-/* Copyright (C) 2007-2014 Open Information Security Foundation
+/* Copyright (C) 2007-2019 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
}
else if (str[i] != ',') {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid hex code in "
- "content - %s, hex %c. Invalidating signature", str, str[i]);
+ "content - %s, hex %c. Invalidating signature.", str, str[i]);
goto error;
}
} else if (escape) {
escape = 0;
converted = 1;
} else if (str[i] == '"') {
- SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid unescaped double quote within content section");
+ SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid unescaped double quote within content section.");
goto error;
} else {
str[x] = str[i];
if (bin_count % 2 != 0) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid hex code assembly in "
- "%s - %s. Invalidating signature", keyword, contentstr);
+ "%s - %s. Invalidating signature.", keyword, contentstr);
goto error;
}
uint32_t right_edge = cd->content_len + cd->offset;
if (cd->content_len > max_right_edge) {
SCLogError(SC_ERR_INVALID_SIGNATURE,
- "signature can't match as content length %u is bigger than dsize %u",
+ "signature can't match as content length %u is bigger than dsize %u.",
cd->content_len, max_right_edge);
return FALSE;
}
if (right_edge > max_right_edge) {
SCLogError(SC_ERR_INVALID_SIGNATURE,
- "signature can't match as content length %u with offset %u (=%u) is bigger than dsize %u",
+ "signature can't match as content length %u with offset %u (=%u) is bigger than dsize %u.",
cd->content_len, cd->offset, right_edge, max_right_edge);
return FALSE;
}
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2019 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
"http_method option, http_cookie, http_raw_uri, "
"http_stat_msg, http_stat_code, http_user_agent, "
"http_host, http_raw_host or "
- "file_data/dce_stub_data sticky buffer options");
+ "file_data/dce_stub_data sticky buffer options.");
goto end;
}
}
if (cd->flags & DETECT_CONTENT_NEGATED && cd->flags & DETECT_CONTENT_FAST_PATTERN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
- "negated keyword set along with a fast_pattern");
+ "negated keyword set along with 'fast_pattern'.");
goto end;
}
if (cd->flags & DETECT_CONTENT_FAST_PATTERN_ONLY) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
- "keyword set along with a fast_pattern:only;");
+ "keyword set along with 'fast_pattern:only;'.");
goto end;
}
if (str[0] != '-' && isalpha((unsigned char)str[0])) {
SigMatch *bed_sm = DetectByteExtractRetrieveSMVar(str, s);
if (bed_sm == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "unknown byte_extract var "
- "seen in depth - %s\n", str);
+ "seen in depth - %s.", str);
goto end;
}
cd->depth = ((DetectByteExtractData *)bed_sm->ctx)->local_id;
if (ByteExtractStringUint16(&cd->depth, 0, 0, str) != (int)strlen(str))
{
SCLogError(SC_ERR_INVALID_SIGNATURE,
- "invalid value for depth: %s", str);
+ "invalid value for depth: %s.", str);
goto end;
}
if (cd->depth < cd->content_len) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "depth:%u smaller than "
- "content of len %u", cd->depth, cd->content_len);
+ "content of len %u.", cd->depth, cd->content_len);
return -1;
}
/* Now update the real limit, as depth is relative to the offset */
pm = DetectGetLastSMFromLists(s, DETECT_CONTENT, -1);
if (pm == NULL) {
SCLogError(SC_ERR_DEPTH_MISSING_CONTENT, "startswith needs a "
- "preceding content option");
+ "preceding content option.");
goto end;
}
if (cd->flags & DETECT_CONTENT_DEPTH) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use multiple "
- "depth/startswith settings for the same content");
+ "depth/startswith settings for the same content.");
goto end;
}
if ((cd->flags & DETECT_CONTENT_WITHIN) || (cd->flags & DETECT_CONTENT_DISTANCE)) {
}
if (cd->flags & DETECT_CONTENT_NEGATED && cd->flags & DETECT_CONTENT_FAST_PATTERN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
- "negated keyword set along with a fast_pattern");
+ "negated keyword set along with a 'fast_pattern'.");
goto end;
}
if (cd->flags & DETECT_CONTENT_FAST_PATTERN_ONLY) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
- "keyword set along with a fast_pattern:only;");
+ "keyword set along with 'fast_pattern:only;'.");
goto end;
}
if (cd->flags & DETECT_CONTENT_OFFSET) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't mix offset "
- "with startswith");
+ "with startswith.");
goto end;
}
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2019 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
pm = DetectGetLastSMFromLists(s, DETECT_CONTENT, -1);
if (pm == NULL) {
SCLogError(SC_ERR_OFFSET_MISSING_CONTENT, "offset needs "
- "preceding content option");
+ "preceding content option.");
goto end;
}
DetectContentData *cd = (DetectContentData *)pm->ctx;
if (cd->flags & DETECT_CONTENT_STARTS_WITH) {
- SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use offset with startswith");
+ SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use offset with startswith.");
goto end;
}
if (cd->flags & DETECT_CONTENT_OFFSET) {
- SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use multiple offsets for the same content. ");
+ SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use multiple offsets for the same content.");
goto end;
}
if ((cd->flags & DETECT_CONTENT_WITHIN) || (cd->flags & DETECT_CONTENT_DISTANCE)) {
}
if (cd->flags & DETECT_CONTENT_NEGATED && cd->flags & DETECT_CONTENT_FAST_PATTERN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
- "negated keyword set along with a fast_pattern");
+ "negated keyword set along with 'fast_pattern'.");
goto end;
}
if (cd->flags & DETECT_CONTENT_FAST_PATTERN_ONLY) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
- "keyword set along with a fast_pattern:only;");
+ "keyword set along with 'fast_pattern:only;'.");
goto end;
}
if (str[0] != '-' && isalpha((unsigned char)str[0])) {
DetectByteExtractRetrieveSMVar(str, s);
if (bed_sm == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "unknown byte_extract var "
- "seen in offset - %s\n", str);
+ "seen in offset - %s.", str);
goto end;
}
cd->offset = ((DetectByteExtractData *)bed_sm->ctx)->local_id;
} else {
if (ByteExtractStringUint16(&cd->offset, 0, 0, str) != (int)strlen(str))
{
- SCLogError(SC_ERR_INVALID_SIGNATURE, "invalid value for offset: %s", str);
+ SCLogError(SC_ERR_INVALID_SIGNATURE, "invalid value for offset: %s.", str);
goto end;
}
if (cd->depth != 0) {
projects / thirdparty / suricata.git / commitdiff
