detect: dce test fixes and improvements

diff --git a/src/detect-dce-opnum.c b/src/detect-dce-opnum.c
index 064cc956396942c469d36115b6987226601577b9..75b291a4d3eb917034323b176aa51d4b2ad07b81 100644 (file)
--- a/src/detect-dce-opnum.c
+++ b/src/detect-dce-opnum.c
@@ -354,8 +354,6 @@ static int DetectDceOpnumTestParse01(void)
     Signature *s = SigAlloc();
     int result = 0;
 
-    memset(s, 0, sizeof(Signature));
-
     result = (DetectDceOpnumSetup(NULL, s, "12") == 0);
     result &= (DetectDceOpnumSetup(NULL, s, "12,24") == 0);
     result &= (DetectDceOpnumSetup(NULL, s, "12,12-24") == 0);
@@ -380,8 +378,6 @@ static int DetectDceOpnumTestParse02(void)
     DetectDceOpnumRange *dor = NULL;
     SigMatch *temp = NULL;
 
-    memset(s, 0, sizeof(Signature));
-
     result = (DetectDceOpnumSetup(NULL, s, "12") == 0);
 
     if (s->sm_lists[DETECT_SM_LIST_AMATCH] != NULL) {
@@ -409,8 +405,6 @@ static int DetectDceOpnumTestParse03(void)
     DetectDceOpnumRange *dor = NULL;
     SigMatch *temp = NULL;
 
-    memset(s, 0, sizeof(Signature));
-
     result = (DetectDceOpnumSetup(NULL, s, "12-24") == 0);
 
     if (s->sm_lists[DETECT_SM_LIST_AMATCH] != NULL) {
@@ -438,8 +432,6 @@ static int DetectDceOpnumTestParse04(void)
     DetectDceOpnumRange *dor = NULL;
     SigMatch *temp = NULL;
 
-    memset(s, 0, sizeof(Signature));
-
     result = (DetectDceOpnumSetup(NULL, s, "12-24,24,62-72,623-635,62,25,213-235") == 0);
 
     if (s->sm_lists[DETECT_SM_LIST_AMATCH] != NULL) {
@@ -504,8 +496,6 @@ static int DetectDceOpnumTestParse05(void)
     DetectDceOpnumRange *dor = NULL;
     SigMatch *temp = NULL;
 
-    memset(s, 0, sizeof(Signature));
-
     result = (DetectDceOpnumSetup(NULL, s, "1,2,3,4,5,6,7") == 0);
 
     if (s->sm_lists[DETECT_SM_LIST_AMATCH] != NULL) {
@@ -570,8 +560,6 @@ static int DetectDceOpnumTestParse06(void)
     DetectDceOpnumRange *dor = NULL;
     SigMatch *temp = NULL;
 
-    memset(s, 0, sizeof(Signature));
-
     result = (DetectDceOpnumSetup(NULL, s, "1-2,3-4,5-6,7-8") == 0);
 
     if (s->sm_lists[DETECT_SM_LIST_AMATCH] != NULL) {
@@ -618,8 +606,6 @@ static int DetectDceOpnumTestParse07(void)
     DetectDceOpnumRange *dor = NULL;
     SigMatch *temp = NULL;
 
-    memset(s, 0, sizeof(Signature));
-
     result = (DetectDceOpnumSetup(NULL, s, "1-2,3-4,5-6,7-8,9") == 0);
 
     if (s->sm_lists[DETECT_SM_LIST_AMATCH] != NULL) {

diff --git a/src/detect-dce-stub-data.c b/src/detect-dce-stub-data.c
index b9674cacff36f3b10585d92ea638ac1a0cf9ecd7..aa51dd833398dd5ebc38a73c34c1016c56124c43 100644 (file)
--- a/src/detect-dce-stub-data.c
+++ b/src/detect-dce-stub-data.c
@@ -105,20 +105,16 @@ static int DetectDceStubDataSetup(DetectEngineCtx *de_ctx, Signature *s, char *a
 
 static int DetectDceStubDataTestParse01(void)
 {
-    Signature s;
-    int result = 0;
-
-    memset(&s, 0, sizeof(Signature));
-
-    result = (DetectDceStubDataSetup(NULL, &s, NULL) == 0);
-
-    if (s.sm_lists[DETECT_SM_LIST_AMATCH] == NULL) {
-        result = 1;
-    } else {
-        result = 0;
-    }
-
-    return result;
+    DetectEngineCtx *de_ctx = DetectEngineCtxInit();
+    FAIL_IF_NULL(de_ctx);
+    de_ctx->flags = DE_QUIET;
+    Signature *s = DetectEngineAppendSig(de_ctx,
+            "alert tcp any any -> any any (dce_stub_data; content:\"1\"; sid:1;)");
+    FAIL_IF_NULL(s);
+    FAIL_IF_NOT_NULL(s->sm_lists[DETECT_SM_LIST_AMATCH]);
+    FAIL_IF_NULL(s->sm_lists[DETECT_SM_LIST_DMATCH]);
+    DetectEngineCtxFree(de_ctx);
+    PASS;
 }
 
 /**

diff --git a/src/detect-engine-dcepayload.c b/src/detect-engine-dcepayload.c
index 874e30f346bca14d05eead241ee87cd2ba7ce2e3..aa323d71ed40b3a697b78d7711c4056f3cf40315 100644 (file)
--- a/src/detect-engine-dcepayload.c
+++ b/src/detect-engine-dcepayload.c
@@ -9796,125 +9796,88 @@ end:
 static int DcePayloadParseTest44(void)
 {
     DetectEngineCtx *de_ctx = NULL;
-    int result = 1;
     Signature *s = NULL;
     SigMatch *sm = NULL;
     DetectContentData *data = NULL;
     DetectIsdataatData *isd = NULL;
 
     de_ctx = DetectEngineCtxInit();
-    if (de_ctx == NULL)
-        goto end;
-
+    FAIL_IF_NULL(de_ctx);
     de_ctx->flags |= DE_QUIET;
-    s = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any "
-                                   "(msg:\"Testing bytejump_body\"; "
-                                   "content:\"one\"; "
-                                   "dce_iface:12345678-1234-1234-1234-123456789012; "
-                                   "dce_opnum:10; dce_stub_data; "
-                                   "isdataat:10,relative; "
-                                   "content:\"one\"; within:4; distance:8; "
-                                   "pkt_data; "
-                                   "content:\"two\"; "
-                                   "sid:1;)");
-    if (de_ctx->sig_list == NULL) {
-        result = 0;
-        goto end;
-    }
-
-    if (s->init_data->smlists_tail[DETECT_SM_LIST_DMATCH] == NULL) {
-        result = 0;
-        goto end;
-    }
-    if (s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH] == NULL) {
-        result = 0;
-        goto end;
-    }
 
+    s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any ("
+            "content:\"one\"; "
+            "dce_iface:12345678-1234-1234-1234-123456789012; "
+            "dce_opnum:10; dce_stub_data; "
+            "isdataat:10,relative; "
+            "content:\"one\"; within:4; distance:8; "
+            "pkt_data; "
+            "content:\"two\"; "
+            "sid:1;)");
+    FAIL_IF_NULL(s);
+
+    FAIL_IF_NULL(s->init_data->smlists_tail[DETECT_SM_LIST_DMATCH]);
+    FAIL_IF_NULL(s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH]);
+
+    /* isdataat:10,relative; */
     sm = s->init_data->smlists[DETECT_SM_LIST_DMATCH];
-    if (sm->type != DETECT_ISDATAAT) {
-        result = 0;
-        goto end;
-    }
+    FAIL_IF(sm->type != DETECT_ISDATAAT);
     isd = (DetectIsdataatData *)sm->ctx;
-    if ( isd->flags & ISDATAAT_RAWBYTES ||
-         !(isd->flags & ISDATAAT_RELATIVE)) {
-        result = 0;
-        goto end;
-    }
+    FAIL_IF(isd->flags & ISDATAAT_RAWBYTES);
+    FAIL_IF_NOT(isd->flags & ISDATAAT_RELATIVE);
+    FAIL_IF_NULL(sm->next);
 
     sm = sm->next;
-    if (sm->type != DETECT_CONTENT) {
-        result = 0;
-        goto end;
-    }
-    data = (DetectContentData *)sm->ctx;
-    if (data->flags & DETECT_CONTENT_RAWBYTES ||
-        data->flags & DETECT_CONTENT_NOCASE ||
-        !(data->flags & DETECT_CONTENT_WITHIN) ||
-        !(data->flags & DETECT_CONTENT_DISTANCE) ||
-        data->flags & DETECT_CONTENT_FAST_PATTERN ||
-        data->flags & DETECT_CONTENT_RELATIVE_NEXT ||
-        data->flags & DETECT_CONTENT_NEGATED ) {
-        result = 0;
-        printf("two failed\n");
-        goto end;
-    }
-    result &= (strncmp((char *)data->content, "one", 3) == 0);
-    if (result == 0)
-        goto end;
-
-    result &= (sm->next == NULL);
 
+    /* content:\"one\"; within:4; distance:8; */
+    FAIL_IF(sm->type != DETECT_CONTENT);
+    data = (DetectContentData *)sm->ctx;
+    FAIL_IF (data->flags & DETECT_CONTENT_RAWBYTES ||
+            data->flags & DETECT_CONTENT_NOCASE ||
+            !(data->flags & DETECT_CONTENT_WITHIN) ||
+            !(data->flags & DETECT_CONTENT_DISTANCE) ||
+            data->flags & DETECT_CONTENT_FAST_PATTERN ||
+            data->flags & DETECT_CONTENT_RELATIVE_NEXT ||
+            data->flags & DETECT_CONTENT_NEGATED );
+
+    FAIL_IF_NOT(strncmp((char *)data->content, "one", 3) == 0);
+    FAIL_IF_NOT(sm->next == NULL);
+
+    /* first content:\"one\"; */
     sm = s->init_data->smlists[DETECT_SM_LIST_PMATCH];
-    if (sm->type != DETECT_CONTENT) {
-        result = 0;
-        goto end;
-    }
+    FAIL_IF(sm->type != DETECT_CONTENT);
     data = (DetectContentData *)sm->ctx;
-    if (data->flags & DETECT_CONTENT_RAWBYTES ||
-        data->flags & DETECT_CONTENT_NOCASE ||
-        data->flags & DETECT_CONTENT_WITHIN ||
-        data->flags & DETECT_CONTENT_DISTANCE ||
-        data->flags & DETECT_CONTENT_FAST_PATTERN ||
-        data->flags & DETECT_CONTENT_RELATIVE_NEXT ||
-        data->flags & DETECT_CONTENT_NEGATED ) {
-        printf("three failed\n");
-        result = 0;
-        goto end;
-    }
-    result &= (strncmp((char *)data->content, "one", 3) == 0);
-    if (result == 0)
-        goto end;
-
+    FAIL_IF(data->flags & DETECT_CONTENT_RAWBYTES);
+    FAIL_IF(data->flags & DETECT_CONTENT_NOCASE);
+    FAIL_IF(data->flags & DETECT_CONTENT_WITHIN);
+    FAIL_IF(data->flags & DETECT_CONTENT_DISTANCE);
+    FAIL_IF(data->flags & DETECT_CONTENT_FAST_PATTERN);
+    FAIL_IF(data->flags & DETECT_CONTENT_RELATIVE_NEXT);
+    FAIL_IF(data->flags & DETECT_CONTENT_NEGATED );
+    FAIL_IF_NOT(strncmp((char *)data->content, "one", 3) == 0);
+
+    FAIL_IF_NULL(sm->next);
     sm = sm->next;
-    if (sm->type != DETECT_CONTENT) {
-        result = 0;
-        goto end;
-    }
+
+    FAIL_IF(sm->type != DETECT_CONTENT);
+
     data = (DetectContentData *)sm->ctx;
-    if (data->flags & DETECT_CONTENT_RAWBYTES ||
-        data->flags & DETECT_CONTENT_NOCASE ||
-        data->flags & DETECT_CONTENT_WITHIN ||
-        data->flags & DETECT_CONTENT_DISTANCE ||
-        data->flags & DETECT_CONTENT_FAST_PATTERN ||
-        data->flags & DETECT_CONTENT_NEGATED ) {
-        printf("two failed\n");
-        result = 0;
-        goto end;
-    }
-    result &= (strncmp((char *)data->content, "two", 3) == 0);
-    if (result == 0)
-        goto end;
+    FAIL_IF(data->flags & DETECT_CONTENT_RAWBYTES ||
+            data->flags & DETECT_CONTENT_NOCASE ||
+            data->flags & DETECT_CONTENT_WITHIN ||
+            data->flags & DETECT_CONTENT_DISTANCE ||
+            data->flags & DETECT_CONTENT_FAST_PATTERN ||
+            data->flags & DETECT_CONTENT_NEGATED );
 
-    result &= (sm->next == NULL);
+    FAIL_IF_NOT(strncmp((char *)data->content, "two", 3) == 0);
+
+    FAIL_IF_NOT(sm->next == NULL);
 
- end:
     SigGroupCleanup(de_ctx);
     SigCleanSignatures(de_ctx);
     DetectEngineCtxFree(de_ctx);
 
-    return result;
+    PASS;
 }
 
 /**