detect: allow rule errors to display error, but not be fatal

Add a new setup return code, -4 which will print the error, but not
error out in test mode. This is to support allowing incomplete hex, as
there is no context as to which rule had the issue.

For context:
- -3: error ok, no message
- -2: error not ok, no message
- -4: error ok, message

diff --git a/src/detect-parse.c b/src/detect-parse.c
index 020778eea52401c9649186286dccca9b24847890..14f400e493c03e21bd8b15f0a9b3d1b51fb7622f 100644 (file)
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -1908,7 +1908,11 @@ static Signature *SigInitHelper(DetectEngineCtx *de_ctx, const char *sigstr,
     sig->gid = 1;
 
     int ret = SigParse(de_ctx, sig, sigstr, dir, &parser);
-    if (ret == -3) {
+    if (ret == -4) {
+        de_ctx->sigerror_ok = true;
+        goto error;
+    }
+    else if (ret == -3) {
         de_ctx->sigerror_silent = true;
         de_ctx->sigerror_ok = true;
         goto error;