mirror of
https://github.com/BlackLight/Snort_AIPreproc.git
synced 2024-11-27 22:25:12 +01:00
Fixed a stupid memory error in outdb.c
This commit is contained in:
parent
30fe188bb8
commit
fec0bbea96
5 changed files with 19 additions and 26 deletions
|
@ -211,13 +211,11 @@ __AI_correlated_alerts_to_json ()
|
||||||
encoded_pkt = NULL;
|
encoded_pkt = NULL;
|
||||||
pkt_len = pkt_iterator->pkt->pcap_header->len + pkt_iterator->pkt->payload_size;
|
pkt_len = pkt_iterator->pkt->pcap_header->len + pkt_iterator->pkt->payload_size;
|
||||||
|
|
||||||
if ( !( encoded_pkt = (char*) malloc ( 4*pkt_len + 1 )))
|
if ( !( encoded_pkt = (char*) calloc ( 4*pkt_len + 1, sizeof ( char ))))
|
||||||
{
|
{
|
||||||
AI_fatal_err ( "Fatal dynamic memory allocation", __FILE__, __LINE__ );
|
AI_fatal_err ( "Fatal dynamic memory allocation", __FILE__, __LINE__ );
|
||||||
}
|
}
|
||||||
|
|
||||||
memset ( encoded_pkt, 0, 4*pkt_len + 1 );
|
|
||||||
|
|
||||||
base64_encode (
|
base64_encode (
|
||||||
(const char*) pkt_iterator->pkt->pkt_data,
|
(const char*) pkt_iterator->pkt->pkt_data,
|
||||||
pkt_len,
|
pkt_len,
|
||||||
|
|
3
neural.c
3
neural.c
|
@ -290,6 +290,7 @@ AI_alert_neural_som_correlation ( const AI_snort_alert *a, const AI_snort_alert
|
||||||
t1.src_port = ntohs ( a->tcp_src_port );
|
t1.src_port = ntohs ( a->tcp_src_port );
|
||||||
t1.dst_port = ntohs ( a->tcp_dst_port );
|
t1.dst_port = ntohs ( a->tcp_dst_port );
|
||||||
t1.timestamp = a->timestamp;
|
t1.timestamp = a->timestamp;
|
||||||
|
t1.desc = a->desc;
|
||||||
|
|
||||||
t2.gid = b->gid;
|
t2.gid = b->gid;
|
||||||
t2.sid = b->sid;
|
t2.sid = b->sid;
|
||||||
|
@ -299,6 +300,8 @@ AI_alert_neural_som_correlation ( const AI_snort_alert *a, const AI_snort_alert
|
||||||
t2.src_port = ntohs ( b->tcp_src_port );
|
t2.src_port = ntohs ( b->tcp_src_port );
|
||||||
t2.dst_port = ntohs ( b->tcp_dst_port );
|
t2.dst_port = ntohs ( b->tcp_dst_port );
|
||||||
t2.timestamp = b->timestamp;
|
t2.timestamp = b->timestamp;
|
||||||
|
t2.desc = b->desc;
|
||||||
|
|
||||||
return __AI_som_alert_distance ( t1, t2 );
|
return __AI_som_alert_distance ( t1, t2 );
|
||||||
} /* ----- end of function AI_alert_neural_som_correlation ----- */
|
} /* ----- end of function AI_alert_neural_som_correlation ----- */
|
||||||
|
|
||||||
|
|
|
@ -104,8 +104,9 @@ __AI_neural_clusters_to_xml ( kmeans_t *km, AI_alerts_per_neuron *alerts_per_neu
|
||||||
inet_ntop ( AF_INET, &src_addr, src_ip, INET_ADDRSTRLEN );
|
inet_ntop ( AF_INET, &src_addr, src_ip, INET_ADDRSTRLEN );
|
||||||
inet_ntop ( AF_INET, &dst_addr, dst_ip, INET_ADDRSTRLEN );
|
inet_ntop ( AF_INET, &dst_addr, dst_ip, INET_ADDRSTRLEN );
|
||||||
|
|
||||||
fprintf ( fp, "\t\t<alert gid=\"%d\" sid=\"%d\" rev=\"%d\" src_ip=\"%s\" src_port=\"%d\" "
|
fprintf ( fp, "\t\t<alert desc=\"%s\" gid=\"%d\" sid=\"%d\" rev=\"%d\" src_ip=\"%s\" src_port=\"%d\" "
|
||||||
"dst_ip=\"%s\" dst_port=\"%d\" timestamp=\"%lu\" xcoord=\"%d\" ycoord=\"%d\"/>\n",
|
"dst_ip=\"%s\" dst_port=\"%d\" timestamp=\"%lu\" xcoord=\"%d\" ycoord=\"%d\"/>\n",
|
||||||
|
alert_iterator->alerts[k].desc,
|
||||||
alert_iterator->alerts[k].gid,
|
alert_iterator->alerts[k].gid,
|
||||||
alert_iterator->alerts[k].sid,
|
alert_iterator->alerts[k].sid,
|
||||||
alert_iterator->alerts[k].rev,
|
alert_iterator->alerts[k].rev,
|
||||||
|
|
24
outdb.c
24
outdb.c
|
@ -287,6 +287,7 @@ AI_store_alert_to_db_thread ( void *arg )
|
||||||
void*
|
void*
|
||||||
AI_store_cluster_to_db_thread ( void *arg )
|
AI_store_cluster_to_db_thread ( void *arg )
|
||||||
{
|
{
|
||||||
|
int i;
|
||||||
unsigned long cluster1 = 0,
|
unsigned long cluster1 = 0,
|
||||||
cluster2 = 0,
|
cluster2 = 0,
|
||||||
latest_cluster_id = 0;
|
latest_cluster_id = 0;
|
||||||
|
@ -342,35 +343,24 @@ AI_store_cluster_to_db_thread ( void *arg )
|
||||||
return (void*) 0;
|
return (void*) 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( !( row = (DB_row) DB_fetch_row ( res )))
|
new_cluster = true;
|
||||||
{
|
|
||||||
pthread_mutex_unlock ( &outdb_mutex );
|
|
||||||
pthread_exit ((void*) 0);
|
|
||||||
return (void*) 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* If no cluster exists containing at least of them, create it */
|
for ( i=0; (row = (DB_row) DB_fetch_row ( res )); i++ )
|
||||||
|
{
|
||||||
new_cluster = false;
|
new_cluster = false;
|
||||||
|
|
||||||
if ( !row[0] && !row[1] )
|
if ( i == 0 )
|
||||||
{
|
|
||||||
new_cluster = true;
|
|
||||||
} else {
|
|
||||||
if ( row[0] )
|
|
||||||
{
|
{
|
||||||
cluster1 = strtoul ( row[0], NULL, 10 );
|
cluster1 = strtoul ( row[0], NULL, 10 );
|
||||||
|
} else if ( i == 1 ) {
|
||||||
|
cluster2 = strtoul ( row[0], NULL, 10 );
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( row[1] )
|
|
||||||
{
|
|
||||||
cluster2 = strtoul ( row[1], NULL, 10 );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( cluster1 == 0 && cluster2 == 0 )
|
if ( cluster1 == 0 && cluster2 == 0 )
|
||||||
{
|
{
|
||||||
new_cluster = true;
|
new_cluster = true;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
DB_free_result ( res );
|
DB_free_result ( res );
|
||||||
|
|
||||||
|
|
1
spp_ai.h
1
spp_ai.h
|
@ -474,6 +474,7 @@ typedef struct {
|
||||||
uint16_t src_port;
|
uint16_t src_port;
|
||||||
uint16_t dst_port;
|
uint16_t dst_port;
|
||||||
time_t timestamp;
|
time_t timestamp;
|
||||||
|
char* desc;
|
||||||
} AI_som_alert_tuple;
|
} AI_som_alert_tuple;
|
||||||
/*****************************************************************/
|
/*****************************************************************/
|
||||||
/** Key for the AI_alerts_per_neuron hash table */
|
/** Key for the AI_alerts_per_neuron hash table */
|
||||||
|
|
Loading…
Reference in a new issue