From 277fc400892ba57ad5d9eda9f5bcbc6cc6a1b8ca Mon Sep 17 00:00:00 2001 From: "Hong, Yang A" Date: Thu, 20 Oct 2022 08:48:46 +0000 Subject: [PATCH] scratch: add quick validity check fix github issue #350 --- src/runtime.c | 39 +++++++++++++++++--------------------- src/scratch.c | 4 +++- src/scratch.h | 3 ++- src/state.h | 5 ++++- src/stream_compress_impl.h | 3 ++- 5 files changed, 28 insertions(+), 26 deletions(-) diff --git a/src/runtime.c b/src/runtime.c index ab46db1a..3c2d6533 100644 --- a/src/runtime.c +++ b/src/runtime.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2019, Intel Corporation + * Copyright (c) 2015-2022, Intel Corporation * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: @@ -90,7 +90,7 @@ u8 *getHistory(char *state, const struct RoseEngine *t, u64a offset) { * callers. */ static really_inline -char validScratch(const struct RoseEngine *t, const struct hs_scratch *s) { +char validScratch(const struct hs_scratch *s, u32 crc) { if (!ISALIGNED_CL(s)) { DEBUG_PRINTF("bad alignment %p\n", s); return 0; @@ -101,18 +101,12 @@ char validScratch(const struct RoseEngine *t, const struct hs_scratch *s) { return 0; } - if (t->mode == HS_MODE_BLOCK && t->stateOffsets.end > s->bStateSize) { - DEBUG_PRINTF("bad state size\n"); + /* add quick rose sanity checks by db crc*/ + if (s->db_crc != crc) { + DEBUG_PRINTF("Improper scratch for current db\n"); return 0; } - if (t->queueCount > s->queueCount) { - DEBUG_PRINTF("bad queue count\n"); - return 0; - } - - /* TODO: add quick rose sanity checks */ - return 1; } @@ -335,7 +329,7 @@ hs_error_t HS_CDECL hs_scan(const hs_database_t *db, const char *data, return HS_DB_MODE_ERROR; } - if (unlikely(!validScratch(rose, scratch))) { + if (unlikely(!validScratch(scratch, db->crc32))) { return HS_INVALID; } @@ -509,7 +503,7 @@ void maintainHistoryBuffer(const struct RoseEngine *rose, char *state, static really_inline void init_stream(struct hs_stream *s, const struct RoseEngine *rose, - char init_history) { + char init_history, u32 crc) { char *state = getMultiState(s); if (init_history) { @@ -524,6 +518,7 @@ void init_stream(struct hs_stream *s, const struct RoseEngine *rose, s->rose = rose; s->offset = 0; + s->crc32 = crc; setStreamStatus(state, 0); roseInitState(rose, state); @@ -568,7 +563,7 @@ hs_error_t HS_CDECL hs_open_stream(const hs_database_t *db, return HS_NOMEM; } - init_stream(s, rose, 1); + init_stream(s, rose, 1, db->crc32); *stream = s; return HS_SUCCESS; @@ -756,7 +751,7 @@ hs_error_t HS_CDECL hs_reset_and_copy_stream(hs_stream_t *to_id, } if (onEvent) { - if (!scratch || !validScratch(to_id->rose, scratch)) { + if (!scratch || !validScratch(scratch, to_id->crc32)) { return HS_INVALID; } if (unlikely(markScratchInUse(scratch))) { @@ -982,7 +977,7 @@ hs_error_t HS_CDECL hs_scan_stream(hs_stream_t *id, const char *data, hs_scratch_t *scratch, match_event_handler onEvent, void *context) { if (unlikely(!id || !scratch || !data || - !validScratch(id->rose, scratch))) { + !validScratch(scratch, id->crc32))) { return HS_INVALID; } @@ -1004,7 +999,7 @@ hs_error_t HS_CDECL hs_close_stream(hs_stream_t *id, hs_scratch_t *scratch, } if (onEvent) { - if (!scratch || !validScratch(id->rose, scratch)) { + if (!scratch || !validScratch(scratch, id->crc32)) { return HS_INVALID; } if (unlikely(markScratchInUse(scratch))) { @@ -1034,7 +1029,7 @@ hs_error_t HS_CDECL hs_reset_stream(hs_stream_t *id, UNUSED unsigned int flags, } if (onEvent) { - if (!scratch || !validScratch(id->rose, scratch)) { + if (!scratch || !validScratch(scratch, id->crc32)) { return HS_INVALID; } if (unlikely(markScratchInUse(scratch))) { @@ -1049,7 +1044,7 @@ hs_error_t HS_CDECL hs_reset_stream(hs_stream_t *id, UNUSED unsigned int flags, } // history already initialised - init_stream(id, id->rose, 0); + init_stream(id, id->rose, 0, id->crc32); return HS_SUCCESS; } @@ -1128,7 +1123,7 @@ hs_error_t HS_CDECL hs_scan_vector(const hs_database_t *db, return HS_DB_MODE_ERROR; } - if (unlikely(!validScratch(rose, scratch))) { + if (unlikely(!validScratch(scratch, db->crc32))) { return HS_INVALID; } @@ -1138,7 +1133,7 @@ hs_error_t HS_CDECL hs_scan_vector(const hs_database_t *db, hs_stream_t *id = (hs_stream_t *)(scratch->bstate); - init_stream(id, rose, 1); /* open stream */ + init_stream(id, rose, 1, db->crc32); /* open stream */ for (u32 i = 0; i < count; i++) { DEBUG_PRINTF("block %u/%u offset=%llu len=%u\n", i, count, id->offset, @@ -1253,7 +1248,7 @@ hs_error_t HS_CDECL hs_reset_and_expand_stream(hs_stream_t *to_stream, const struct RoseEngine *rose = to_stream->rose; if (onEvent) { - if (!scratch || !validScratch(to_stream->rose, scratch)) { + if (!scratch || !validScratch(scratch, to_stream->crc32)) { return HS_INVALID; } if (unlikely(markScratchInUse(scratch))) { diff --git a/src/scratch.c b/src/scratch.c index 25991e2b..5849380d 100644 --- a/src/scratch.c +++ b/src/scratch.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2019, Intel Corporation + * Copyright (c) 2015-2022, Intel Corporation * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: @@ -373,6 +373,7 @@ hs_error_t HS_CDECL hs_alloc_scratch(const hs_database_t *db, hs_scratch_free((*scratch)->scratch_alloc); } + proto->db_crc = db->crc32; hs_error_t alloc_ret = alloc_scratch(proto, scratch); hs_scratch_free(proto_tmp); /* kill off temp used for sizing */ if (alloc_ret != HS_SUCCESS) { @@ -380,6 +381,7 @@ hs_error_t HS_CDECL hs_alloc_scratch(const hs_database_t *db, return alloc_ret; } } else { + (*scratch)->db_crc = db->crc32; hs_scratch_free(proto_tmp); /* kill off temp used for sizing */ unmarkScratchInUse(*scratch); } diff --git a/src/scratch.h b/src/scratch.h index 1256f7ab..efaa6884 100644 --- a/src/scratch.h +++ b/src/scratch.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2019, Intel Corporation + * Copyright (c) 2015-2022, Intel Corporation * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: @@ -171,6 +171,7 @@ struct match_deduper { */ struct ALIGN_CL_DIRECTIVE hs_scratch { u32 magic; + u32 db_crc; /**< identity of a scratch space, for validity check */ u8 in_use; /**< non-zero when being used by an API call. */ u32 queueCount; u32 activeQueueArraySize; /**< size of active queue array fatbit in bytes */ diff --git a/src/state.h b/src/state.h index 9ade59db..567001ea 100644 --- a/src/state.h +++ b/src/state.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, Intel Corporation + * Copyright (c) 2015-2022, Intel Corporation * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: @@ -57,6 +57,9 @@ struct hs_stream { /** \brief The current stream offset. */ u64a offset; + + /** \brief Identity of hs_stream, for scratch validity check. */ + u32 crc32; }; #define getMultiState(hs_s) ((char *)(hs_s) + sizeof(*(hs_s))) diff --git a/src/stream_compress_impl.h b/src/stream_compress_impl.h index d1ccf5e6..ceea14a6 100644 --- a/src/stream_compress_impl.h +++ b/src/stream_compress_impl.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, Intel Corporation + * Copyright (c) 2017-2022, Intel Corporation * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: @@ -116,6 +116,7 @@ size_t JOIN(sc_, FN_SUFFIX)(const struct RoseEngine *rose, = ((STREAM_QUAL char *)stream) + sizeof(struct hs_stream); COPY_FIELD(stream->offset); + COPY_FIELD(stream->crc32); ASSIGN(stream->rose, rose); COPY(stream_body + ROSE_STATE_OFFSET_STATUS_FLAGS, 1);