signature: adds file flag for file_data keyword

So that SigValidate can check if a protocol not supporting
files was set after this keyword

diff --git a/src/detect-file-data.c b/src/detect-file-data.c
index beb3974840dd9a339d4079efbd3c2901ed3886b1..fab29513f37e783819f9c00e831365e8cfdf0148 100644 (file)
--- a/src/detect-file-data.c
+++ b/src/detect-file-data.c
@@ -189,6 +189,7 @@ static int DetectFiledataSetup (DetectEngineCtx *de_ctx, Signature *s, const cha
     if (DetectBufferSetActiveList(s, DetectBufferTypeGetByName("file_data")) < 0)
         return -1;
 
+    s->init_data->init_flags |= SIG_FLAG_INIT_FILEDATA;
     SetupDetectEngineConfig(de_ctx);
     return 0;
 }

diff --git a/src/detect-parse.c b/src/detect-parse.c
index c4705de37b831954c04a33ce4d5fec30d4f47c42..c3ef0937578cce261f817670e211d6af443b24b4 100644 (file)
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -1845,7 +1845,8 @@ static int SigValidate(DetectEngineCtx *de_ctx, Signature *s)
     }
 #endif
 
-    if ((s->flags & SIG_FLAG_FILESTORE) || s->file_flags != 0) {
+    if ((s->flags & SIG_FLAG_FILESTORE) || s->file_flags != 0 ||
+        (s->init_data->init_flags & SIG_FLAG_INIT_FILEDATA)) {
         if (s->alproto != ALPROTO_UNKNOWN &&
                 !AppLayerParserSupportsFiles(IPPROTO_TCP, s->alproto))
         {

diff --git a/src/detect.h b/src/detect.h
index dbb80918407b58d720e6135d698bfe7b9fa2aa37..3d90519b736e8137bc012de835143ac6bcce6a5d 100644 (file)
--- a/src/detect.h
+++ b/src/detect.h
@@ -262,6 +262,7 @@ typedef struct DetectPort_ {
 #define SIG_FLAG_INIT_STATE_MATCH           BIT_U32(6)  /**< signature has matches that require stateful inspection */
 #define SIG_FLAG_INIT_NEED_FLUSH            BIT_U32(7)
 #define SIG_FLAG_INIT_PRIO_EXPLICT          BIT_U32(8)  /**< priority is explicitly set by the priority keyword */
+#define SIG_FLAG_INIT_FILEDATA              BIT_U32(9)  /**< signature has filedata keyword */
 
 /* signature mask flags */
 /** \note: additions should be added to the rule analyzer as well */