*
* \retval ret Number of matches.
*/
-static uint32_t DnsQueryPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *buffer, uint32_t buffer_len,
- uint8_t flags)
+static inline uint32_t DnsQueryPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *buffer, const uint32_t buffer_len,
+ const uint8_t flags)
{
SCEnter();
DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOCLIENT);
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_dnsquery_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_dnsquery_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_dnsquery_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, buffer, buffer_len);
+ if (buffer_len >= det_ctx->sgh->mpm_dnsquery_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_dnsquery_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_dnsquery_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, buffer, buffer_len);
+ }
SCReturnUInt(ret);
}
*
* \retval ret Number of matches.
*/
-static uint32_t SMTPFiledataPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *buffer, uint32_t buffer_len,
- uint8_t flags)
+static inline uint32_t SMTPFiledataPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *buffer, const uint32_t buffer_len,
+ const uint8_t flags)
{
SCEnter();
DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOCLIENT);
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_smtp_filedata_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_smtp_filedata_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_smtp_filedata_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, buffer, buffer_len);
+ if (buffer_len >= det_ctx->sgh->mpm_smtp_filedata_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_smtp_filedata_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_smtp_filedata_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, buffer, buffer_len);
+ }
SCReturnUInt(ret);
}
*
* \retval ret Number of matches.
*/
-static uint32_t HttpClientBodyPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *body, uint32_t body_len, uint8_t flags)
+static inline uint32_t HttpClientBodyPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *body, const uint32_t body_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOCLIENT);
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hcbd_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hcbd_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_hcbd_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, body, body_len);
+ if (body_len >= det_ctx->sgh->mpm_hcbd_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hcbd_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_hcbd_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, body, body_len);
+ }
SCReturnUInt(ret);
}
*
* \retval ret Number of matches.
*/
-static uint32_t HttpCookiePatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *cookie, uint32_t cookie_len, uint8_t flags)
+static inline uint32_t HttpCookiePatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *cookie, const uint32_t cookie_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
+
if (flags & STREAM_TOSERVER) {
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hcd_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hcd_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_hcd_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, cookie, cookie_len);
+ if (cookie_len >= det_ctx->sgh->mpm_hcd_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hcd_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_hcd_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, cookie, cookie_len);
+ }
} else {
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hcd_ctx_tc == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hcd_ctx_tc->mpm_type].
- Search(det_ctx->sgh->mpm_hcd_ctx_tc, &det_ctx->mtcu,
- &det_ctx->pmq, cookie, cookie_len);
+ if (cookie_len >= det_ctx->sgh->mpm_hcd_ctx_tc->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hcd_ctx_tc->mpm_type].
+ Search(det_ctx->sgh->mpm_hcd_ctx_tc, &det_ctx->mtcu,
+ &det_ctx->pmq, cookie, cookie_len);
+ }
}
SCReturnUInt(ret);
*
* \retval ret Number of matches.
*/
-static uint32_t HttpHeaderPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *headers, uint32_t headers_len, uint8_t flags)
+static inline uint32_t HttpHeaderPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *headers, const uint32_t headers_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
+
if (flags & STREAM_TOSERVER) {
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hhd_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hhd_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_hhd_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, headers, headers_len);
+ if (headers_len >= det_ctx->sgh->mpm_hhd_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hhd_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_hhd_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, headers, headers_len);
+ }
} else {
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hhd_ctx_tc == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hhd_ctx_tc->mpm_type].
- Search(det_ctx->sgh->mpm_hhd_ctx_tc, &det_ctx->mtcu,
- &det_ctx->pmq, headers, headers_len);
+ if (headers_len >= det_ctx->sgh->mpm_hhd_ctx_tc->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hhd_ctx_tc->mpm_type].
+ Search(det_ctx->sgh->mpm_hhd_ctx_tc, &det_ctx->mtcu,
+ &det_ctx->pmq, headers, headers_len);
+ }
}
SCReturnUInt(ret);
*
* \retval ret Number of matches.
*/
-static uint32_t HttpHHPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *hh, uint32_t hh_len, uint8_t flags)
+static inline uint32_t HttpHHPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *hh, const uint32_t hh_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOCLIENT);
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hhhd_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hhhd_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_hhhd_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, hh, hh_len);
+ if (hh_len >= det_ctx->sgh->mpm_hhhd_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hhhd_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_hhhd_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, hh, hh_len);
+ }
SCReturnUInt(ret);
}
htp_tx_t *tx = (htp_tx_t *)txv;
if (tx->request_hostname == NULL)
goto end;
- uint8_t *hname = (uint8_t *)bstr_ptr(tx->request_hostname);
+ const uint8_t *hname = (const uint8_t *)bstr_ptr(tx->request_hostname);
if (hname == NULL)
goto end;
- uint32_t hname_len = bstr_len(tx->request_hostname);
+ const uint32_t hname_len = bstr_len(tx->request_hostname);
- cnt += HttpHHPatternSearch(det_ctx, hname, hname_len, flags);
+ cnt = HttpHHPatternSearch(det_ctx, hname, hname_len, flags);
end:
return cnt;
*
* \retval ret Number of matches.
*/
-static uint32_t HttpMethodPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *raw_method, uint32_t raw_method_len, uint8_t flags)
+static inline uint32_t HttpMethodPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *raw_method, const uint32_t raw_method_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOCLIENT);
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hmd_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hmd_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_hmd_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, raw_method, raw_method_len);
+ if (raw_method_len >= det_ctx->sgh->mpm_hmd_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hmd_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_hmd_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, raw_method, raw_method_len);
+ }
SCReturnUInt(ret);
}
htp_tx_t *tx = (htp_tx_t *)txv;
if (tx->request_method == NULL)
goto end;
+
cnt = HttpMethodPatternSearch(det_ctx,
- (uint8_t *)bstr_ptr(tx->request_method),
+ (const uint8_t *)bstr_ptr(tx->request_method),
bstr_len(tx->request_method),
flags);
-
end:
return cnt;
}
/**
* \brief Http raw header match -- searches for one pattern per signature.
*
- * \param det_ctx Detection engine thread ctx.
- * \param headers Raw headers to inspect.
- * \param headers_len Raw headers length.
+ * \param det_ctx Detection engine thread ctx.
+ * \param raw_headers Raw headers to inspect.
+ * \param raw_headers_len Raw headers length.
*
* \retval ret Number of matches.
*/
-static uint32_t HttpRawHeaderPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *raw_headers, uint32_t raw_headers_len, uint8_t flags)
+static inline uint32_t HttpRawHeaderPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *raw_headers, const uint32_t raw_headers_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
+
if (flags & STREAM_TOSERVER) {
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hrhd_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hrhd_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_hrhd_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, raw_headers, raw_headers_len);
+ if (raw_headers_len >= det_ctx->sgh->mpm_hrhd_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hrhd_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_hrhd_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, raw_headers, raw_headers_len);
+ }
} else {
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hrhd_ctx_tc == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hrhd_ctx_tc->mpm_type].
- Search(det_ctx->sgh->mpm_hrhd_ctx_tc, &det_ctx->mtcu,
- &det_ctx->pmq, raw_headers, raw_headers_len);
+ if (raw_headers_len >= det_ctx->sgh->mpm_hrhd_ctx_tc->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hrhd_ctx_tc->mpm_type].
+ Search(det_ctx->sgh->mpm_hrhd_ctx_tc, &det_ctx->mtcu,
+ &det_ctx->pmq, raw_headers, raw_headers_len);
+ }
}
SCReturnUInt(ret);
SCEnter();
uint32_t cnt = 0;
+
htp_tx_t *tx = (htp_tx_t *)txv;
HtpTxUserData *tx_ud = htp_tx_get_user_data(tx);
- if (tx_ud == NULL)
- SCReturnInt(cnt);
+ if (tx_ud == NULL) {
+ SCReturnInt(0);
+ }
if (flags & STREAM_TOSERVER) {
if (AppLayerParserGetStateProgress(IPPROTO_TCP, ALPROTO_HTTP, txv, flags) <= HTP_REQUEST_HEADERS)
- SCReturnInt(cnt);
+ SCReturnInt(0);
if (tx_ud->request_headers_raw != NULL) {
cnt = HttpRawHeaderPatternSearch(det_ctx,
}
} else {
if (AppLayerParserGetStateProgress(IPPROTO_TCP, ALPROTO_HTTP, txv, flags) <= HTP_RESPONSE_HEADERS)
- SCReturnInt(cnt);
+ SCReturnInt(0);
if (tx_ud->response_headers_raw != NULL) {
- cnt += HttpRawHeaderPatternSearch(det_ctx,
+ cnt = HttpRawHeaderPatternSearch(det_ctx,
tx_ud->response_headers_raw,
tx_ud->response_headers_raw_len,
flags);
*
* \retval ret Number of matches.
*/
-static uint32_t HttpHRHPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *hrh, uint32_t hrh_len, uint8_t flags)
+static inline uint32_t HttpHRHPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *hrh, const uint32_t hrh_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOCLIENT);
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hrhhd_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hrhhd_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_hrhhd_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, hrh, hrh_len);
+ if (hrh_len >= det_ctx->sgh->mpm_hrhhd_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hrhhd_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_hrhhd_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, hrh, hrh_len);
+ }
SCReturnUInt(ret);
}
{
uint32_t cnt = 0;
htp_tx_t *tx = (htp_tx_t *)txv;
- uint8_t *hname = NULL;
+ const uint8_t *hname = NULL;
uint32_t hname_len = 0;
if (tx->parsed_uri == NULL || tx->parsed_uri->hostname == NULL) {
htp_header_t *h = NULL;
h = (htp_header_t *)htp_table_get_c(tx->request_headers, "Host");
if (h != NULL) {
- SCLogDebug("HTTP host header not present in this request");
- hname = (uint8_t *)bstr_ptr(h->value);
- hname_len = bstr_len(h->value);
+ hname = (const uint8_t *)bstr_ptr(h->value);
+ if (hname != NULL)
+ hname_len = bstr_len(h->value);
} else {
+ SCLogDebug("HTTP host header not present in this request");
goto end;
}
} else {
hname = (uint8_t *)bstr_ptr(tx->parsed_uri->hostname);
if (hname != NULL)
hname_len = bstr_len(tx->parsed_uri->hostname);
- else
- goto end;
}
- cnt = HttpHRHPatternSearch(det_ctx, hname, hname_len, flags);
+ if (hname != NULL) {
+ cnt = HttpHRHPatternSearch(det_ctx, hname, hname_len, flags);
+ }
end:
return cnt;
*
* \retval ret Number of matches.
*/
-static uint32_t HttpRawUriPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *uri, uint32_t uri_len, uint8_t flags)
+static inline uint32_t HttpRawUriPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *uri, const uint32_t uri_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOCLIENT);
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hrud_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hrud_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_hrud_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, uri, uri_len);
+ if (uri_len >= det_ctx->sgh->mpm_hrud_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hrud_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_hrud_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, uri, uri_len);
+ }
SCReturnUInt(ret);
}
uint32_t cnt = 0;
if (tx->request_uri == NULL)
goto end;
+
cnt = HttpRawUriPatternSearch(det_ctx,
- (uint8_t *)bstr_ptr(tx->request_uri),
+ (const uint8_t *)bstr_ptr(tx->request_uri),
bstr_len(tx->request_uri), flags);
-
end:
SCReturnInt(cnt);
}
*
* \retval ret Number of matches.
*/
-static uint32_t HttpServerBodyPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *body, uint32_t body_len, uint8_t flags)
+static inline uint32_t HttpServerBodyPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *body, const uint32_t body_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
DEBUG_VALIDATE_BUG_ON(!(flags & STREAM_TOCLIENT));
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hsbd_ctx_tc == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hsbd_ctx_tc->mpm_type].
- Search(det_ctx->sgh->mpm_hsbd_ctx_tc, &det_ctx->mtcu,
- &det_ctx->pmq, body, body_len);
+ if (body_len >= det_ctx->sgh->mpm_hsbd_ctx_tc->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hsbd_ctx_tc->mpm_type].
+ Search(det_ctx->sgh->mpm_hsbd_ctx_tc, &det_ctx->mtcu,
+ &det_ctx->pmq, body, body_len);
+ }
SCReturnUInt(ret);
}
uint32_t cnt = 0;
uint32_t buffer_len = 0;
uint32_t stream_start_offset = 0;
- uint8_t *buffer = DetectEngineHSBDGetBufferForTX(tx, idx,
+ const uint8_t *buffer = DetectEngineHSBDGetBufferForTX(tx, idx,
de_ctx, det_ctx,
f, htp_state,
flags,
*
* \retval ret Number of matches.
*/
-static uint32_t HttpStatCodePatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *stat_code, uint32_t stat_code_len, uint8_t flags)
+static inline uint32_t HttpStatCodePatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *stat_code, const uint32_t stat_code_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
DEBUG_VALIDATE_BUG_ON(!(flags & STREAM_TOCLIENT));
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hscd_ctx_tc == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hscd_ctx_tc->mpm_type].
- Search(det_ctx->sgh->mpm_hscd_ctx_tc, &det_ctx->mtcu,
- &det_ctx->pmq, stat_code, stat_code_len);
+ if (stat_code_len >= det_ctx->sgh->mpm_hscd_ctx_tc->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hscd_ctx_tc->mpm_type].
+ Search(det_ctx->sgh->mpm_hscd_ctx_tc, &det_ctx->mtcu,
+ &det_ctx->pmq, stat_code, stat_code_len);
+ }
SCReturnUInt(ret);
}
goto end;
cnt = HttpStatCodePatternSearch(det_ctx,
- (uint8_t *)bstr_ptr(tx->response_status),
- bstr_len(tx->response_status), flags);
-
+ (const uint8_t *)bstr_ptr(tx->response_status),
+ bstr_len(tx->response_status), flags);
end:
SCReturnInt(cnt);
}
*
* \retval ret Number of matches.
*/
-static uint32_t HttpStatMsgPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *stat_msg, uint32_t stat_msg_len, uint8_t flags)
+static inline uint32_t HttpStatMsgPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *stat_msg, const uint32_t stat_msg_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
DEBUG_VALIDATE_BUG_ON(!(flags & STREAM_TOCLIENT));
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_hsmd_ctx_tc == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_hsmd_ctx_tc->mpm_type].
- Search(det_ctx->sgh->mpm_hsmd_ctx_tc, &det_ctx->mtcu,
- &det_ctx->pmq, stat_msg, stat_msg_len);
+ if (stat_msg_len >= det_ctx->sgh->mpm_hsmd_ctx_tc->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_hsmd_ctx_tc->mpm_type].
+ Search(det_ctx->sgh->mpm_hsmd_ctx_tc, &det_ctx->mtcu,
+ &det_ctx->pmq, stat_msg, stat_msg_len);
+ }
SCReturnUInt(ret);
}
goto end;
cnt = HttpStatMsgPatternSearch(det_ctx,
- (uint8_t *)bstr_ptr(tx->response_message),
+ (const uint8_t *)bstr_ptr(tx->response_message),
bstr_len(tx->response_message), flags);
-
end:
SCReturnInt(cnt);
}
* \brief Http user agent match -- searches for one pattern per signature.
*
* \param det_ctx Detection engine thread ctx.
- * \param cookie User-Agent to inspect.
- * \param cookie_len User-Agent buffer length.
+ * \param ua User-Agent to inspect.
+ * \param ua_len User-Agent buffer length.
*
* \retval ret Number of matches.
*/
-static uint32_t HttpUAPatternSearch(DetectEngineThreadCtx *det_ctx,
- uint8_t *ua, uint32_t ua_len, uint8_t flags)
+static inline uint32_t HttpUAPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *ua, const uint32_t ua_len,
+ const uint8_t flags)
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOCLIENT);
DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_huad_ctx_ts == NULL);
- ret = mpm_table[det_ctx->sgh->mpm_huad_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_huad_ctx_ts, &det_ctx->mtcu,
- &det_ctx->pmq, ua, ua_len);
+ if (ua_len >= det_ctx->sgh->mpm_huad_ctx_ts->minlen) {
+ ret = mpm_table[det_ctx->sgh->mpm_huad_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_huad_ctx_ts, &det_ctx->mtcu,
+ &det_ctx->pmq, ua, ua_len);
+ }
SCReturnUInt(ret);
}
goto end;
}
cnt = HttpUAPatternSearch(det_ctx,
- (uint8_t *)bstr_ptr(h->value),
+ (const uint8_t *)bstr_ptr(h->value),
bstr_len(h->value), flags);
-
end:
return cnt;
}
SCReturnInt(0);
}
- ret = mpm_table[mpm_ctx->mpm_type].
- Search(mpm_ctx, &det_ctx->mtc, &det_ctx->pmq,
- p->payload, p->payload_len);
+ if (p->payload_len >= mpm_ctx->minlen) {
+ ret = mpm_table[mpm_ctx->mpm_type].
+ Search(mpm_ctx, &det_ctx->mtc, &det_ctx->pmq,
+ p->payload, p->payload_len);
+ }
SCReturnInt(ret);
}
SCEnter();
uint32_t ret = 0;
- uint8_t cnt = 0;
//PrintRawDataFp(stdout, smsg->data.data, smsg->data.data_len);
uint32_t r;
if (flags & STREAM_TOSERVER) {
for ( ; smsg != NULL; smsg = smsg->next) {
- r = mpm_table[det_ctx->sgh->mpm_stream_ctx_ts->mpm_type].
- Search(det_ctx->sgh->mpm_stream_ctx_ts, &det_ctx->mtcs,
- &det_ctx->pmq, smsg->data, smsg->data_len);
- if (r > 0) {
- ret += r;
+ if (smsg->data_len >= det_ctx->sgh->mpm_stream_ctx_ts->minlen) {
+ r = mpm_table[det_ctx->sgh->mpm_stream_ctx_ts->mpm_type].
+ Search(det_ctx->sgh->mpm_stream_ctx_ts, &det_ctx->mtcs,
+ &det_ctx->pmq, smsg->data, smsg->data_len);
+ if (r > 0) {
+ ret += r;
+ }
}
-
- cnt++;
}
} else if (flags & STREAM_TOCLIENT) {
for ( ; smsg != NULL; smsg = smsg->next) {
- r = mpm_table[det_ctx->sgh->mpm_stream_ctx_tc->mpm_type].
- Search(det_ctx->sgh->mpm_stream_ctx_tc, &det_ctx->mtcs,
- &det_ctx->pmq, smsg->data, smsg->data_len);
- if (r > 0) {
- ret += r;
+ if (smsg->data_len >= det_ctx->sgh->mpm_stream_ctx_tc->minlen) {
+ r = mpm_table[det_ctx->sgh->mpm_stream_ctx_tc->mpm_type].
+ Search(det_ctx->sgh->mpm_stream_ctx_tc, &det_ctx->mtcs,
+ &det_ctx->pmq, smsg->data, smsg->data_len);
+ if (r > 0) {
+ ret += r;
+ }
}
-
- cnt++;
}
}
{
SCEnter();
- uint32_t ret;
+ uint32_t ret = 0;
const MpmCtx *mpm_ctx = NULL;
if (p->proto == IPPROTO_TCP) {
}
if (unlikely(mpm_ctx == NULL))
SCReturnInt(0);
+ if (p->payload_len < mpm_ctx->minlen)
+ SCReturnInt(0);
#ifdef __SC_CUDA_SUPPORT__
if (p->cuda_pkt_vars.cuda_mpm_enabled && p->pkt_src == PKT_SRC_WIRE) {
*
* \retval ret number of matches
*/
-static uint32_t UriPatternSearch(DetectEngineThreadCtx *det_ctx,
- const uint8_t *uri, const uint16_t uri_len,
- const uint8_t flags)
+static inline uint32_t UriPatternSearch(DetectEngineThreadCtx *det_ctx,
+ const uint8_t *uri, const uint16_t uri_len,
+ const uint8_t flags)
{
SCEnter();
projects / thirdparty / suricata.git / commitdiff
