame_config[ALPROTO_MAX];
+static struct FrameConfig *frame_config;
 
 void FrameConfigInit(void)
 {
+    frame_config = SCCalloc(ALPROTO_MAX, sizeof(struct FrameConfig));
+    if (unlikely(frame_config == NULL)) {
+        FatalError("Unable to alloc frame_config.");
+    }
     for (AppProto p = 0; p < ALPROTO_MAX; p++) {
         SC_ATOMIC_INIT(frame_config[p].types);
     }
 }
 
+void FrameConfigDeInit(void)
+{
+    SCFree(frame_config);
+}
+
 void FrameConfigEnableAll(void)
 {
     const uint64_t bits = UINT64_MAX;

src/app-layer-frames.h

@@ -106,6 +106,7 @@ FramesContainer *AppLayerFramesGetContainer(Flow *f);
 FramesContainer *AppLayerFramesSetupContainer(Flow *f);
 
 void FrameConfigInit(void);
+void FrameConfigDeInit(void);
 void FrameConfigEnableAll(void);
 void FrameConfigEnable(const AppProto p, const uint8_t type);