]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f5adccb)
detect: file list in engine
authorVictor Julien <victor@inliniac.net>
Sat, 15 Oct 2016 17:11:18 +0000 (19:11 +0200)
committerVictor Julien <victor@inliniac.net>
Thu, 16 Feb 2017 09:35:37 +0000 (10:35 +0100)
src/detect-engine-file.c patch | blob | blame | history
src/detect-engine.c patch | blob | blame | history

diff --git a/src/detect-engine-file.c b/src/detect-engine-file.c
index 588c72fbbf79235eac3d5fdfc83f8d45dd6e6e2f..f2f847a65ff37a3c2bf3d4991183cb75cd021f3a 100644 (file)
--- a/src/detect-engine-file.c
+++ b/src/detect-engine-file.c
@@ -74,9 +74,9 @@
  *  \note flow is not locked at this time
  */
 static int DetectFileInspect(ThreadVars *tv, DetectEngineThreadCtx *det_ctx,
-        Flow *f, Signature *s, uint8_t flags, FileContainer *ffc)
+        Flow *f, Signature *s, const SigMatch *smi, uint8_t flags, FileContainer *ffc)
 {
-    SigMatch *sm = NULL;
+    const SigMatch *sm = NULL;
     int r = 0;
     int match = 0;
     int store_r = 0;
@@ -148,7 +148,7 @@ static int DetectFileInspect(ThreadVars *tv, DetectEngineThreadCtx *det_ctx,
             }
 
             /* run the file match functions. */
-            for (sm = s->sm_lists[DETECT_SM_LIST_FILEMATCH]; sm != NULL; sm = sm->next) {
+            for (sm = smi; sm != NULL; sm = sm->next) {
                 SCLogDebug("sm %p, sm->next %p", sm, sm->next);
 
                 if (sigmatch_table[sm->type].FileMatch != NULL) {
@@ -183,7 +183,7 @@ static int DetectFileInspect(ThreadVars *tv, DetectEngineThreadCtx *det_ctx,
     } else {
         /* if we have a filestore sm with a scope > file (so tx, ssn) we
          * run it here */
-        sm = s->sm_lists[DETECT_SM_LIST_FILEMATCH];
+        sm = smi;
         if (sm != NULL && sm->next == NULL && sm->type == DETECT_FILESTORE &&
                 sm->ctx != NULL)
         {
@@ -242,7 +242,7 @@ int DetectFileInspectHttp(ThreadVars *tv,
     else
         ffc = htp_state->files_ts;
 
-    int match = DetectFileInspect(tv, det_ctx, f, s, flags, ffc);
+    int match = DetectFileInspect(tv, det_ctx, f, s, sm, flags, ffc);
     if (match == DETECT_ENGINE_INSPECT_SIG_MATCH) {
         r = DETECT_ENGINE_INSPECT_SIG_MATCH;
     } else if (match == DETECT_ENGINE_INSPECT_SIG_CANT_MATCH) {
@@ -294,7 +294,7 @@ int DetectFileInspectSmtp(ThreadVars *tv,
     else
         goto end;
 
-    int match = DetectFileInspect(tv, det_ctx, f, s, flags, ffc);
+    int match = DetectFileInspect(tv, det_ctx, f, s, sm, flags, ffc);
     if (match == DETECT_ENGINE_INSPECT_SIG_MATCH) {
         r = DETECT_ENGINE_INSPECT_SIG_MATCH;
     } else if (match == DETECT_ENGINE_INSPECT_SIG_CANT_MATCH) {
diff --git a/src/detect-engine.c b/src/detect-engine.c
index 476e6c26f11703708abadcf1c0ed2f7c7ad118e8..413447a2552be4a337a5a733624f78358c3eaeec 100644 (file)
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@@ -189,6 +189,8 @@ int DetectEngineAppInspectionEngine2Signature(Signature *s)
             case DETECT_SM_LIST_HCDMATCH:
             case DETECT_SM_LIST_HUADMATCH:
 
+            case DETECT_SM_LIST_FILEMATCH:
+
             case DETECT_SM_LIST_DNSQUERYNAME_MATCH:
             //case DETECT_SM_LIST_DNSRESPONSE_MATCH:
             //case DETECT_SM_LIST_DNSRESPONSE_MATCH:
Mirror of https://github.com/OISF/suricata.git