static int FlowBitsTestSig01(void)
{
- uint8_t *buf = (uint8_t *)
- "GET /one/ HTTP/1.1\r\n"
- "Host: one.example.org\r\n"
- "\r\n";
- uint16_t buflen = strlen((char *)buf);
- Packet *p = SCMalloc(SIZE_OF_PACKET);
- if (unlikely(p == NULL))
- return 0;
Signature *s = NULL;
- ThreadVars th_v;
- DetectEngineThreadCtx *det_ctx = NULL;
DetectEngineCtx *de_ctx = NULL;
- int result = 0;
-
- memset(&th_v, 0, sizeof(th_v));
- memset(p, 0, SIZE_OF_PACKET);
- p->src.family = AF_INET;
- p->dst.family = AF_INET;
- p->payload = buf;
- p->payload_len = buflen;
- p->proto = IPPROTO_TCP;
de_ctx = DetectEngineCtxInit();
-
- if (de_ctx == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Noalert\"; flowbits:noalert,wrongusage; content:\"GET \"; sid:1;)");
+ FAIL_IF_NOT_NULL(s);
- if (s == NULL) {
- goto end;
- }
-
- SigGroupBuild(de_ctx);
- DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
-
- SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-
- result = 1;
-
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEngineCtxFree(de_ctx);
-
-end:
- if (de_ctx != NULL) {
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
- }
-
- if (det_ctx != NULL) {
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
- }
-
- if (de_ctx != NULL) {
- DetectEngineCtxFree(de_ctx);
- }
-
- SCFree(p);
- PASS_IF(result == 0);
+ PASS;
}
/**
static int FlowBitsTestSig02(void)
{
- uint8_t *buf = (uint8_t *)
- "GET /one/ HTTP/1.1\r\n"
- "Host: one.example.org\r\n"
- "\r\n";
- uint16_t buflen = strlen((char *)buf);
- Packet *p = SCMalloc(SIZE_OF_PACKET);
- if (unlikely(p == NULL))
- return 0;
Signature *s = NULL;
ThreadVars th_v;
- DetectEngineThreadCtx *det_ctx = NULL;
DetectEngineCtx *de_ctx = NULL;
- int result = 0;
- int error_count = 0;
memset(&th_v, 0, sizeof(th_v));
- memset(p, 0, SIZE_OF_PACKET);
- p->src.family = AF_INET;
- p->dst.family = AF_INET;
- p->payload = buf;
- p->payload_len = buflen;
- p->proto = IPPROTO_TCP;
de_ctx = DetectEngineCtxInit();
-
- if (de_ctx == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"isset rule need an option\"; flowbits:isset; content:\"GET \"; sid:1;)");
-
- if (s == NULL) {
- error_count++;
- }
+ FAIL_IF_NOT_NULL(s);
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"isnotset rule need an option\"; flowbits:isnotset; content:\"GET \"; sid:2;)");
-
- if (s == NULL) {
- error_count++;
- }
+ FAIL_IF_NOT_NULL(s);
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"set rule need an option\"; flowbits:set; content:\"GET \"; sid:3;)");
-
- if (s == NULL) {
- error_count++;
- }
+ FAIL_IF_NOT_NULL(s);
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"unset rule need an option\"; flowbits:unset; content:\"GET \"; sid:4;)");
-
- if (s == NULL) {
- error_count++;
- }
+ FAIL_IF_NOT_NULL(s);
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"toggle rule need an option\"; flowbits:toggle; content:\"GET \"; sid:5;)");
+ FAIL_IF_NOT_NULL(s);
- if (s == NULL) {
- error_count++;
- }
-
- if(error_count == 5)
- goto end;
-
- SigGroupBuild(de_ctx);
- DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
-
- SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-
- if (PacketAlertCheck(p, 1)) {
- goto cleanup;
- }
- if (PacketAlertCheck(p, 2)) {
- goto cleanup;
- }
- if (PacketAlertCheck(p, 3)) {
- goto cleanup;
- }
- if (PacketAlertCheck(p, 4)) {
- goto cleanup;
- }
- if (PacketAlertCheck(p, 5)) {
- goto cleanup;
- }
-
- result = 1;
-
-cleanup:
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
-
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEngineCtxFree(de_ctx);
-end:
-
- if (de_ctx != NULL) {
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
- }
-
- if (det_ctx != NULL) {
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
- }
-
- if (de_ctx != NULL) {
- DetectEngineCtxFree(de_ctx);
- }
-
- SCFree(p);
- PASS_IF(result == 0);
+ PASS;
}
/**
static int FlowBitsTestSig03(void)
{
- uint8_t *buf = (uint8_t *)
- "GET /one/ HTTP/1.1\r\n"
- "Host: one.example.org\r\n"
- "\r\n";
- uint16_t buflen = strlen((char *)buf);
- Packet *p = SCMalloc(SIZE_OF_PACKET);
- if (unlikely(p == NULL))
- return 0;
Signature *s = NULL;
- ThreadVars th_v;
- DetectEngineThreadCtx *det_ctx = NULL;
DetectEngineCtx *de_ctx = NULL;
- int result = 0;
-
- memset(&th_v, 0, sizeof(th_v));
- memset(p, 0, SIZE_OF_PACKET);
- p->src.family = AF_INET;
- p->dst.family = AF_INET;
- p->payload = buf;
- p->payload_len = buflen;
- p->proto = IPPROTO_TCP;
de_ctx = DetectEngineCtxInit();
-
- if (de_ctx == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Unknown cmd\"; flowbits:wrongcmd; content:\"GET \"; sid:1;)");
+ FAIL_IF_NOT_NULL(s);
- if (s == NULL) {
- goto end;
- }
-
- SigGroupBuild(de_ctx);
- DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
-
- SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-
- result = 1;
-
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
-
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEngineCtxFree(de_ctx);
-
-end:
-
- if (de_ctx != NULL) {
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
- }
-
- if (det_ctx != NULL) {
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
- }
-
- if (de_ctx != NULL) {
- DetectEngineCtxFree(de_ctx);
- }
-
-
- SCFree(p);
- PASS_IF(result == 0);
+ PASS;
}
/**
static int FlowBitsTestSig04(void)
{
- uint8_t *buf = (uint8_t *)
- "GET /one/ HTTP/1.1\r\n"
- "Host: one.example.org\r\n"
- "\r\n";
- uint16_t buflen = strlen((char *)buf);
- Packet *p = SCMalloc(SIZE_OF_PACKET);
- if (unlikely(p == NULL))
- return 0;
Signature *s = NULL;
- ThreadVars th_v;
- DetectEngineThreadCtx *det_ctx = NULL;
DetectEngineCtx *de_ctx = NULL;
- int result = 0;
int idx = 0;
- memset(&th_v, 0, sizeof(th_v));
- memset(p, 0, SIZE_OF_PACKET);
- p->src.family = AF_INET;
- p->dst.family = AF_INET;
- p->payload = buf;
- p->payload_len = buflen;
- p->proto = IPPROTO_TCP;
-
de_ctx = DetectEngineCtxInit();
-
- if (de_ctx == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"isset option\"; flowbits:isset,fbt; content:\"GET \"; sid:1;)");
+ FAIL_IF_NULL(s);
idx = VariableNameGetIdx(de_ctx, "fbt", VAR_TYPE_FLOW_BIT);
+ FAIL_IF(idx != 1);
- if (s == NULL || idx != 1) {
- goto end;
- }
-
- SigGroupBuild(de_ctx);
- DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
-
- SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-
- result = 1;
-
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
-
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEngineCtxFree(de_ctx);
- SCFree(p);
- PASS_IF(result);
-
-end:
-
- if (de_ctx != NULL) {
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
- }
-
- if (det_ctx != NULL) {
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
- }
-
- if (de_ctx != NULL) {
- DetectEngineCtxFree(de_ctx);
- }
-
- SCFree(p);
- PASS_IF(result);
+ PASS;
}
/**
static int FlowBitsTestSig05(void)
{
- uint8_t *buf = (uint8_t *)
- "GET /one/ HTTP/1.1\r\n"
- "Host: one.example.org\r\n"
- "\r\n";
- uint16_t buflen = strlen((char *)buf);
- Packet *p = SCMalloc(SIZE_OF_PACKET);
- if (unlikely(p == NULL))
- return 0;
Signature *s = NULL;
- ThreadVars th_v;
- DetectEngineThreadCtx *det_ctx = NULL;
DetectEngineCtx *de_ctx = NULL;
- int result = 0;
-
- memset(&th_v, 0, sizeof(th_v));
- memset(p, 0, SIZE_OF_PACKET);
- p->src.family = AF_INET;
- p->dst.family = AF_INET;
- p->payload = buf;
- p->payload_len = buflen;
- p->proto = IPPROTO_TCP;
de_ctx = DetectEngineCtxInit();
-
- if (de_ctx == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Noalert\"; flowbits:noalert; content:\"GET \"; sid:1;)");
+ FAIL_IF_NULL(s);
+ FAIL_IF((s->flags & SIG_FLAG_NOALERT) != SIG_FLAG_NOALERT);
- if (s == NULL || ((s->flags & SIG_FLAG_NOALERT) != SIG_FLAG_NOALERT)) {
- goto end;
- }
-
- SigGroupBuild(de_ctx);
- DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
-
- SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-
- result = 1;
-
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
-
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEngineCtxFree(de_ctx);
-
- SCFree(p);
- PASS_IF(result);
-end:
-
- if (de_ctx != NULL) {
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
- }
-
- if (det_ctx != NULL) {
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
- }
-
- if (de_ctx != NULL) {
- DetectEngineCtxFree(de_ctx);
- }
-
- SCFree(p);
- PASS_IF(result);
+ PASS;
}
/**
"\r\n";
uint16_t buflen = strlen((char *)buf);
Packet *p = SCMalloc(SIZE_OF_PACKET);
- if (unlikely(p == NULL))
- return 0;
+ FAIL_IF_NULL(p);
Signature *s = NULL;
ThreadVars th_v;
DetectEngineThreadCtx *det_ctx = NULL;
p->flowflags |= FLOW_PKT_TOSERVER;
de_ctx = DetectEngineCtxInit();
-
- if (de_ctx == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Flowbit set\"; flowbits:set,myflow; sid:10;)");
-
- if (s == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(s);
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
result = 1;
}
}
+ FAIL_IF_NOT(result);
SigGroupCleanup(de_ctx);
SigCleanSignatures(de_ctx);
FLOW_DESTROY(&f);
SCFree(p);
- PASS_IF(result);
-end:
-
- if (de_ctx != NULL) {
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
- }
-
- if (det_ctx != NULL) {
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
- }
-
- if (de_ctx != NULL) {
- DetectEngineCtxFree(de_ctx);
- }
-
- if(gv) GenericVarFree(gv);
- FLOW_DESTROY(&f);
- SCFree(p);
- PASS_IF(result);
+ PASS;
}
/**
"\r\n";
uint16_t buflen = strlen((char *)buf);
Packet *p = SCMalloc(SIZE_OF_PACKET);
- if (unlikely(p == NULL))
- return 0;
+ FAIL_IF_NULL(p);
Signature *s = NULL;
ThreadVars th_v;
DetectEngineThreadCtx *det_ctx = NULL;
p->proto = IPPROTO_TCP;
de_ctx = DetectEngineCtxInit();
-
- if (de_ctx == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Flowbit set\"; flowbits:set,myflow2; sid:10;)");
- if (s == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(s);
s = s->next = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Flowbit unset\"; flowbits:unset,myflow2; sid:11;)");
- if (s == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(s);
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
result = 1;
}
}
+ FAIL_IF(result);
SigGroupCleanup(de_ctx);
SigCleanSignatures(de_ctx);
FLOW_DESTROY(&f);
SCFree(p);
- PASS_IF(result == 0);
-end:
-
- if (de_ctx != NULL) {
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
- }
-
- if (det_ctx != NULL) {
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
- }
-
- if (de_ctx != NULL) {
- DetectEngineCtxFree(de_ctx);
- }
-
- if(gv) GenericVarFree(gv);
- FLOW_DESTROY(&f);
-
- SCFree(p);
- PASS_IF(result == 0);
+ PASS;
}
/**
p->proto = IPPROTO_TCP;
de_ctx = DetectEngineCtxInit();
-
- if (de_ctx == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Flowbit set\"; flowbits:set,myflow2; sid:10;)");
-
- if (s == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(s);
s = s->next = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Flowbit unset\"; flowbits:toggle,myflow2; sid:11;)");
-
- if (s == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(s);
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
result = 1;
}
}
+ FAIL_IF(result);
SigGroupCleanup(de_ctx);
SigCleanSignatures(de_ctx);
FLOW_DESTROY(&f);
SCFree(p);
- PASS_IF(result == 0);
-end:
-
- if (de_ctx != NULL) {
- SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
- }
-
- if (det_ctx != NULL) {
- DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
- }
-
- if (de_ctx != NULL) {
- DetectEngineCtxFree(de_ctx);
- }
-
- if(gv) GenericVarFree(gv);
- FLOW_DESTROY(&f);
-
- SCFree(p);
- PASS_IF(result == 0);
+ PASS;
}
#endif /* UNITTESTS */
projects / thirdparty / suricata.git / commitdiff
