use crate::detect::parser::{parse_var, take_until_whitespace, ResultValue};
use std::ffi::{CStr, CString};
use std::os::raw::c_char;
-use crate::ffi::base64::Base64Mode;
+use crate::ffi::base64::SCBase64Mode;
use nom7::bytes::complete::tag;
use nom7::character::complete::multispace0;
use nom7::{Err, IResult};
use std::str;
-pub const TRANSFORM_FROM_BASE64_MODE_DEFAULT: Base64Mode = Base64Mode::Base64ModeRFC4648;
+pub const TRANSFORM_FROM_BASE64_MODE_DEFAULT: SCBase64Mode = SCBase64Mode::SCBase64ModeRFC4648;
const DETECT_TRANSFORM_BASE64_MAX_PARAM_COUNT: usize = 3;
pub const DETECT_TRANSFORM_BASE64_FLAG_MODE: u8 = 0x01;
nbytes_str: *const c_char,
offset: u32,
offset_str: *const c_char,
- mode: Base64Mode,
+ mode: SCBase64Mode,
}
impl Drop for SCDetectTransformFromBase64Data {
}
}
-fn get_mode_value(value: &str) -> Option<Base64Mode> {
+fn get_mode_value(value: &str) -> Option<SCBase64Mode> {
let res = match value {
- "rfc4648" => Some(Base64Mode::Base64ModeRFC4648),
- "rfc2045" => Some(Base64Mode::Base64ModeRFC2045),
- "strict" => Some(Base64Mode::Base64ModeStrict),
+ "rfc4648" => Some(SCBase64Mode::SCBase64ModeRFC4648),
+ "rfc2045" => Some(SCBase64Mode::SCBase64ModeRFC2045),
+ "strict" => Some(SCBase64Mode::SCBase64ModeStrict),
_ => None,
};
nbytes_str: &str,
offset: u32,
offset_str: &str,
- mode: Base64Mode,
+ mode: SCBase64Mode,
flags: u8,
) {
let tbd = SCDetectTransformFromBase64Data {
assert_eq!(val, tbd);
tbd.flags = DETECT_TRANSFORM_BASE64_FLAG_MODE;
- tbd.mode = Base64Mode::Base64ModeRFC2045;
+ tbd.mode = SCBase64Mode::SCBase64ModeRFC2045;
tbd.offset = 0;
tbd.nbytes = 0;
let (_, val) = parse_transform_base64("mode rfc2045").unwrap();
"",
3933,
"",
- Base64Mode::Base64ModeStrict,
+ SCBase64Mode::SCBase64ModeStrict,
DETECT_TRANSFORM_BASE64_FLAG_NBYTES
| DETECT_TRANSFORM_BASE64_FLAG_OFFSET
| DETECT_TRANSFORM_BASE64_FLAG_MODE,
"",
3933,
"",
- Base64Mode::Base64ModeRFC2045,
+ SCBase64Mode::SCBase64ModeRFC2045,
DETECT_TRANSFORM_BASE64_FLAG_NBYTES
| DETECT_TRANSFORM_BASE64_FLAG_OFFSET
| DETECT_TRANSFORM_BASE64_FLAG_MODE,
"",
3933,
"",
- Base64Mode::Base64ModeRFC4648,
+ SCBase64Mode::SCBase64ModeRFC4648,
DETECT_TRANSFORM_BASE64_FLAG_NBYTES
| DETECT_TRANSFORM_BASE64_FLAG_OFFSET
| DETECT_TRANSFORM_BASE64_FLAG_MODE,
"",
0,
"var",
- Base64Mode::Base64ModeRFC4648,
+ SCBase64Mode::SCBase64ModeRFC4648,
DETECT_TRANSFORM_BASE64_FLAG_NBYTES
| DETECT_TRANSFORM_BASE64_FLAG_OFFSET_VAR
| DETECT_TRANSFORM_BASE64_FLAG_OFFSET
"var",
3933,
"",
- Base64Mode::Base64ModeRFC4648,
+ SCBase64Mode::SCBase64ModeRFC4648,
DETECT_TRANSFORM_BASE64_FLAG_NBYTES
| DETECT_TRANSFORM_BASE64_FLAG_NBYTES_VAR
| DETECT_TRANSFORM_BASE64_FLAG_OFFSET
#[repr(C)]
#[allow(non_camel_case_types)]
-pub enum Base64ReturnCode {
+pub enum SCBase64ReturnCode {
SC_BASE64_OK = 0,
SC_BASE64_INVALID_ARG,
SC_BASE64_OVERFLOW,
#[repr(C)]
#[derive(Copy, Clone, Debug, PartialEq, Eq)]
-pub enum Base64Mode {
+pub enum SCBase64Mode {
/* If the following strings were to be passed to the decoder with RFC2045 mode,
* the results would be as follows. See the unittest B64TestVectorsRFC2045 in
* src/util-base64.c
* BASE64("foobar") = "Zm$9vYm.Fy" # According to RFC 2045, All line breaks or *other
* characters* not found in base64 alphabet must be ignored by decoding software
* */
- Base64ModeRFC2045 = 0, /* SPs are allowed during transfer but must be skipped by Decoder */
- Base64ModeStrict,
+ SCBase64ModeRFC2045 = 0, /* SPs are allowed during transfer but must be skipped by Decoder */
+ SCBase64ModeStrict,
/* If the following strings were to be passed to the decoder with RFC4648 mode,
* the results would be as follows. See the unittest B64TestVectorsRFC4648 in
* src/util-base64.c
* BASE64("f") = "Zm$9vYm.Fy" <-- Notice how the processing stops once an invalid char is
* encountered
* */
- Base64ModeRFC4648, /* reject the encoded data if it contains characters outside the base alphabet */
+ SCBase64ModeRFC4648, /* reject the encoded data if it contains characters outside the base alphabet */
}
#[no_mangle]
-pub unsafe extern "C" fn Base64DecodeBufferSize(input_len: u32) -> u32 {
+pub unsafe extern "C" fn SCBase64DecodeBufferSize(input_len: u32) -> u32 {
return get_decoded_buffer_size(input_len);
}
/// This method exposes the Rust base64 decoder to C and should not be called from
/// Rust code.
///
-/// It allows decoding in the modes described by ``Base64Mode`` enum.
+/// It allows decoding in the modes described by ``SCBase64Mode`` enum.
#[no_mangle]
-pub unsafe extern "C" fn Base64Decode(
- input: *const u8, len: usize, mode: Base64Mode, output: *mut u8) -> u32 {
+pub unsafe extern "C" fn SCBase64Decode(
+ input: *const u8, len: usize, mode: SCBase64Mode, output: *mut u8) -> u32 {
if input.is_null() || len == 0 {
return 0;
}
let mut num_decoded: u32 = 0;
let mut decoder = Decoder::new();
match mode {
- Base64Mode::Base64ModeRFC2045 => {
+ SCBase64Mode::SCBase64ModeRFC2045 => {
if decode_rfc2045(&mut decoder, in_vec, out_vec, &mut num_decoded).is_err() {
debug_validate_bug_on!(num_decoded >= len as u32);
return num_decoded;
}
}
- Base64Mode::Base64ModeRFC4648 => {
+ SCBase64Mode::SCBase64ModeRFC4648 => {
if decode_rfc4648(&mut decoder, in_vec, out_vec, &mut num_decoded).is_err() {
debug_validate_bug_on!(num_decoded >= len as u32);
return num_decoded;
}
}
- Base64Mode::Base64ModeStrict => {
+ SCBase64Mode::SCBase64ModeStrict => {
if let Ok(decoded_len) = STANDARD.decode_slice(in_vec, out_vec) {
num_decoded = decoded_len as u32;
}
/// Rust code.
///
/// The output parameter must be an allocated buffer of at least the size returned
-/// from Base64EncodeBufferSize for the input_len, and this length must be provided
+/// from SCBase64EncodeBufferSize for the input_len, and this length must be provided
/// in the output_len variable.
#[no_mangle]
-pub unsafe extern "C" fn Base64Encode(
+pub unsafe extern "C" fn SCBase64Encode(
input: *const u8, input_len: c_ulong, output: *mut c_uchar, output_len: *mut c_ulong,
-) -> Base64ReturnCode {
+) -> SCBase64ReturnCode {
if input.is_null() || output.is_null() || output_len.is_null() {
- return Base64ReturnCode::SC_BASE64_INVALID_ARG;
+ return SCBase64ReturnCode::SC_BASE64_INVALID_ARG;
}
let input = std::slice::from_raw_parts(input, input_len as usize);
let encoded = STANDARD.encode(input);
if encoded.len() + 1 > *output_len as usize {
- return Base64ReturnCode::SC_BASE64_OVERFLOW;
+ return SCBase64ReturnCode::SC_BASE64_OVERFLOW;
}
let output = std::slice::from_raw_parts_mut(&mut *output, *output_len as usize);
output[0..encoded.len()].copy_from_slice(encoded.as_bytes());
output[encoded.len()] = 0;
*output_len = encoded.len() as c_ulong;
- Base64ReturnCode::SC_BASE64_OK
+ SCBase64ReturnCode::SC_BASE64_OK
}
/// Ratio of output bytes to input bytes for Base64 Encoding is 4:3, hence the
/// required output bytes are 4 * ceil(input_len / 3) and an additional byte for
/// storing the NULL pointer.
#[no_mangle]
-pub extern "C" fn Base64EncodeBufferSize(len: c_ulong) -> c_ulong {
+pub extern "C" fn SCBase64EncodeBufferSize(len: c_ulong) -> c_ulong {
(4 * ((len) + 2) / 3) + 1
}
{
const StringType *str = s;
- unsigned long len = Base64EncodeBufferSize(str->len);
+ unsigned long len = SCBase64EncodeBufferSize(str->len);
uint8_t encoded_data[len];
- if (Base64Encode((unsigned char *)str->ptr, str->len,
- encoded_data, &len) != SC_BASE64_OK)
+ if (SCBase64Encode((unsigned char *)str->ptr, str->len, encoded_data, &len) != SC_BASE64_OK)
return 0;
strlcpy(out, (const char *)encoded_data, out_size);
if (r == NULL) {
line[strlen(line) - 1] = '\0';
SCLogDebug("line: '%s'", line);
- uint32_t decoded_size = Base64DecodeBufferSize(strlen(line));
+ uint32_t decoded_size = SCBase64DecodeBufferSize(strlen(line));
// coverity[alloc_strlen : FALSE]
uint8_t decoded[decoded_size];
- uint32_t num_decoded =
- Base64Decode((const uint8_t *)line, strlen(line), Base64ModeStrict, decoded);
+ uint32_t num_decoded = SCBase64Decode(
+ (const uint8_t *)line, strlen(line), SCBase64ModeStrict, decoded);
if (num_decoded == 0 && strlen(line) > 0) {
FatalErrorOnInit("bad base64 encoding %s/%s", set->name, set->load);
continue;
*r = '\0';
- uint32_t decoded_size = Base64DecodeBufferSize(strlen(line));
+ uint32_t decoded_size = SCBase64DecodeBufferSize(strlen(line));
uint8_t decoded[decoded_size];
- uint32_t num_decoded =
- Base64Decode((const uint8_t *)line, strlen(line), Base64ModeStrict, decoded);
+ uint32_t num_decoded = SCBase64Decode(
+ (const uint8_t *)line, strlen(line), SCBase64ModeStrict, decoded);
if (num_decoded == 0) {
FatalErrorOnInit("bad base64 encoding %s/%s", set->name, set->load);
continue;
switch (set->type) {
case DATASET_TYPE_STRING: {
- uint32_t decoded_size = Base64DecodeBufferSize(strlen(string));
+ uint32_t decoded_size = SCBase64DecodeBufferSize(strlen(string));
uint8_t decoded[decoded_size];
- uint32_t num_decoded = Base64Decode(
- (const uint8_t *)string, strlen(string), Base64ModeStrict, decoded);
+ uint32_t num_decoded = SCBase64Decode(
+ (const uint8_t *)string, strlen(string), SCBase64ModeStrict, decoded);
if (num_decoded == 0) {
return -2;
}
if (decode_len > 0) {
uint32_t num_decoded =
- Base64Decode(payload, decode_len, Base64ModeRFC4648, det_ctx->base64_decoded);
+ SCBase64Decode(payload, decode_len, SCBase64ModeRFC4648, det_ctx->base64_decoded);
det_ctx->base64_decoded_len = num_decoded;
SCLogDebug("Decoded %d bytes from base64 data.", det_ctx->base64_decoded_len);
}
static int DetectTransformFromBase64DecodeSetup(DetectEngineCtx *, Signature *, const char *);
static void DetectTransformFromBase64DecodeFree(DetectEngineCtx *, void *);
#ifdef UNITTESTS
-#define DETECT_TRANSFORM_FROM_BASE64_MODE_DEFAULT (uint8_t) Base64ModeRFC4648
+#define DETECT_TRANSFORM_FROM_BASE64_MODE_DEFAULT (uint8_t) SCBase64ModeRFC4648
static void DetectTransformFromBase64DecodeRegisterTests(void);
#endif
static void TransformFromBase64Decode(InspectionBuffer *buffer, void *options);
const uint32_t input_len = buffer->inspect_len;
uint32_t decode_length = input_len;
- Base64Mode mode = b64d->mode;
+ SCBase64Mode mode = b64d->mode;
uint32_t offset = b64d->offset;
uint32_t nbytes = b64d->nbytes;
return;
}
- uint32_t decoded_size = Base64DecodeBufferSize(decode_length);
+ uint32_t decoded_size = SCBase64DecodeBufferSize(decode_length);
uint8_t decoded[decoded_size];
- uint32_t num_decoded = Base64Decode((const uint8_t *)input, decode_length, mode, decoded);
+ uint32_t num_decoded = SCBase64Decode((const uint8_t *)input, decode_length, mode, decoded);
if (num_decoded > 0) {
// PrintRawDataFp(stdout, output, b64data->decoded_len);
InspectionBufferCopy(buffer, decoded, num_decoded);
uint32_t input_len = strlen((char *)input);
const char *result = "foobar";
uint32_t result_len = strlen((char *)result);
- SCDetectTransformFromBase64Data b64d = { .nbytes = input_len, .mode = Base64ModeRFC2045 };
+ SCDetectTransformFromBase64Data b64d = { .nbytes = input_len, .mode = SCBase64ModeRFC2045 };
InspectionBuffer buffer;
InspectionBufferInit(&buffer, input_len);
{
const uint8_t *input = (const uint8_t *)"This is Suricata\n";
uint32_t input_len = strlen((char *)input);
- SCDetectTransformFromBase64Data b64d = { .nbytes = input_len, .mode = Base64ModeStrict };
+ SCDetectTransformFromBase64Data b64d = { .nbytes = input_len, .mode = SCBase64ModeStrict };
InspectionBuffer buffer;
InspectionBuffer buffer_orig;
InspectionBufferInit(&buffer, input_len);
uint32_t result_len = strlen((char *)result);
SCDetectTransformFromBase64Data b64d = { .nbytes = input_len - 4, /* NB: stop early */
- .mode = Base64ModeRFC2045 };
+ .mode = SCBase64ModeRFC2045 };
InspectionBuffer buffer;
InspectionBufferInit(&buffer, input_len);
const uint8_t *input = (const uint8_t *)"This is not base64-encoded";
uint32_t input_len = strlen((char *)input);
- SCDetectTransformFromBase64Data b64d = { .nbytes = input_len, .mode = Base64ModeRFC2045 };
+ SCDetectTransformFromBase64Data b64d = { .nbytes = input_len, .mode = SCBase64ModeRFC2045 };
InspectionBuffer buffer;
InspectionBufferInit(&buffer, input_len);
}
TAILQ_FOREACH (cert, &connp->certs, next) {
- pemlen = Base64EncodeBufferSize(cert->cert_len);
+ pemlen = SCBase64EncodeBufferSize(cert->cert_len);
if (pemlen > aft->enc_buf_len) {
ptmp = (uint8_t*) SCRealloc(aft->enc_buf, sizeof(uint8_t) * pemlen);
if (ptmp == NULL) {
memset(aft->enc_buf, 0, aft->enc_buf_len);
- ret = Base64Encode((unsigned char*) cert->cert_data, cert->cert_len, aft->enc_buf, &pemlen);
+ ret = SCBase64Encode(
+ (unsigned char *)cert->cert_data, cert->cert_len, aft->enc_buf, &pemlen);
if (ret != SC_BASE64_OK) {
- SCLogWarning("Invalid return of Base64Encode function");
+ SCLogWarning("Invalid return of SCBase64Encode function");
goto end_fwrite_fp;
}
if (SCSha1HashBuffer((const uint8_t *)&ipv4, sizeof(ipv4), hash, sizeof(hash)) == 1) {
strlcpy((char *)base64buf, "1:", COMMUNITY_ID_BUF_SIZE);
unsigned long out_len = COMMUNITY_ID_BUF_SIZE - 2;
- if (Base64Encode(hash, sizeof(hash), base64buf+2, &out_len) == SC_BASE64_OK) {
+ if (SCBase64Encode(hash, sizeof(hash), base64buf + 2, &out_len) == SC_BASE64_OK) {
return true;
}
}
if (SCSha1HashBuffer((const uint8_t *)&ipv6, sizeof(ipv6), hash, sizeof(hash)) == 1) {
strlcpy((char *)base64buf, "1:", COMMUNITY_ID_BUF_SIZE);
unsigned long out_len = COMMUNITY_ID_BUF_SIZE - 2;
- if (Base64Encode(hash, sizeof(hash), base64buf+2, &out_len) == SC_BASE64_OK) {
+ if (SCBase64Encode(hash, sizeof(hash), base64buf + 2, &out_len) == SC_BASE64_OK) {
return true;
}
}
static void Base64FuzzTest(const uint8_t *src, size_t len)
{
- uint32_t decoded_len = Base64DecodeBufferSize(len);
+ uint32_t decoded_len = SCBase64DecodeBufferSize(len);
uint8_t *decoded = SCCalloc(decoded_len, sizeof(uint8_t));
- for (uint8_t mode = Base64ModeRFC2045; mode <= Base64ModeStrict; mode++) {
- (void)Base64Decode(src, len, mode, decoded);
+ for (uint8_t mode = SCBase64ModeRFC2045; mode <= SCBase64ModeStrict; mode++) {
+ (void)SCBase64Decode(src, len, mode, decoded);
}
SCFree(decoded);
projects / thirdparty / suricata.git / commitdiff
