}
}
-unsafe extern "C" fn tolower_transform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn tolower_transform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
}
}
-unsafe extern "C" fn toupper_transform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn toupper_transform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
return nb as u32;
}
-unsafe extern "C" fn compress_whitespace_transform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn compress_whitespace_transform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
output[0] = b'.';
}
-unsafe extern "C" fn dot_prefix_transform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn dot_prefix_transform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input_len = InspectionBufferLength(buffer);
if input_len == 0 {
return;
Md5::new().chain(input).finalize_into(output.into());
}
-unsafe extern "C" fn md5_transform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn md5_transform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
Sha1::new().chain(input).finalize_into(output.into());
}
-unsafe extern "C" fn sha1_transform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn sha1_transform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
Sha256::new().chain(input).finalize_into(output.into());
}
-unsafe extern "C" fn sha256_transform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn sha256_transform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
}
}
-unsafe extern "C" fn header_lowertransform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn header_lowertransform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
return nb as u32;
}
-unsafe extern "C" fn strip_pseudo_transform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn strip_pseudo_transform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
pub flags: u16,
pub Setup: unsafe extern "C" fn(de: *mut c_void, s: *mut c_void, raw: *const c_char) -> c_int,
pub Free: Option<unsafe extern "C" fn(de: *mut c_void, ptr: *mut c_void)>,
- pub Transform: unsafe extern "C" fn(inspect_buf: *mut c_void, options: *mut c_void),
+ pub Transform: unsafe extern "C" fn(_det: *mut c_void, inspect_buf: *mut c_void, options: *mut c_void),
pub TransformValidate:
Option<unsafe extern "C" fn(content: *const u8, len: u16, context: *mut c_void) -> bool>,
}
return nb as u32;
}
-unsafe extern "C" fn strip_whitespace_transform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn strip_whitespace_transform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
return nb as u32;
}
-unsafe extern "C" fn url_decode_transform(buffer: *mut c_void, _ctx: *mut c_void) {
+unsafe extern "C" fn url_decode_transform(_det: *mut c_void, buffer: *mut c_void, _ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
}
}
-unsafe extern "C" fn xor_transform(buffer: *mut c_void, ctx: *mut c_void) {
+unsafe extern "C" fn xor_transform(_det: *mut c_void, buffer: *mut c_void, ctx: *mut c_void) {
let input = InspectionBufferPtr(buffer);
let input_len = InspectionBufferLength(buffer);
if input.is_null() || input_len == 0 {
}
if (ok) {
- InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, data, data_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
return buffer;
}
InspectionBufferSetupMultiEmpty(buffer);
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, data, data_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
SCReturnPtr(buffer, "InspectionBuffer");
}
}
- InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, data, data_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
return buffer;
}
return NULL;
InspectionBufferSetup(det_ctx, list_id, buffer, b_email_from, b_email_from_len);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
}
return NULL;
InspectionBufferSetup(det_ctx, list_id, buffer, b_email_sub, b_email_sub_len);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
}
return NULL;
InspectionBufferSetup(det_ctx, list_id, buffer, b_email_to, b_email_to_len);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
}
return NULL;
InspectionBufferSetup(det_ctx, list_id, buffer, b_email_cc, b_email_cc_len);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
}
return NULL;
InspectionBufferSetup(det_ctx, list_id, buffer, b_email_date, b_email_date_len);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
}
return NULL;
InspectionBufferSetup(det_ctx, list_id, buffer, b_email_msg_id, b_email_msg_id_len);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
}
return NULL;
InspectionBufferSetup(det_ctx, list_id, buffer, b_email_x_mailer, b_email_x_mailer_len);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
}
static bool BufferSetup(struct FrameStreamData *fsd, InspectionBuffer *buffer, const uint8_t *input,
const uint32_t input_len, const uint64_t input_offset);
-static void BufferSetupUdp(InspectionBuffer *buffer, const Frame *frame, const Packet *p,
- const DetectEngineTransforms *transforms);
+static void BufferSetupUdp(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer,
+ const Frame *frame, const Packet *p, const DetectEngineTransforms *transforms);
void DetectRunPrefilterFrame(DetectEngineThreadCtx *det_ctx, const SigGroupHead *sgh, Packet *p,
const Frames *frames, const Frame *frame, const AppProto alproto)
if (frame->offset >= p->payload_len)
return;
- BufferSetupUdp(buffer, frame, p, ctx->transforms);
+ BufferSetupUdp(det_ctx, buffer, frame, p, ctx->transforms);
const uint32_t data_len = buffer->inspect_len;
const uint8_t *data = buffer->inspect;
return false;
}
-static void BufferSetupUdp(InspectionBuffer *buffer, const Frame *frame, const Packet *p,
- const DetectEngineTransforms *transforms)
+static void BufferSetupUdp(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer,
+ const Frame *frame, const Packet *p, const DetectEngineTransforms *transforms)
{
uint8_t ci_flags = DETECT_CI_FLAGS_START;
uint32_t frame_len;
AppLayerParserGetFrameNameById(p->flow->proto, p->flow->alproto, frame->type),
frame->offset, frame->type, frame->len);
- InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, data, data_len);
buffer->inspect_offset = 0;
buffer->flags = ci_flags;
}
return DETECT_ENGINE_INSPECT_SIG_NO_MATCH;
if (!buffer->initialized)
- BufferSetupUdp(buffer, frame, p, transforms);
+ BufferSetupUdp(det_ctx, buffer, frame, p, transforms);
DEBUG_VALIDATE_BUG_ON(!buffer->initialized);
if (buffer->inspect == NULL)
return DETECT_ENGINE_INSPECT_SIG_NO_MATCH;
}
// PrintRawDataFp(stdout, data, data_len);
SCLogDebug("fsd->transforms %p", fsd->transforms);
- InspectionBufferSetupMulti(buffer, fsd->transforms, data, data_len);
+ InspectionBufferSetupMulti(fsd->det_ctx, buffer, fsd->transforms, data, data_len);
SCLogDebug("inspect_offset %" PRIu64, fo_inspect_offset);
buffer->inspect_offset = fo_inspect_offset;
buffer->flags = ci_flags;
sigmatch_table[transform_id].url = kw->url;
sigmatch_table[transform_id].flags = kw->flags;
sigmatch_table[transform_id].Transform =
- (void (*)(InspectionBuffer * buffer, void *options)) kw->Transform;
+ (void (*)(DetectEngineThreadCtx * det_ctx, InspectionBuffer * buffer, void *options))
+ kw->Transform;
sigmatch_table[transform_id].TransformValidate = (bool (*)(
const uint8_t *content, uint16_t content_len, void *context))kw->TransformValidate;
sigmatch_table[transform_id].Setup =
InspectionBufferSetupMultiEmpty(buffer);
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, data, data_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
return buffer;
}
static uint32_t DetectEngineTenantGetIdFromPcap(const void *ctx, const Packet *p);
static inline void InspectionBufferApplyTransformsInternal(
- InspectionBuffer *, const DetectEngineTransforms *);
+ DetectEngineThreadCtx *det_ctx, InspectionBuffer *, const DetectEngineTransforms *);
static DetectEngineAppInspectionEngine *g_app_inspect_engines = NULL;
static DetectEnginePktInspectionEngine *g_pkt_inspect_engines = NULL;
return buffer;
}
-static inline void InspectionBufferApplyTransformsInternal(
+static inline void InspectionBufferApplyTransformsInternal(DetectEngineThreadCtx *det_ctx,
InspectionBuffer *buffer, const DetectEngineTransforms *transforms)
{
if (transforms) {
if (id == 0)
break;
BUG_ON(sigmatch_table[id].Transform == NULL);
- sigmatch_table[id].Transform(buffer, transforms->transforms[i].options);
+ sigmatch_table[id].Transform(det_ctx, buffer, transforms->transforms[i].options);
SCLogDebug("applied transform %s", sigmatch_table[id].name);
}
}
}
-void InspectionBufferApplyTransforms(
- InspectionBuffer *buffer, const DetectEngineTransforms *transforms)
+void InspectionBufferApplyTransforms(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer,
+ const DetectEngineTransforms *transforms)
{
- InspectionBufferApplyTransformsInternal(buffer, transforms);
+ InspectionBufferApplyTransformsInternal(det_ctx, buffer, transforms);
}
void InspectionBufferInit(InspectionBuffer *buffer, uint32_t initial_size)
}
/** \brief setup the buffer with our initial data */
-void InspectionBufferSetupMulti(InspectionBuffer *buffer, const DetectEngineTransforms *transforms,
- const uint8_t *data, const uint32_t data_len)
+void InspectionBufferSetupMulti(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer,
+ const DetectEngineTransforms *transforms, const uint8_t *data, const uint32_t data_len)
{
#ifdef DEBUG_VALIDATION
DEBUG_VALIDATE_BUG_ON(!buffer->multi);
buffer->len = 0;
buffer->initialized = true;
- InspectionBufferApplyTransformsInternal(buffer, transforms);
+ InspectionBufferApplyTransformsInternal(det_ctx, buffer, transforms);
}
static inline void InspectionBufferSetupInternal(DetectEngineThreadCtx *det_ctx, const int list_id,
const DetectEngineTransforms *transforms)
{
InspectionBufferSetupInternal(det_ctx, list_id, buffer, data, data_len);
- InspectionBufferApplyTransformsInternal(buffer, transforms);
+ InspectionBufferApplyTransformsInternal(det_ctx, buffer, transforms);
}
void InspectionBufferFree(InspectionBuffer *buffer)
void *InspectionBufferCheckAndExpand(InspectionBuffer *buffer, uint32_t min_size);
void InspectionBufferTruncate(InspectionBuffer *buffer, uint32_t buf_len);
void InspectionBufferCopy(InspectionBuffer *buffer, uint8_t *buf, uint32_t buf_len);
-void InspectionBufferApplyTransforms(InspectionBuffer *buffer,
+void InspectionBufferApplyTransforms(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer,
const DetectEngineTransforms *transforms);
void InspectionBufferClean(DetectEngineThreadCtx *det_ctx);
InspectionBuffer *InspectionBufferGet(DetectEngineThreadCtx *det_ctx, const int list_id);
void InspectionBufferSetupMultiEmpty(InspectionBuffer *buffer);
-void InspectionBufferSetupMulti(InspectionBuffer *buffer, const DetectEngineTransforms *transforms,
- const uint8_t *data, const uint32_t data_len);
+void InspectionBufferSetupMulti(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer,
+ const DetectEngineTransforms *transforms, const uint8_t *data, const uint32_t data_len);
InspectionBuffer *InspectionBufferMultipleForListGet(
DetectEngineThreadCtx *det_ctx, const int list_id, uint32_t local_id);
return buffer;
}
- InspectionBufferSetupMulti(buffer, transforms, base_buffer->inspect, base_buffer->inspect_len);
+ InspectionBufferSetupMulti(
+ det_ctx, buffer, transforms, base_buffer->inspect, base_buffer->inspect_len);
buffer->inspect_offset = base_buffer->inspect_offset;
SCLogDebug("xformed buffer %p size %u", buffer, buffer->inspect_len);
SCReturnPtr(buffer, "InspectionBuffer");
SCLogDebug("content inspected: %" PRIu64, cur_file->content_inspected);
}
- InspectionBufferSetupMulti(buffer, NULL, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, NULL, data, data_len);
SCLogDebug("[list %d] [before] buffer offset %" PRIu64 "; buffer len %" PRIu32
"; data_len %" PRIu32 "; file_size %" PRIu64,
list_id, buffer->inspect_offset, buffer->inspect_len, data_len, file_size);
const uint8_t *data = (const uint8_t *)cur_file->magic;
uint32_t data_len = (uint32_t)strlen(cur_file->magic);
- InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, data, data_len);
SCReturnPtr(buffer, "InspectionBuffer");
}
const uint8_t *data = cur_file->name;
uint32_t data_len = cur_file->name_len;
- InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, data, data_len);
SCReturnPtr(buffer, "InspectionBuffer");
}
InspectionBufferSetup(det_ctx, list_id, buffer, base_buffer->inspect, base_buffer->inspect_len);
buffer->inspect_offset = base_buffer->inspect_offset;
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
SCLogDebug("xformed buffer %p size %u", buffer, buffer->inspect_len);
SCReturnPtr(buffer, "InspectionBuffer");
}
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, b, b_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, b, b_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
SCReturnPtr(buffer, "InspectionBuffer");
// hdr_td->len is the number of header buffers
if (local_id < hdr_td->len) {
// we have one valid header buffer
- InspectionBufferSetupMulti(
- buffer, transforms, hdr_td->items[local_id].buffer, hdr_td->items[local_id].len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, hdr_td->items[local_id].buffer,
+ hdr_td->items[local_id].len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
SCReturnPtr(buffer, "InspectionBuffer");
} // else there are no more header buffer to get
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, data, data_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
SCReturnPtr(buffer, "InspectionBuffer");
} else {
return NULL;
}
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
} else {
return NULL;
}
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
InspectionBufferSetup(det_ctx, list_id, buffer, data, 0);
InspectionBufferCopy(buffer, data, JA4_HEX_LEN);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
InspectionBufferSetup(det_ctx, list_id, buffer, NULL, 0);
InspectionBufferCopy(buffer, (uint8_t *)b, JA4_HEX_LEN);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
}
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, b, b_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, b, b_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
SCReturnPtr(buffer, "InspectionBuffer");
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, b, b_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, b, b_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
SCReturnPtr(buffer, "InspectionBuffer");
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, data, data_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
SCReturnPtr(buffer, "InspectionBuffer");
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, data, data_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
SCReturnPtr(buffer, "InspectionBuffer");
if (smtp_state->helo == NULL || smtp_state->helo_len == 0)
return NULL;
InspectionBufferSetup(det_ctx, list_id, buffer, smtp_state->helo, smtp_state->helo_len);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
}
return buffer;
if (tx->mail_from == NULL || tx->mail_from_len == 0)
return NULL;
InspectionBufferSetup(det_ctx, list_id, buffer, tx->mail_from, tx->mail_from_len);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
}
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, s->str, s->len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, s->str, s->len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
return buffer;
}
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, a->alpn, a->size);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, a->alpn, a->size);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
SCReturnPtr(buffer, "InspectionBuffer");
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, cert->cert_data, cert->cert_len);
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, cert->cert_data, cert->cert_len);
buffer->flags = DETECT_CI_FLAGS_SINGLE;
SCReturnPtr(buffer, "InspectionBuffer");
return NULL;
}
- InspectionBufferSetupMulti(buffer, transforms, (const uint8_t *)connp->cert0_sans[idx],
+ InspectionBufferSetupMulti(det_ctx, buffer, transforms, (const uint8_t *)connp->cert0_sans[idx],
strlen(connp->cert0_sans[idx]));
buffer->flags = DETECT_CI_FLAGS_SINGLE;
#define DETECT_TRANSFORM_FROM_BASE64_MODE_DEFAULT (uint8_t) SCBase64ModeRFC4648
static void DetectTransformFromBase64DecodeRegisterTests(void);
#endif
-static void TransformFromBase64Decode(InspectionBuffer *buffer, void *options);
+static void TransformFromBase64Decode(
+ DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer, void *options);
void DetectTransformFromBase64DecodeRegister(void)
{
SCReturnInt(r);
}
-static void TransformFromBase64Decode(InspectionBuffer *buffer, void *options)
+static void TransformFromBase64Decode(
+ DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer, void *options)
{
SCDetectTransformFromBase64Data *b64d = options;
const uint8_t *input = buffer->inspect;
InspectionBufferInit(&buffer, input_len);
InspectionBufferSetup(NULL, -1, &buffer, input, input_len);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
- TransformFromBase64Decode(&buffer, &b64d);
+ TransformFromBase64Decode(NULL, &buffer, &b64d);
FAIL_IF_NOT(buffer.inspect_len == result_len);
FAIL_IF_NOT(strncmp(result, (const char *)buffer.inspect, result_len) == 0);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
InspectionBufferInit(&buffer, input_len);
InspectionBufferSetup(NULL, -1, &buffer, input, input_len);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
- TransformFromBase64Decode(&buffer, &b64d);
+ TransformFromBase64Decode(NULL, &buffer, &b64d);
FAIL_IF_NOT(buffer.inspect_len == result_len);
FAIL_IF_NOT(strncmp(result, (const char *)buffer.inspect, result_len) == 0);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
InspectionBufferSetup(NULL, -1, &buffer, input, input_len);
buffer_orig = buffer;
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
- TransformFromBase64Decode(&buffer, &b64d);
+ TransformFromBase64Decode(NULL, &buffer, &b64d);
FAIL_IF_NOT(buffer.inspect_offset == buffer_orig.inspect_offset);
FAIL_IF_NOT(buffer.inspect_len == buffer_orig.inspect_len);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
InspectionBufferInit(&buffer, input_len);
InspectionBufferSetup(NULL, -1, &buffer, input, input_len);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
- TransformFromBase64Decode(&buffer, &b64d);
+ TransformFromBase64Decode(NULL, &buffer, &b64d);
FAIL_IF_NOT(strncmp((const char *)input, (const char *)buffer.inspect, input_len) == 0);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
InspectionBufferFree(&buffer);
InspectionBufferInit(&buffer, input_len);
InspectionBufferSetup(NULL, -1, &buffer, input, input_len);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
- TransformFromBase64Decode(&buffer, &b64d);
+ TransformFromBase64Decode(NULL, &buffer, &b64d);
FAIL_IF_NOT(strncmp((const char *)input, (const char *)buffer.inspect, input_len) == 0);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
InspectionBufferFree(&buffer);
InspectionBufferInit(&buffer, input_len);
InspectionBufferSetup(NULL, -1, &buffer, input, input_len);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
- TransformFromBase64Decode(&buffer, &b64d);
+ TransformFromBase64Decode(NULL, &buffer, &b64d);
FAIL_IF_NOT(buffer.inspect_len == result_len);
FAIL_IF_NOT(strncmp(result, (const char *)buffer.inspect, result_len) == 0);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
InspectionBufferInit(&buffer, input_len);
InspectionBufferSetup(NULL, -1, &buffer, input, input_len);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
- TransformFromBase64Decode(&buffer, &b64d);
+ TransformFromBase64Decode(NULL, &buffer, &b64d);
FAIL_IF_NOT(buffer.inspect_len == result_len);
FAIL_IF_NOT(strncmp(result, (const char *)buffer.inspect, result_len) == 0);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
InspectionBufferInit(&buffer, input_len);
InspectionBufferSetup(NULL, -1, &buffer, input, input_len);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
- TransformFromBase64Decode(&buffer, &b64d);
+ TransformFromBase64Decode(NULL, &buffer, &b64d);
FAIL_IF_NOT(buffer.inspect_len == result_len);
FAIL_IF_NOT(strncmp(result, (const char *)buffer.inspect, result_len) == 0);
PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
InspectionBufferInit(&buffer, input_len);
InspectionBufferSetup(NULL, -1, &buffer, input, input_len);
// PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
- TransformFromBase64Decode(&buffer, &b64d);
+ TransformFromBase64Decode(NULL, &buffer, &b64d);
FAIL_IF_NOT(buffer.inspect_len == 15);
// PrintRawDataFp(stdout, buffer.inspect, buffer.inspect_len);
InspectionBufferFree(&buffer);
static int DetectTransformPcrexformSetup (DetectEngineCtx *, Signature *, const char *);
static void DetectTransformPcrexformFree(DetectEngineCtx *, void *);
-static void DetectTransformPcrexform(InspectionBuffer *buffer, void *options);
+static void DetectTransformPcrexform(
+ DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer, void *options);
#ifdef UNITTESTS
void DetectTransformPcrexformRegisterTests (void);
#endif
SCReturnInt(r);
}
-static void DetectTransformPcrexform(InspectionBuffer *buffer, void *options)
+static void DetectTransformPcrexform(
+ DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer, void *options)
{
const char *input = (const char *)buffer->inspect;
const uint32_t input_len = buffer->inspect_len;
uint8_t flags, File *, const Signature *, const SigMatchCtx *);
/** InspectionBuffer transformation callback */
- void (*Transform)(InspectionBuffer *, void *context);
+ void (*Transform)(DetectEngineThreadCtx *, InspectionBuffer *, void *context);
bool (*TransformValidate)(const uint8_t *content, uint16_t content_len, void *context);
/** keyword setup function pointer */
InspectionBufferSetup(det_ctx, list_id, buffer, NULL, 0);
InspectionBufferCopy(buffer, ja3_hash, SC_MD5_HEX_LEN);
- InspectionBufferApplyTransforms(buffer, transforms);
+ InspectionBufferApplyTransforms(det_ctx, buffer, transforms);
}
return buffer;
}
projects / thirdparty / suricata.git / commitdiff
