#[no_mangle]
pub unsafe extern "C" fn rs_http2_tx_get_header_name(
tx: &mut HTTP2Transaction, direction: u8, nb: u32, buffer: *mut *const u8, buffer_len: *mut u32,
-) -> u8 {
+) -> bool {
let mut pos = 0_u32;
match direction.into() {
Direction::ToServer => {
let value = &blocks[(nb - pos) as usize].name;
*buffer = value.as_ptr(); //unsafe
*buffer_len = value.len() as u32;
- return 1;
+ return true;
} else {
pos += blocks.len() as u32;
}
let value = &blocks[(nb - pos) as usize].name;
*buffer = value.as_ptr(); //unsafe
*buffer_len = value.len() as u32;
- return 1;
+ return true;
} else {
pos += blocks.len() as u32;
}
}
}
}
- return 0;
+ return false;
}
fn http2_frames_get_header_firstvalue<'a>(
#include "detect-engine-mpm.h"
#include "detect-engine-prefilter.h"
#include "detect-parse.h"
+#include "detect-engine-content-inspection.h"
int DetectHelperBufferRegister(const char *name, AppProto alproto, bool toclient, bool toserver)
{
DETECT_TBLSIZE_IDX++;
return DETECT_TBLSIZE_IDX - 1;
}
+
+InspectionBuffer *DetectHelperGetMultiData(struct DetectEngineThreadCtx_ *det_ctx,
+ const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv,
+ const int list_id, uint32_t index, MultiGetTxBuffer GetBuf)
+{
+ InspectionBuffer *buffer = InspectionBufferMultipleForListGet(det_ctx, list_id, index);
+ if (buffer == NULL) {
+ return NULL;
+ }
+ if (buffer->initialized) {
+ return buffer;
+ }
+
+ const uint8_t *data = NULL;
+ uint32_t data_len = 0;
+
+ if (!GetBuf(txv, flow_flags, index, &data, &data_len)) {
+ InspectionBufferSetupMultiEmpty(buffer);
+ return NULL;
+ }
+ InspectionBufferSetupMulti(buffer, transforms, data, data_len);
+ buffer->flags = DETECT_CI_FLAGS_SINGLE;
+ return buffer;
+}
int DetectHelperBufferRegister(const char *name, AppProto alproto, bool toclient, bool toserver);
typedef bool (*SimpleGetTxBuffer)(void *, uint8_t, const uint8_t **, uint32_t *);
+typedef bool (*MultiGetTxBuffer)(void *, uint8_t, uint32_t, const uint8_t **, uint32_t *);
+
InspectionBuffer *DetectHelperGetData(struct DetectEngineThreadCtx_ *det_ctx,
const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv,
const int list_id, SimpleGetTxBuffer GetBuf);
int DetectHelperBufferMpmRegister(const char *name, const char *desc, AppProto alproto,
bool toclient, bool toserver, InspectionBufferGetDataPtr GetData);
+InspectionBuffer *DetectHelperGetMultiData(struct DetectEngineThreadCtx_ *det_ctx,
+ const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv,
+ const int list_id, uint32_t index, MultiGetTxBuffer GetBuf);
+
#endif /* SURICATA_DETECT_ENGINE_HELPER_H */
#include "detect-engine-mpm.h"
#include "detect-engine-prefilter.h"
#include "detect-engine-content-inspection.h"
+#include "detect-engine-helper.h"
#include "detect-http2.h"
#include "util-byte.h"
const DetectEngineTransforms *transforms, Flow *_f, const uint8_t flags, void *txv,
int list_id, uint32_t local_id)
{
- SCEnter();
-
- InspectionBuffer *buffer = InspectionBufferMultipleForListGet(det_ctx, list_id, local_id);
- if (buffer == NULL)
- return NULL;
- if (buffer->initialized)
- return buffer;
-
- uint32_t b_len = 0;
- const uint8_t *b = NULL;
-
- if (rs_http2_tx_get_header_name(txv, flags, local_id, &b, &b_len) != 1) {
- InspectionBufferSetupMultiEmpty(buffer);
- return NULL;
- }
- if (b == NULL || b_len == 0) {
- InspectionBufferSetupMultiEmpty(buffer);
- return NULL;
- }
-
- InspectionBufferSetupMulti(buffer, transforms, b, b_len);
- buffer->flags = DETECT_CI_FLAGS_SINGLE;
-
- SCReturnPtr(buffer, "InspectionBuffer");
+ return DetectHelperGetMultiData(det_ctx, transforms, _f, flags, txv, list_id, local_id,
+ (MultiGetTxBuffer)rs_http2_tx_get_header_name);
}
void DetectHttp2Register(void)
projects / thirdparty / suricata.git / commitdiff
