New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dcerpc: convert transaction list to vecdeque for UDP #7756
Conversation
Codecov Report
@@ Coverage Diff @@
## master #7756 +/- ##
==========================================
+ Coverage 75.98% 76.08% +0.10%
==========================================
Files 661 661
Lines 185764 185766 +2
==========================================
+ Hits 141152 141340 +188
+ Misses 44612 44426 -186
Flags with carried forward coverage won't be shown. Click here to find out more. |
self.transactions.push(ntx); | ||
otx = self.transactions.last_mut(); | ||
self.transactions.push_back(ntx); | ||
otx = self.transactions.back_mut(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From what I understand, Deque
because of it's structure, is good to be used in cases that require pushing and popping from the front. That's what I saw in one of Jason's commit messages as well. However, all I see are too many push_back
calls in the code and just one pop_front
call (in dns
).
So, I'm interested in learning why using Deque
helps in all the other protos where it exists (including dcerpc
) in terms of efficiency.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
VecDeque is good for use when pushing in the back and popping from the front (first in first out)
I think the implementation kind of transforms remove(0)
into pop_front
that is why we do not see pop_front
This is especially used by AppLayerParserTransactionsCleanup
which uses get_tx_iterator
Is it clearer ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the implementation kind of transforms
remove(0)
intopop_front
that is why we do not seepop_front
I see. Could you please point to the part of code where this is happening?
This is especially used by
AppLayerParserTransactionsCleanup
which usesget_tx_iterator
Is it clearer ?
Not really. Tried to see this part and it was too magical FFI, I suppose. But, I do get the concept. Thank you. :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the implementation kind of transforms
remove(0)
intopop_front
that is why we do not seepop_front
I see. Could you please point to the part of code where this is happening?
Line 104 :
suricata/rust/src/dcerpc/dcerpc_udp.rs
Line 104 in 86ee4d7
self.transactions.remove(index); |
self.transactions.remove(index);
WARNING:
Pipeline 8725 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
Merged in #7839, thanks! |
Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/5518
Describe changes: