typedef struct AppLayerProtoDetectPMSignature_ {
AppProto alproto;
+ SigIntId id;
/* \todo Change this into a non-pointer */
DetectContentData *cd;
struct AppLayerProtoDetectPMSignature_ *next;
/* \todo we don't need this except at setup time. Get rid of it. */
PatIntId max_pat_id;
+ SigIntId max_sig_id;
} AppLayerProtoDetectPMCtx;
typedef struct AppLayerProtoDetectCtxIpproto_ {
/* loop through unique pattern id's. Can't use search_cnt here,
* as that contains all matches, tctx->pmq.pattern_id_array_cnt
* contains only *unique* matches. */
- for (cnt = 0; cnt < tctx->pmq.pattern_id_array_cnt; cnt++) {
- const AppLayerProtoDetectPMSignature *s = pm_ctx->map[tctx->pmq.pattern_id_array[cnt]];
+ for (cnt = 0; cnt < tctx->pmq.rule_id_array_cnt; cnt++) {
+ const AppLayerProtoDetectPMSignature *s = pm_ctx->map[tctx->pmq.rule_id_array[cnt]];
while (s != NULL) {
AppProto proto = AppLayerProtoDetectPMMatchSignature(s,
buf, searchlen, ipproto);
SCEnter();
const AppLayerProtoDetectPMSignature *s = NULL;
- int pat_id, max_pat_id;
-
int i, j;
uint8_t ipproto;
ipproto = FlowGetReverseProtoMapping(i);
for (j = 0; j < 2; j++) {
AppLayerProtoDetectPMCtx *pm_ctx = &alpd_ctx.ctx_ipp[i].ctx_pm[j];
- max_pat_id = pm_ctx->max_pat_id;
-
- for (pat_id = 0; pat_id < max_pat_id; pat_id++) {
- s = pm_ctx->map[pat_id];
- while (s != NULL) {
- if (s->alproto == alproto)
- ipprotos[ipproto / 8] |= 1 << (ipproto % 8);
- s = s->next;
- }
+
+ SigIntId x;
+ for (x = 0; x < pm_ctx->max_sig_id;x++) {
+ s = pm_ctx->map[x];
+ if (s->alproto == alproto)
+ ipprotos[ipproto / 8] |= 1 << (ipproto % 8);
}
}
}
for (s = ctx->head; s != NULL; s = s->next) {
struct_total_size += sizeof(TempContainer);
content_total_size += s->cd->content_len;
+ ctx->max_sig_id++;
}
ahb = SCMalloc(sizeof(uint8_t) * (struct_total_size + content_total_size));
SCEnter();
int ret = 0;
- PatIntId max_pat_id = 0, tmp_pat_id;
AppLayerProtoDetectPMSignature *s, *next_s;
int mpm_ret;
+ SigIntId id = 0;
- max_pat_id = ctx->max_pat_id;
-
- ctx->map = SCMalloc((max_pat_id) * sizeof(AppLayerProtoDetectPMSignature *));
+ ctx->map = SCMalloc(ctx->max_sig_id * sizeof(AppLayerProtoDetectPMSignature *));
if (ctx->map == NULL)
goto error;
- memset(ctx->map, 0, (max_pat_id) * sizeof(AppLayerProtoDetectPMSignature *));
+ memset(ctx->map, 0, ctx->max_sig_id * sizeof(AppLayerProtoDetectPMSignature *));
- /* add an array indexed by pattern id to look up the sig */
- for (s = ctx->head; s != NULL;) {
+ /* add an array indexed by rule id to look up the sig */
+ for (s = ctx->head; s != NULL; ) {
next_s = s->next;
- s->next = ctx->map[s->cd->id];
- ctx->map[s->cd->id] = s;
- s = next_s;
- }
- ctx->head = NULL;
+ s->id = id++;
+ SCLogDebug("s->id %u", s->id);
-
- for (tmp_pat_id = 0; tmp_pat_id < max_pat_id; tmp_pat_id++) {
- s = NULL;
- for (s = ctx->map[tmp_pat_id]; s != NULL; s = s->next) {
- if (s->cd->flags & DETECT_CONTENT_NOCASE) {
- break;
- }
- }
- /* if s != NULL now, it's CI. If NULL, CS */
-
- if (s != NULL) {
+ if (s->cd->flags & DETECT_CONTENT_NOCASE) {
mpm_ret = MpmAddPatternCI(&ctx->mpm_ctx,
s->cd->content, s->cd->content_len,
- 0, 0, tmp_pat_id, 0, 0);
+ 0, 0, s->cd->id, s->id, 0);
if (mpm_ret < 0)
goto error;
} else {
- s = ctx->map[tmp_pat_id];
- if (s == NULL)
- goto error;
-
mpm_ret = MpmAddPatternCS(&ctx->mpm_ctx,
s->cd->content, s->cd->content_len,
- 0, 0, tmp_pat_id, 0, 0);
+ 0, 0, s->cd->id, s->id, 0);
if (mpm_ret < 0)
goto error;
}
+
+ ctx->map[s->id] = s;
+ s->next = NULL;
+ s = next_s;
}
+ ctx->head = NULL;
goto end;
error:
if (AppLayerProtoDetectPMSetContentIDs(ctx_pm) < 0)
goto error;
- if (ctx_pm->max_pat_id == 0)
+ if (ctx_pm->max_sig_id == 0)
continue;
if (AppLayerProtoDetectPMMapSignatures(ctx_pm) < 0)
int dir = 0;
PatIntId id = 0;
AppLayerProtoDetectPMCtx *pm_ctx = NULL;
- AppLayerProtoDetectPMSignature *sig = NULL, *next_sig = NULL;
+ AppLayerProtoDetectPMSignature *sig = NULL;
for (ipproto_map = 0; ipproto_map < FLOW_PROTO_DEFAULT; ipproto_map++) {
for (dir = 0; dir < 2; dir++) {
pm_ctx = &alpd_ctx.ctx_ipp[ipproto_map].ctx_pm[dir];
mpm_table[pm_ctx->mpm_ctx.mpm_type].DestroyCtx(pm_ctx->mpm_ctx.ctx);
- for (id = 0; id < pm_ctx->max_pat_id; id++) {
+ for (id = 0; id < pm_ctx->max_sig_id; id++) {
sig = pm_ctx->map[id];
- while (sig != NULL) {
- next_sig = sig->next;
- AppLayerProtoDetectPMFreeSignature(sig);
- sig = next_sig;
- }
+ AppLayerProtoDetectPMFreeSignature(sig);
}
}
}
projects / thirdparty / suricata.git / commitdiff
