]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
Improve error reporting in case of syntax errors in the address and port vars.
authorVictor Julien <victor@inliniac.net>
Thu, 31 May 2012 17:56:07 +0000 (19:56 +0200)
committerVictor Julien <victor@inliniac.net>
Thu, 31 May 2012 17:56:07 +0000 (19:56 +0200)
src/detect-engine-address.c
src/detect-engine-port.c
src/suricata.c

index a1c091cd9249221f4c0faf289f9bba268839d087..8c120f32bf3d6ea9009cf84f6f9bf22a90b209f1 100644 (file)
@@ -825,8 +825,8 @@ int DetectAddressSetup(DetectAddressHead *gh, char *s)
     ad = DetectAddressParseSingle(s);
     if (ad == NULL) {
         SCLogError(SC_ERR_ADDRESS_ENGINE_GENERIC,
-                   "DetectAddressParse error \"%s\"", s);
-        goto error;
+                "failed to parse address \"%s\"", s);
+        return -1;
     }
 
     if (ad->flags & ADDRESS_FLAG_ANY)
@@ -1240,7 +1240,7 @@ int DetectAddressTestConfVars(void)
 
     ConfNode *seq_node;
     TAILQ_FOREACH(seq_node, &address_vars_node->head, next) {
-        SCLogDebug("Testing %s - %s\n", seq_node->name, seq_node->val);
+        SCLogDebug("Testing %s - %s", seq_node->name, seq_node->val);
 
         DetectAddressHead *gh = DetectAddressHeadInit();
         if (gh == NULL) {
@@ -1253,12 +1253,15 @@ int DetectAddressTestConfVars(void)
 
         int r = DetectAddressParse2(gh, ghn, seq_node->val, /* start with negate no */0);
         if (r < 0) {
+            SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY,
+                        "failed to parse address var \"%s\" with value \"%s\". "
+                        "Please check it's syntax", seq_node->name, seq_node->val);
             goto error;
         }
 
         if (DetectAddressIsCompleteIPSpace(ghn)) {
             SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY,
-                       "Address var - \"%s\" has the complete IP space negated "
+                       "address var - \"%s\" has the complete IP space negated "
                        "with it's value \"%s\".  Rule address range is NIL. "
                        "Probably have a !any or an address range that supplies "
                        "a NULL address range", seq_node->name, seq_node->val);
index 2b231b3c3751bf0a14699d1157525999b75a1120..c7bd9fcafd44477e507597859402b2b4eb284a10 100644 (file)
@@ -914,8 +914,8 @@ static int DetectPortParseInsertString(DetectPort **head, char *s) {
     /** parse the address */
     ad = PortParse(s);
     if (ad == NULL) {
-        SCLogError(SC_ERR_INVALID_ARGUMENT,"PortParse error \"%s\"",s);
-        goto error;
+        SCLogError(SC_ERR_INVALID_ARGUMENT," failed to parse port \"%s\"",s);
+        return -1;
     }
 
     if (ad->flags & PORT_FLAG_ANY) {
index 9b35fe693b2288d15d68f86493a73fa665616555..4fa23f71a4dd8d597715985a0616de03284e2f83 100644 (file)
@@ -1373,6 +1373,18 @@ int main(int argc, char **argv)
 
     TagInitCtx();
 
+    if (DetectAddressTestConfVars() < 0) {
+        SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY,
+                "basic address vars test failed. Please check %s for errors", conf_filename);
+        exit(EXIT_FAILURE);
+    }
+    if (DetectPortTestConfVars() < 0) {
+        SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY,
+                "basic port vars test failed. Please check %s for errors", conf_filename);
+        exit(EXIT_FAILURE);
+    }
+
+
     TmModuleReceiveNFQRegister();
     TmModuleVerdictNFQRegister();
     TmModuleDecodeNFQRegister();
@@ -1640,11 +1652,6 @@ int main(int argc, char **argv)
     if (MagicInit() != 0)
         exit(EXIT_FAILURE);
 
-    if (DetectAddressTestConfVars() < 0)
-        exit(0);
-    if (DetectPortTestConfVars() < 0)
-        exit(0);
-
     if (SigLoadSignatures(de_ctx, sig_file, sig_file_exclusive) < 0) {
         if (sig_file == NULL) {
             SCLogError(SC_ERR_OPENING_FILE, "Signature file has not been provided");