pcre: Sticky buffer check

This commit adds logic checking if the sticky buffer in effect provides
the required content.

If the sticky buffer doesn't, the rule will not load and a diagnostic
message with follow-on steps is displayed.

diff --git a/src/detect-pcre.c b/src/detect-pcre.c
index 4e8f9cdb768571b6504127459f2964c0082a9786..7ca3c9c5a7f9319955b94f08e3121cb9f957495e 100644 (file)
--- a/src/detect-pcre.c
+++ b/src/detect-pcre.c
@@ -842,6 +842,13 @@ static int DetectPcreSetup (DetectEngineCtx *de_ctx, Signature *s, const char *r
 
     int sm_list = -1;
     if (s->init_data->list != DETECT_SM_LIST_NOTSET) {
+        if (parsed_sm_list != DETECT_SM_LIST_NOTSET && parsed_sm_list != s->init_data->list) {
+            SCLogError(SC_ERR_INVALID_SIGNATURE,
+                    "Expression seen with a sticky buffer still set; either (1) reset sticky "
+                    "buffer with pkt_data or (2) use a sticky buffer providing \"%s\".",
+                    DetectBufferTypeGetDescriptionById(de_ctx, parsed_sm_list));
+            goto error;
+        }
         if (DetectBufferGetActiveList(de_ctx, s) == -1)
             goto error;