]> git.ipfire.org Git - thirdparty/suricata-verify.git/commitdiff
projects / thirdparty / suricata-verify.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0dcb298)
tests: Add test case for 2982
authorJeff Lucovsky <jeff@lucovsky.org>
Sat, 13 Feb 2021 15:36:11 +0000 (10:36 -0500)
committerVictor Julien <victor@inliniac.net>
Thu, 10 Nov 2022 13:03:49 +0000 (15:03 +0200)
tests/test-unreachable-distance-1/input.pcap [new file with mode: 0644] patch | blob
tests/test-unreachable-distance-1/test.rules [new file with mode: 0644] patch | blob
tests/test-unreachable-distance-1/test.yaml [new file with mode: 0644] patch | blob

diff --git a/tests/test-unreachable-distance-1/input.pcap b/tests/test-unreachable-distance-1/input.pcap
new file mode 100644 (file)
index 0000000..bc6ba8f
Binary files /dev/null and b/tests/test-unreachable-distance-1/input.pcap differ
diff --git a/tests/test-unreachable-distance-1/test.rules b/tests/test-unreachable-distance-1/test.rules
new file mode 100644 (file)
index 0000000..a26c338
--- /dev/null
+++ b/tests/test-unreachable-distance-1/test.rules
@@ -0,0 +1,5 @@
+alert udp any any -> any any (msg:"dsize/distance INVALID combination #1"; dsize:10; content:"boom"; content:"loom"; distance:10; sid:1; rev:1;)
+alert udp any any -> any any (msg:"dsize/distance INVALID combination #2"; dsize:6; content:"boom"; content:"loom"; distance:3; sid:2; rev:1;)
+alert udp any any -> any any (msg:"dsize/distance INVALID combination #3"; dsize:6; content:"boom"; content:"loom"; distance:2; sid:3; rev:1;)
+alert udp any any -> any any (msg:"dsize/distance VALID combination #1"; dsize:10; content:"boom"; content:"loom"; distance:-10; sid:4; rev:1;)
+alert udp any any -> any any (msg:"dsize/distance VALID combination #2"; dsize:10; content:"boom"; content:"loom"; distance:-15; sid:5; rev:1;)
diff --git a/tests/test-unreachable-distance-1/test.yaml b/tests/test-unreachable-distance-1/test.yaml
new file mode 100644 (file)
index 0000000..af39ec4
--- /dev/null
+++ b/tests/test-unreachable-distance-1/test.yaml
@@ -0,0 +1,17 @@
+requires:
+  min-version: 7
+
+checks:
+    - shell:
+        args: grep "signature can't match" suricata.log | wc -l | xargs
+        expect: 3
+
+    - shell:
+        args: grep SC_ERR_INVALID_SIGNATURE suricata.log | wc -l | xargs
+        expect: 6
+
+    - shell:
+        args: grep "1 rule files processed. 2 rules successfully loaded, 3 rules failed" suricata.log | wc -l | xargs
+        expect: 1
+
+exit-code: 1
Mirror of https://github.com/OISF/suricata-verify.git