detect: add util funcs to get first and last sigmatch for buffer

diff --git a/src/detect-engine.c b/src/detect-engine.c
index 93c94f7918b0f49fea48fbff516d0a539b776131..5913400eafea53c54a6bcfb097d74e34daf78054 100644 (file)
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@@ -1290,6 +1290,33 @@ bool DetectEngineBufferRunValidateCallback(
     return true;
 }
 
+SigMatch *DetectBufferGetFirstSigMatch(const Signature *s, const uint32_t buf_id)
+{
+    const uint32_t nlists = s->init_data->smlists_array_size;
+    if (buf_id < nlists) {
+        return s->init_data->smlists[buf_id];
+    }
+    return NULL;
+}
+
+SigMatch *DetectBufferGetLastSigMatch(const Signature *s, const uint32_t buf_id)
+{
+    const uint32_t nlists = s->init_data->smlists_array_size;
+    if (buf_id < nlists) {
+        return s->init_data->smlists_tail[buf_id];
+    }
+    return NULL;
+}
+
+bool DetectBufferIsPresent(const Signature *s, const uint32_t buf_id)
+{
+    const uint32_t nlists = s->init_data->smlists_array_size;
+    if (buf_id < nlists) {
+        return s->init_data->smlists_tail[buf_id] != NULL;
+    }
+    return false;
+}
+
 int DetectBufferSetActiveList(Signature *s, const int list)
 {
     BUG_ON(s->init_data == NULL);

diff --git a/src/detect-engine.h b/src/detect-engine.h
index 2980f0dac6c9afaf646ff7616f74043510952b57..7a790db74921a9f5281642e4a24a8b9789b6d048 100644 (file)
--- a/src/detect-engine.h
+++ b/src/detect-engine.h
@@ -186,6 +186,9 @@ int DetectEngineMustParseMetadata(void);
 
 int WARN_UNUSED DetectBufferSetActiveList(Signature *s, const int list);
 int DetectBufferGetActiveList(DetectEngineCtx *de_ctx, Signature *s);
+SigMatch *DetectBufferGetFirstSigMatch(const Signature *s, const uint32_t buf_id);
+SigMatch *DetectBufferGetLastSigMatch(const Signature *s, const uint32_t buf_id);
+bool DetectBufferIsPresent(const Signature *s, const uint32_t buf_id);
 
 DetectEngineThreadCtx *DetectEngineThreadCtxInitForReload(
         ThreadVars *tv, DetectEngineCtx *new_de_ctx, int mt);