Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

detect/transforms: write directly in inspect buffer #12125

Merged
merged 1 commit into from
Nov 25, 2024
Merged

detect/transforms: write directly in inspect buffer #12125

merged 1 commit into from
Nov 25, 2024

Conversation

catenacyber
Copy link
Contributor

Link to ticket: https://redmine.openinfosecfoundation.org/issues/
https://redmine.openinfosecfoundation.org/issues/7306

Describe changes:

No cherry-pick, but reusing logic in C instead of rust ;-)

#12100 with review taken into account : more function docs and better cast

@catenacyber
detect/transforms: write directly in inspect buffer
f80ebd5 
instead of writing to a temporary buffer and then copying,
to save the cost of copying.

Ticket: 7229

Not a cherry-pick as we do not put the transforms in rust,
but just do this optimization in C
@catenacyber catenacyber mentioned this pull request Nov 18, 2024
Closed
@codecov Codecov
Copy link

codecov bot commented Nov 18, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 78.26087% with 10 lines in your changes missing coverage. Please review.

Project coverage is 83.18%. Comparing base (c3aa3ae) to head (f80ebd5).
Report is 2 commits behind head on main-7.0.x.

Additional details and impacted files 
@@              Coverage Diff               @@
##           main-7.0.x   #12125      +/-   ##
==============================================
- Coverage       83.27%   83.18%   -0.10%     
==============================================
  Files             922      922              
  Lines          260794   260821      +27     
==============================================
- Hits           217177   216955     -222     
- Misses          43617    43866     +249
Flag Coverage Δ
fuzzcorpus 64.15% <52.17%> (-0.23%) ⬇️
suricata-verify 63.32% <78.26%> (+<0.01%) ⬆️
unittests 62.38% <45.65%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

---- 🚨 Try these New Features:

@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 23400

victorjulien
victorjulien reviewed Nov 18, 2024
View reviewed changes
src/detect-engine.c
* The inspect buffer may have been overallocated (by strip_whitespace for example)
* so, this sets the final length
*/
void InspectionBufferTruncate(InspectionBuffer *buffer, uint32_t buf_len)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wonder if we can have a better name here. In my concept of truncation, we reduce the data. Here we just set the correct length, right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The length is always decreased even if we do not realloc the buffer to regain some memory space...

What name do you propose ? (also this name is already in master)

This was referenced Nov 23, 2024
Closed
Merged
@victorjulien victorjulien merged commit f80ebd5 into OISF:main-7.0.x Nov 25, 2024
87 of 88 checks passed
@victorjulien
Copy link
Member

Merged in #12146, thanks!

@catenacyber catenacyber mentioned this pull request Nov 26, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien victorjulien approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@catenacyber @suricata-qa @victorjulien