detect/transform: Add validation function

This commit adds a function to pre-validate buffers. If a content
buffer contains whitespace, the validation fails.

(cherry picked from commit bc81474e3fb715b1ef110338676fc15de34744c0)

diff --git a/src/detect-transform-strip-whitespace.c b/src/detect-transform-strip-whitespace.c
index 9b444f9c2bb78fa836d39c1306e16e81b8da7370..33c006a615660ff96b07190ada3b7b7daa1afd7a 100644 (file)
--- a/src/detect-transform-strip-whitespace.c
+++ b/src/detect-transform-strip-whitespace.c
@@ -38,6 +38,7 @@ static int DetectTransformStripWhitespaceSetup (DetectEngineCtx *, Signature *,
 static void DetectTransformStripWhitespaceRegisterTests(void);
 
 static void TransformStripWhitespace(InspectionBuffer *buffer);
+static bool TransformStripWhitespaceValidate(const uint8_t *content, uint16_t content_len);
 
 void DetectTransformStripWhitespaceRegister(void)
 {
@@ -48,6 +49,8 @@ void DetectTransformStripWhitespaceRegister(void)
         "/rules/transforms.html#strip-whitespace";
     sigmatch_table[DETECT_TRANSFORM_STRIP_WHITESPACE].Transform =
         TransformStripWhitespace;
+    sigmatch_table[DETECT_TRANSFORM_STRIP_WHITESPACE].TransformValidate =
+        TransformStripWhitespaceValidate;
     sigmatch_table[DETECT_TRANSFORM_STRIP_WHITESPACE].Setup =
         DetectTransformStripWhitespaceSetup;
     sigmatch_table[DETECT_TRANSFORM_STRIP_WHITESPACE].RegisterTests =
@@ -72,6 +75,26 @@ static int DetectTransformStripWhitespaceSetup (DetectEngineCtx *de_ctx, Signatu
     SCReturnInt(r);
 }
 
+/*
+ *  \brief Validate content bytes to see if it's compatible with this transform
+ *  \param content Byte array to check for compatibility
+ *  \param content_len Number of bytes to check
+ *  \retval false If the string contains spaces
+ *  \retval true Otherwise.
+ */
+static bool TransformStripWhitespaceValidate(const uint8_t *content,
+        uint16_t content_len)
+{
+    if (content) {
+        for (uint32_t i = 0; i < content_len; i++) {
+            if (isspace(*content++)) {
+                return false;
+            }
+        }
+    }
+    return true;
+}
+
 static void TransformStripWhitespace(InspectionBuffer *buffer)
 {
     const uint8_t *input = buffer->inspect;