dnp3: dynamic buffers/lists

diff --git a/src/detect-dnp3.c b/src/detect-dnp3.c
index 9f47c4ff65fe6023bdea4ca33d5303061106b404..6c868a5f212ebdbd8cb838bdcde461a77dcb8043 100644 (file)
--- a/src/detect-dnp3.c
+++ b/src/detect-dnp3.c
@@ -27,6 +27,9 @@
 
 #include "app-layer-dnp3.h"
 
+static int g_dnp3_match_buffer_id = 0;
+static int g_dnp3_data_buffer_id = 0;
+
 /**
  * The detection struct.
  */
@@ -227,7 +230,7 @@ static int DetectDNP3FuncSetup(DetectEngineCtx *de_ctx, Signature *s, char *str)
     s->alproto = ALPROTO_DNP3;
     s->flags |= SIG_FLAG_STATE_MATCH;
 
-    SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_DNP3_MATCH);
+    SigMatchAppendSMToList(s, sm, g_dnp3_match_buffer_id);
 
     SCReturnInt(0);
 error:
@@ -314,7 +317,7 @@ static int DetectDNP3IndSetup(DetectEngineCtx *de_ctx, Signature *s, char *str)
     s->alproto = ALPROTO_DNP3;
     s->flags |= SIG_FLAG_STATE_MATCH;
 
-    SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_DNP3_MATCH);
+    SigMatchAppendSMToList(s, sm, g_dnp3_match_buffer_id);
 
     SCReturnInt(0);
 error:
@@ -387,7 +390,7 @@ static int DetectDNP3ObjSetup(DetectEngineCtx *de_ctx, Signature *s, char *str)
     sm->ctx = (void *)detect;
     s->alproto = ALPROTO_DNP3;
     s->flags |= SIG_FLAG_STATE_MATCH;
-    SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_DNP3_MATCH);
+    SigMatchAppendSMToList(s, sm, g_dnp3_match_buffer_id);
 
     SCReturnInt(1);
 fail:
@@ -526,7 +529,7 @@ static void DetectDNP3ObjRegister(void)
 static int DetectDNP3DataSetup(DetectEngineCtx *de_ctx, Signature *s, char *str)
 {
     SCEnter();
-    s->init_data->list = DETECT_SM_LIST_DNP3_DATA_MATCH;
+    s->init_data->list = g_dnp3_data_buffer_id;
     s->alproto = ALPROTO_DNP3;
     SCReturnInt(0);
 }
@@ -546,11 +549,14 @@ static void DetectDNP3DataRegister(void)
     sigmatch_table[DETECT_AL_DNP3DATA].flags |= SIGMATCH_NOOPT;
     sigmatch_table[DETECT_AL_DNP3DATA].flags |= SIGMATCH_PAYLOAD;
 
-    DetectAppLayerInspectEngineRegister(ALPROTO_DNP3, SIG_FLAG_TOSERVER,
-        DETECT_SM_LIST_DNP3_DATA_MATCH, DetectEngineInspectDNP3Data);
-    DetectAppLayerInspectEngineRegister(ALPROTO_DNP3, SIG_FLAG_TOCLIENT,
-        DETECT_SM_LIST_DNP3_DATA_MATCH, DetectEngineInspectDNP3Data);
+    DetectAppLayerInspectEngineRegister2("dnp3_data",
+            ALPROTO_DNP3, SIG_FLAG_TOSERVER,
+            DetectEngineInspectDNP3Data);
+    DetectAppLayerInspectEngineRegister2("dnp3_data",
+            ALPROTO_DNP3, SIG_FLAG_TOCLIENT,
+            DetectEngineInspectDNP3Data);
 
+    g_dnp3_data_buffer_id = DetectBufferTypeGetByName("dnp3_data");
     SCReturn;
 }
 
@@ -563,10 +569,15 @@ void DetectDNP3Register(void)
     DetectDNP3ObjRegister();
 
     /* Register the list of func, ind and obj. */
-    DetectAppLayerInspectEngineRegister(ALPROTO_DNP3, SIG_FLAG_TOSERVER,
-        DETECT_SM_LIST_DNP3_MATCH, DetectEngineInspectDNP3);
-    DetectAppLayerInspectEngineRegister(ALPROTO_DNP3, SIG_FLAG_TOCLIENT,
-        DETECT_SM_LIST_DNP3_MATCH, DetectEngineInspectDNP3);
+    DetectAppLayerInspectEngineRegister2("dnp3",
+            ALPROTO_DNP3, SIG_FLAG_TOSERVER,
+            DetectEngineInspectDNP3);
+    DetectAppLayerInspectEngineRegister2("dnp3",
+            ALPROTO_DNP3, SIG_FLAG_TOCLIENT,
+            DetectEngineInspectDNP3);
+
+    g_dnp3_match_buffer_id = DetectBufferTypeRegister("dnp3");
+
 }
 
 #ifdef UNITTESTS
@@ -625,10 +636,10 @@ static int DetectDNP3FuncTest01(void)
         "dnp3_func:2; sid:5000009; rev:1;)");
     FAIL_IF_NULL(de_ctx->sig_list);
 
-    FAIL_IF_NULL(de_ctx->sig_list->sm_lists_tail[DETECT_SM_LIST_DNP3_MATCH]);
-    FAIL_IF_NULL(de_ctx->sig_list->sm_lists_tail[DETECT_SM_LIST_DNP3_MATCH]->ctx);
+    FAIL_IF_NULL(de_ctx->sig_list->sm_lists_tail[g_dnp3_match_buffer_id]);
+    FAIL_IF_NULL(de_ctx->sig_list->sm_lists_tail[g_dnp3_match_buffer_id]->ctx);
 
-    dnp3func = (DetectDNP3 *)de_ctx->sig_list->sm_lists_tail[DETECT_SM_LIST_DNP3_MATCH]->ctx;
+    dnp3func = (DetectDNP3 *)de_ctx->sig_list->sm_lists_tail[g_dnp3_match_buffer_id]->ctx;
     FAIL_IF(dnp3func->function_code != 2);
 
     if (de_ctx != NULL) {
@@ -691,10 +702,10 @@ static int DetectDNP3ObjSetupTest(void)
         "dnp3_obj:99,99; sid:1; rev:1;)");
     FAIL_IF(de_ctx->sig_list == NULL);
 
-    FAIL_IF(de_ctx->sig_list->sm_lists_tail[DETECT_SM_LIST_DNP3_MATCH] == NULL);
-    FAIL_IF(de_ctx->sig_list->sm_lists_tail[DETECT_SM_LIST_DNP3_MATCH]->ctx == NULL);
+    FAIL_IF(de_ctx->sig_list->sm_lists_tail[g_dnp3_match_buffer_id] == NULL);
+    FAIL_IF(de_ctx->sig_list->sm_lists_tail[g_dnp3_match_buffer_id]->ctx == NULL);
 
-    detect = (DetectDNP3 *)de_ctx->sig_list->sm_lists_tail[DETECT_SM_LIST_DNP3_MATCH]->ctx;
+    detect = (DetectDNP3 *)de_ctx->sig_list->sm_lists_tail[g_dnp3_match_buffer_id]->ctx;
     FAIL_IF(detect->obj_group != 99);
     FAIL_IF(detect->obj_variation != 99);
 

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index 5eb47f8af4011fe655eb609eb4bb8c0aead1d214..51ac3930aaedb668bfd0a809f9fe88368a0dad8b 100644 (file)
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -446,8 +446,6 @@ static void EngineAnalysisRulesPrintFP(const Signature *s)
         fprintf(rule_engine_analysis_FD, "%s",
                 payload ? (stream ? "payload and reassembled stream" : "payload") : "reassembled stream");
     }
-    else if (list_type == DETECT_SM_LIST_DNP3_DATA_MATCH)
-        fprintf(rule_engine_analysis_FD, "dnp3 data content");
     else {
         const char *desc = DetectBufferTypeGetDescriptionById(list_type);
         const char *name = DetectBufferTypeGetNameById(list_type);

diff --git a/src/detect-engine.c b/src/detect-engine.c
index 32b94f4ab4b396979f67205c8ab287ef2845745e..c58672ebc81f7960fcbee6f5e033ec3030fdff2b 100644 (file)
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@@ -2813,10 +2813,6 @@ const char *DetectSigmatchListEnumToString(enum DetectSigmatchListEnum type)
 
         case DETECT_SM_LIST_MODBUS_MATCH:
             return "modbus";
-        case DETECT_SM_LIST_DNP3_DATA_MATCH:
-            return "dnp3_data";
-        case DETECT_SM_LIST_DNP3_MATCH:
-            return "dnp3";
 
         case DETECT_SM_LIST_CIP_MATCH:
             return "cip";

diff --git a/src/detect-lua.c b/src/detect-lua.c
index 9b5484407a199cbeae0c72bf1c7f6e2efc0ef6db..a5855894333468c7f0dcab1e4f436ac2b723e57a 100644 (file)
--- a/src/detect-lua.c
+++ b/src/detect-lua.c
@@ -1039,7 +1039,8 @@ static int DetectLuaSetup (DetectEngineCtx *de_ctx, Signature *s, char *str)
     } else if (lua->alproto == ALPROTO_SMTP) {
         SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
     } else if (lua->alproto == ALPROTO_DNP3) {
-        SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_DNP3_MATCH);
+        int list = DetectBufferTypeGetByName("dnp3");
+        SigMatchAppendSMToList(s, sm, list);
     } else {
         SCLogError(SC_ERR_LUA_ERROR, "lua can't be used with protocol %s",
                    AppLayerGetProtoName(lua->alproto));

diff --git a/src/detect.h b/src/detect.h
index eb577b2e2463e4ee408469180a9632f14c35cc3d..bd901e37355b1a9614b3e2f93e65760c108863b6 100644 (file)
--- a/src/detect.h
+++ b/src/detect.h
@@ -125,9 +125,6 @@ enum DetectSigmatchListEnum {
     DETECT_SM_LIST_CIP_MATCH,
     DETECT_SM_LIST_ENIP_MATCH,
 
-    DETECT_SM_LIST_DNP3_DATA_MATCH,
-    DETECT_SM_LIST_DNP3_MATCH,
-
     DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH,
 
     DETECT_SM_LIST_MAX,