return -1;
}
-/**
- * \brief Extends a target address range if the the source address range is
- * wider than the target address range on either sides.
- *
- * Every address is a range, i.e. address->ip1....address->ip2. For
- * example 1.2.3.4 to 192.168.1.1.
- * if source->ip1 is smaller than target->ip1, it indicates that the
- * source's left address limit is greater(range wise) than the target's
- * left address limit, and hence we reassign the target's left address
- * limit to source's left address limit.
- * Similary if source->ip2 is greater than target->ip2, it indicates that
- * the source's right address limit is greater(range wise) than the
- * target's right address limit, and hence we reassign the target's right
- * address limit to source's right address limit.
- *
- * \param de_ctx Pointer to the detection engine context.
- * \param target Pointer to the target DetectAddress instance that has to be
- * updated.
- * \param source Pointer to the source DetectAddress instance that is used
- * to decided whether we extend the target's address range.
- *
- * \retval 0 On success.
- * \retval -1 On failure.
- */
-int DetectAddressJoinIPv4(DetectEngineCtx *de_ctx, DetectAddress *target,
- DetectAddress *source)
-{
- if (source == NULL || target == NULL)
- return -1;
-
- if (SCNtohl(source->ip.addr_data32[0]) < SCNtohl(target->ip.addr_data32[0]))
- target->ip.addr_data32[0] = source->ip.addr_data32[0];
-
- if (SCNtohl(source->ip2.addr_data32[0]) > SCNtohl(target->ip2.addr_data32[0]))
- target->ip2.addr_data32[0] = source->ip2.addr_data32[0];
-
- return 0;
-}
-
/********************************Unittests*************************************/
#ifdef UNITTESTS
return 0;
}
-static int DetectAddressIPv4Join10(void)
-{
- struct in_addr in;
- int result = 1;
-
- DetectAddress *source = DetectAddressInit();
- if (source == NULL)
- return 0;
-
- DetectAddress *target = DetectAddressInit();
- if (target == NULL) {
- DetectAddressFree(source);
- return 0;
- }
-
- if (inet_pton(AF_INET, "128.51.61.124", &in) < 0)
- goto error;
- target->ip.addr_data32[0] = in.s_addr;
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- target->ip2.addr_data32[0] = in.s_addr;
-
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- source->ip.addr_data32[0] = in.s_addr;
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- source->ip2.addr_data32[0] = in.s_addr;
-
- result &= (DetectAddressJoinIPv4(NULL, target, source) == 0);
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- result &= (target->ip.addr_data32[0] == in.s_addr);
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- result &= (target->ip2.addr_data32[0] == in.s_addr);
-
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- target->ip.addr_data32[0] = in.s_addr;
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- target->ip2.addr_data32[0] = in.s_addr;
-
- if (inet_pton(AF_INET, "1.2.3.5", &in) < 0)
- goto error;
- source->ip.addr_data32[0] = in.s_addr;
- if (inet_pton(AF_INET, "192.168.1.1", &in) < 0)
- goto error;
- source->ip2.addr_data32[0] = in.s_addr;
-
- result &= (DetectAddressJoinIPv4(NULL, target, source) == 0);
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- result &= (target->ip.addr_data32[0] == in.s_addr);
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- result &= (target->ip2.addr_data32[0] == in.s_addr);
-
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- target->ip.addr_data32[0] = in.s_addr;
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- target->ip2.addr_data32[0] = in.s_addr;
-
- if (inet_pton(AF_INET, "128.1.5.15", &in) < 0)
- goto error;
- source->ip.addr_data32[0] = in.s_addr;
- if (inet_pton(AF_INET, "200.202.200.200", &in) < 0)
- goto error;
- source->ip2.addr_data32[0] = in.s_addr;
-
- result &= (DetectAddressJoinIPv4(NULL, target, source) == 0);
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- result &= (target->ip.addr_data32[0] == in.s_addr);
- if (inet_pton(AF_INET, "200.202.200.200", &in) < 0)
- goto error;
- result &= (target->ip2.addr_data32[0] == in.s_addr);
-
- if (inet_pton(AF_INET, "128.51.61.124", &in) < 0)
- goto error;
- target->ip.addr_data32[0] = in.s_addr;
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- target->ip2.addr_data32[0] = in.s_addr;
-
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- source->ip.addr_data32[0] = in.s_addr;
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- source->ip2.addr_data32[0] = in.s_addr;
-
- result &= (DetectAddressJoinIPv4(NULL, target, source) == 0);
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- result &= (target->ip.addr_data32[0] == in.s_addr);
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- result &= (target->ip2.addr_data32[0] == in.s_addr);
-
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- target->ip.addr_data32[0] = in.s_addr;
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- target->ip2.addr_data32[0] = in.s_addr;
-
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- source->ip.addr_data32[0] = in.s_addr;
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- source->ip2.addr_data32[0] = in.s_addr;
-
- result &= (DetectAddressJoinIPv4(NULL, target, source) == 0);
- if (inet_pton(AF_INET, "1.2.3.4", &in) < 0)
- goto error;
- result &= (target->ip.addr_data32[0] == in.s_addr);
- if (inet_pton(AF_INET, "192.168.1.2", &in) < 0)
- goto error;
- result &= (target->ip2.addr_data32[0] == in.s_addr);
-
- DetectAddressFree(source);
- DetectAddressFree(target);
- return result;
-
- error:
- DetectAddressFree(source);
- DetectAddressFree(target);
- return 0;
-}
-
#endif
void DetectAddressIPv4Tests(void)
UtRegisterTest("DetectAddressIPv4CutNot07", DetectAddressIPv4CutNot07);
UtRegisterTest("DetectAddressIPv4CutNot08", DetectAddressIPv4CutNot08);
UtRegisterTest("DetectAddressIPv4CutNot09", DetectAddressIPv4CutNot09);
- UtRegisterTest("DetectAddressIPv4Join10", DetectAddressIPv4Join10);
#endif
}
int DetectAddressCutIPv4(DetectEngineCtx *, DetectAddress *,
DetectAddress *, DetectAddress **);
-int DetectAddressJoinIPv4(DetectEngineCtx *, DetectAddress *target,
- DetectAddress *source);
int DetectAddressIsCompleteIPSpaceIPv4(DetectAddress *);
void DetectAddressIPv4Tests(void);
return -1;
}
-/**
- * \brief Extends a target address range if the the source address range is
- * wider than the target address range on either sides.
- *
- * Every address is a range, i.e. address->ip1....address->ip2. For
- * example 2000::-2010::
- * if source->ip1 is smaller than target->ip1, it indicates that the
- * source's left address limit is greater(range wise) than the target's
- * left address limit, and hence we reassign the target's left address
- * limit to source's left address limit.
- * Similary if source->ip2 is greater than target->ip2, it indicates that
- * the source's right address limit is greater(range wise) than the
- * target's right address limit, and hence we reassign the target's right
- * address limit to source's right address limit.
- *
- * \param de_ctx Pointer to the detection engine context.
- * \param target Pointer to the target DetectAddress instance that has to be
- * updated.
- * \param source Pointer to the source DetectAddress instance that is used
- * to decided whether we extend the target's address range.
- *
- * \retval 0 On success.
- * \retval -1 On failure.
- */
-int DetectAddressJoinIPv6(DetectEngineCtx *de_ctx, DetectAddress *target,
- DetectAddress *source)
-{
- if (AddressIPv6Lt(&source->ip, &target->ip)) {
- COPY_ADDRESS(&source->ip, &target->ip);
- }
-
- if (AddressIPv6Gt(&source->ip, &target->ip)) {
- COPY_ADDRESS(&source->ip2, &target->ip2);
- }
-
- return 0;
-}
-
/***************************************Unittests******************************/
return 0;
}
-static int AddressTestIPv6Join01(void)
-{
- DetectAddress *source = DetectAddressInit();
- DetectAddress *target = DetectAddressInit();
- DetectAddress *temp = DetectAddressInit();
- struct in6_addr in6;
- int result = 1;
-
- if (source == NULL || target == NULL || temp == NULL)
- goto error;
-
- /* case 1 */
- if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
- goto error;
- memcpy(&target->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&target->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
-
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&source->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&source->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
-
- result &= (DetectAddressJoinIPv6(NULL, target, source) == 0);
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
- result = (DetectAddressCmpIPv6(target, temp) == ADDRESS_EQ);
-
- /* case 2 */
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&target->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&target->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
-
- if (inet_pton(AF_INET6, "2000::2", &in6) != 1)
- goto error;
- memcpy(&source->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::19", &in6) != 1)
- goto error;
- memcpy(&source->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
-
- result &= (DetectAddressJoinIPv6(NULL, target, source) == 0);
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
- result = (DetectAddressCmpIPv6(target, temp) == ADDRESS_EQ);
-
- /* case 3 */
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&target->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
- goto error;
- memcpy(&target->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
-
- if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
- goto error;
- memcpy(&source->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&source->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
-
- result &= (DetectAddressJoinIPv6(NULL, target, source) == 0);
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
- result = (DetectAddressCmpIPv6(target, temp) == ADDRESS_EQ);
-
- /* case 4 */
- if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
- goto error;
- memcpy(&target->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&target->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
-
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&source->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&source->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
-
- result &= (DetectAddressJoinIPv6(NULL, target, source) == 0);
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
- result = (DetectAddressCmpIPv6(target, temp) == ADDRESS_EQ);
-
- /* case 5 */
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&target->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&target->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
-
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&source->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&source->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
-
- result &= (DetectAddressJoinIPv6(NULL, target, source) == 0);
- if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
- goto error;
- memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
- if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
- goto error;
- memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
- result = (DetectAddressCmpIPv6(target, temp) == ADDRESS_EQ);
-
- if (source != NULL)
- DetectAddressFree(source);
- if (target != NULL)
- DetectAddressFree(target);
- if (temp != NULL)
- DetectAddressFree(temp);
- return result;
-
- error:
- if (source != NULL)
- DetectAddressFree(source);
- if (target != NULL)
- DetectAddressFree(target);
- if (temp != NULL)
- DetectAddressFree(temp);
-
- return 0;
-}
-
#endif /* UNITTESTS */
void DetectAddressIPv6Tests(void)
UtRegisterTest("AddressTestIPv6CutNot03", AddressTestIPv6CutNot03);
UtRegisterTest("AddressTestIPv6CutNot04", AddressTestIPv6CutNot04);
UtRegisterTest("AddressTestIPv6CutNot05", AddressTestIPv6CutNot05);
-
- UtRegisterTest("AddressTestIPv6Join01", AddressTestIPv6Join01);
#endif /* UNITTESTS */
return;
int DetectAddressCutIPv6(DetectEngineCtx *, DetectAddress *, DetectAddress *,
DetectAddress **);
-int DetectAddressJoinIPv6(DetectEngineCtx *, DetectAddress *, DetectAddress *);
void DetectAddressIPv6Tests(void);
#include "util-var.h"
/* prototypes */
-void DetectAddressPrint(DetectAddress *);
+#ifdef DEBUG
+static void DetectAddressPrint(DetectAddress *);
+#else
+#define DetectAddressPrint(...)
+#endif
static int DetectAddressCutNot(DetectAddress *, DetectAddress **);
static int DetectAddressCut(DetectEngineCtx *, DetectAddress *, DetectAddress *,
DetectAddress **);
*/
DetectAddress *DetectAddressInit(void)
{
- DetectAddress *ag = SCMalloc(sizeof(DetectAddress));
+ DetectAddress *ag = SCCalloc(1, sizeof(DetectAddress));
if (unlikely(ag == NULL))
return NULL;
- memset(ag, 0, sizeof(DetectAddress));
-
return ag;
}
}
/**
- * \brief Copies the contents of one Address group in DetectAddress and returns
- * a new instance of the DetectAddress that contains the copied address.
+ * \internal
+ * \brief Returns a new instance of DetectAddressHead.
+ *
+ * \retval gh Pointer to the new instance of DetectAddressHead.
+ */
+static DetectAddressHead *DetectAddressHeadInit(void)
+{
+ DetectAddressHead *gh = SCCalloc(1, sizeof(DetectAddressHead));
+ if (unlikely(gh == NULL))
+ return NULL;
+ return gh;
+}
+
+/**
+ * \internal
+ * \brief Frees a DetectAddressHead instance.
+ *
+ * \param gh Pointer to the DetectAddressHead instance to be freed.
+ */
+static void DetectAddressHeadFree(DetectAddressHead *gh)
+{
+ if (gh != NULL) {
+ DetectAddressHeadCleanup(gh);
+ SCFree(gh);
+ }
+}
+
+/**
+ * \brief copy a DetectAddress
*
* \param orig Pointer to the instance of DetectAddress that contains the
* address data to be copied to the new instance.
* \retval ag Pointer to the new instance of DetectAddress that contains the
* copied address.
*/
-DetectAddress *DetectAddressCopy(DetectAddress *orig)
+static DetectAddress *DetectAddressCopy(DetectAddress *orig)
{
DetectAddress *ag = DetectAddressInit();
if (ag == NULL)
return NULL;
ag->flags = orig->flags;
-
COPY_ADDRESS(&orig->ip, &ag->ip);
COPY_ADDRESS(&orig->ip2, &ag->ip2);
-
return ag;
}
-/**
- * \brief Used to check if a DetectAddress list contains an instance with
- * a similar DetectAddress. The comparison done is not the one that
- * checks the memory for the same instance, but one that checks that the
- * two instances hold the same content.
- *
- * \param head Pointer to the DetectAddress list.
- * \param ad Pointer to the DetectAddress that has to be checked for in
- * the DetectAddress list.
- *
- * \retval cur Returns a pointer to the DetectAddress on a match; NULL if
- * no match.
- */
-DetectAddress *DetectAddressLookupInList(DetectAddress *head, DetectAddress *gr)
-{
- DetectAddress *cur;
-
- if (head != NULL) {
- for (cur = head; cur != NULL; cur = cur->next) {
- if (DetectAddressCmp(cur, gr) == ADDRESS_EQ)
- return cur;
- }
- }
-
- return NULL;
-}
-
+#ifdef DEBUG
/**
* \brief Prints the address data information for all the DetectAddress
* instances in the DetectAddress list sent as the argument.
*/
void DetectAddressPrintList(DetectAddress *head)
{
- DetectAddress *cur;
-
SCLogInfo("list:");
- if (head != NULL) {
- for (cur = head; cur != NULL; cur = cur->next) {
- DetectAddressPrint(cur);
- }
+ for (DetectAddress *cur = head; cur != NULL; cur = cur->next) {
+ DetectAddressPrint(cur);
}
SCLogInfo("endlist");
-
- return;
}
+#endif
/**
+ * \internal
* \brief Frees a list of DetectAddress instances.
*
* \param head Pointer to a list of DetectAddress instances to be freed.
*/
-void DetectAddressCleanupList(DetectAddress *head)
+static void DetectAddressCleanupList(DetectAddress *head)
{
- DetectAddress *cur, *next;
-
- if (head == NULL)
- return;
-
- for (cur = head; cur != NULL; ) {
- next = cur->next;
+ for (DetectAddress *cur = head; cur != NULL; ) {
+ DetectAddress *next = cur->next;
cur->next = NULL;
DetectAddressFree(cur);
cur = next;
}
-
- return;
-}
-
-/**
- * \brief Do a sorted insert, where the top of the list should be the biggest
- * network/range.
- *
- * XXX current sorting only works for overlapping nets
- *
- * \param head Pointer to the list of DetectAddress.
- * \param ag Pointer to the DetectAddress that has to be added to the
- * above list.
- *
- * \retval 0 On successfully inserting the DetectAddress.
- * \retval -1 On failure.
- */
-
-int DetectAddressAdd(DetectAddress **head, DetectAddress *ag)
-{
- DetectAddress *cur, *prev_cur = NULL;
- int r = 0;
-
- if (*head != NULL) {
- for (cur = *head; cur != NULL; cur = cur->next) {
- prev_cur = cur;
- r = DetectAddressCmp(ag, cur);
- if (r == ADDRESS_EB) {
- /* insert here */
- ag->prev = cur->prev;
- ag->next = cur;
-
- cur->prev = ag;
- if (*head == cur)
- *head = ag;
- else
- ag->prev->next = ag;
-
- return 0;
- }
- }
- ag->prev = prev_cur;
- if (prev_cur != NULL)
- prev_cur->next = ag;
- } else {
- *head = ag;
- }
-
- return 0;
}
/**
}
/**
- * \brief Same as DetectAddressInsert, but then for inserting a address group
- * object. This also makes sure SigGroupContainer lists are handled
- * correctly.
+ * \internal
+ * \brief insert DetectAddress into a DetectAddressHead
*
* \param de_ctx Pointer to the detection engine context.
* \param gh Pointer to the DetectAddressHead list to which it has to
* \retval -1 On error.
* \retval 0 Not inserted, memory of new is freed.
*/
-int DetectAddressInsert(DetectEngineCtx *de_ctx, DetectAddressHead *gh,
+static int DetectAddressInsert(DetectEngineCtx *de_ctx, DetectAddressHead *gh,
DetectAddress *new)
{
DetectAddress *head = NULL;
return -1;
}
-/**
- * \brief Join two addresses groups together.
- *
- * \param de_ctx Pointer to the detection engine context.
- * \param target Pointer to the target address group.
- * \param source Pointer to the source address group.
- *
- * \retval 0 On success.
- * \retval -1 On failure.
- */
-int DetectAddressJoin(DetectEngineCtx *de_ctx, DetectAddress *target,
- DetectAddress *source)
-{
- if (target == NULL || source == NULL)
- return -1;
-
- if (target->ip.family != source->ip.family)
- return -1;
-
- if (target->ip.family == AF_INET)
- return DetectAddressJoinIPv4(de_ctx, target, source);
- else if (target->ip.family == AF_INET6)
- return DetectAddressJoinIPv6(de_ctx, target, source);
-
- return -1;
-}
-
/**
* \brief Checks if two address group lists are equal.
*
* \retval 0 On successfully parsing the address string.
* \retval -1 On failure.
*/
-int DetectAddressParseString(DetectAddress *dd, const char *str)
+static int DetectAddressParseString(DetectAddress *dd, const char *str)
{
char *ip = NULL;
char *ip2 = NULL;
*/
static DetectAddress *DetectAddressParseSingle(const char *str)
{
- DetectAddress *dd;
-
SCLogDebug("str %s", str);
- dd = DetectAddressInit();
+ DetectAddress *dd = DetectAddressInit();
if (dd == NULL)
- goto error;
+ return NULL;
if (DetectAddressParseString(dd, str) < 0) {
SCLogDebug("AddressParse failed");
- goto error;
+ DetectAddressFree(dd);
+ return NULL;
}
return dd;
-
-error:
- if (dd != NULL)
- DetectAddressFree(dd);
- return NULL;
}
/**
int DetectAddressParse(const DetectEngineCtx *de_ctx,
DetectAddressHead *gh, const char *str)
{
- int r;
- DetectAddressHead *ghn = NULL;
-
SCLogDebug("gh %p, str %s", gh, str);
if (str == NULL) {
SCLogDebug("DetectAddressParse can not be run with NULL address");
- goto error;
+ return -1;
}
- ghn = DetectAddressHeadInit();
+ DetectAddressHead *ghn = DetectAddressHeadInit();
if (ghn == NULL) {
SCLogDebug("DetectAddressHeadInit for ghn failed");
- goto error;
+ return -1;
}
- r = DetectAddressParse2(de_ctx, gh, ghn, str, /* start with negate no */0, NULL);
+ int r = DetectAddressParse2(de_ctx, gh, ghn, str, /* start with negate no */0, NULL);
if (r < 0) {
SCLogDebug("DetectAddressParse2 returned %d", r);
- goto error;
+ DetectAddressHeadFree(ghn);
+ return -1;
}
SCLogDebug("gh->ipv4_head %p, ghn->ipv4_head %p", gh->ipv4_head,
/* merge the 'not' address groups */
if (DetectAddressMergeNot(gh, ghn) < 0) {
SCLogDebug("DetectAddressMergeNot failed");
- goto error;
+ DetectAddressHeadFree(ghn);
+ return -1;
}
/* free the temp negate head */
DetectAddressHeadFree(ghn);
return contains_negation ? 1 : 0;
-
-error:
- if (ghn != NULL)
- DetectAddressHeadFree(ghn);
- return -1;
}
const DetectAddressHead *DetectParseAddress(DetectEngineCtx *de_ctx,
return head;
}
-/**
- * \brief Returns a new instance of DetectAddressHead.
- *
- * \retval gh Pointer to the new instance of DetectAddressHead.
- */
-DetectAddressHead *DetectAddressHeadInit(void)
-{
- DetectAddressHead *gh = SCMalloc(sizeof(DetectAddressHead));
- if (unlikely(gh == NULL))
- return NULL;
- memset(gh, 0, sizeof(DetectAddressHead));
-
- return gh;
-}
-
/**
* \brief Cleans a DetectAddressHead. The functions frees the address
* group heads(ipv4 and ipv6) inside the DetectAddressHead
return;
}
-/**
- * \brief Frees a DetectAddressHead instance.
- *
- * \param gh Pointer to the DetectAddressHead instance to be freed.
- */
-void DetectAddressHeadFree(DetectAddressHead *gh)
-{
- if (gh != NULL) {
- DetectAddressHeadCleanup(gh);
- SCFree(gh);
- }
-
- return;
-}
-
/**
* \brief Dispatcher function that calls the ipv4 and ipv6 address cut functions.
* Have a look at DetectAddressCutIPv4() and DetectAddressCutIPv6() for
SCReturnInt(0);
}
- uint16_t idx;
- for (idx = 0; idx < addrs_cnt; idx++) {
+ for (uint16_t idx = 0; idx < addrs_cnt; idx++) {
if (SCNtohl(a->addr_data32[0]) >= addrs[idx].ip &&
SCNtohl(a->addr_data32[0]) <= addrs[idx].ip2)
{
SCReturnInt(0);
}
- uint16_t idx;
- int i = 0;
- uint16_t result1, result2;
-
/* See if the packet address is within the range of any entry in the
* signature's address match array.
*/
- for (idx = 0; idx < addrs_cnt; idx++) {
- result1 = result2 = 0;
+ for (uint16_t idx = 0; idx < addrs_cnt; idx++) {
+ uint16_t result1 = 0, result2 = 0;
/* See if packet address equals either limit. Return 1 if true. */
if (SCNtohl(a->addr_data32[0]) == addrs[idx].ip[0] &&
/* See if packet address is greater than lower limit
* of the current signature address match pair.
*/
- for (i = 0; i < 4; i++) {
+ for (int i = 0; i < 4; i++) {
if (SCNtohl(a->addr_data32[i]) > addrs[idx].ip[i]) {
result1 = 1;
break;
/* See if packet address is less than upper limit
* of the current signature address match pair.
*/
- for (i = 0; i < 4; i++) {
+ for (int i = 0; i < 4; i++) {
if (SCNtohl(a->addr_data32[i]) < addrs[idx].ip2[i]) {
result2 = 1;
break;
* \param 1 On a match.
* \param 0 On no match.
*/
-int DetectAddressMatch(DetectAddress *dd, Address *a)
+static int DetectAddressMatch(DetectAddress *dd, Address *a)
{
SCEnter();
SCReturnInt(0);
}
+#ifdef DEBUG
/**
* \brief Prints the address data held by the DetectAddress. If the address
* data family is IPv4, we print the the ipv4 address and mask, and
*
* \param ad Pointer to the DetectAddress instance to be printed.
*/
-void DetectAddressPrint(DetectAddress *gr)
+static void DetectAddressPrint(DetectAddress *gr)
{
if (gr == NULL)
return;
return;
}
+#endif
/**
* \brief Find the group matching address in a group head.
#ifndef __DETECT_ADDRESS_H__
#define __DETECT_ADDRESS_H__
-/* prototypes */
-void DetectAddressRegister (void);
-DetectAddressHead *DetectAddressHeadInit(void);
-void DetectAddressHeadFree(DetectAddressHead *);
-void DetectAddressHeadCleanup(DetectAddressHead *);
-
-int DetectAddressParseString(DetectAddress *, const char *);
-int DetectAddressParse(const DetectEngineCtx *, DetectAddressHead *, const char *);
DetectAddress *DetectAddressInit(void);
void DetectAddressFree(DetectAddress *);
-
-void DetectAddressCleanupList (DetectAddress *);
-int DetectAddressAdd(DetectAddress **, DetectAddress *);
-void DetectAddressPrintList(DetectAddress *);
-
-int DetectAddressInsert(DetectEngineCtx *, DetectAddressHead *, DetectAddress *);
-int DetectAddressJoin(DetectEngineCtx *, DetectAddress *, DetectAddress *);
+int DetectAddressParse(const DetectEngineCtx *, DetectAddressHead *, const char *);
+void DetectAddressHeadCleanup(DetectAddressHead *);
bool DetectAddressListsAreEqual(DetectAddress *list1, DetectAddress *list2);
DetectAddress *DetectAddressLookupInHead(const DetectAddressHead *, Address *);
-DetectAddress *DetectAddressLookupInList(DetectAddress *, DetectAddress *);
-int DetectAddressMatch(DetectAddress *, Address *);
-DetectAddress *DetectAddressCopy(DetectAddress *);
-void DetectAddressPrint(DetectAddress *);
int DetectAddressCmp(DetectAddress *, DetectAddress *);
int DetectAddressMatchIPv4(const DetectMatchAddressIPv4 *, uint16_t, const Address *);
const DetectAddressHead *DetectParseAddress(DetectEngineCtx *de_ctx,
const char *string, bool *contains_negation);
+#ifdef DEBUG
+void DetectAddressPrintList(DetectAddress *);
+#endif
+
#endif /* __DETECT_ADDRESS_H__ */
projects / thirdparty / suricata.git / commitdiff
