detect app-layer-event: fix tests

author Victor Julien <victor@inliniac.net>

Sat, 7 May 2016 15:21:04 +0000 (17:21 +0200)

committer Victor Julien <victor@inliniac.net>

Tue, 17 May 2016 10:36:47 +0000 (12:36 +0200)
author Victor Julien <victor@inliniac.net>
Sat, 7 May 2016 15:21:04 +0000 (17:21 +0200)
committer Victor Julien <victor@inliniac.net>
Tue, 17 May 2016 10:36:47 +0000 (12:36 +0200)
diff --git a/src/detect-app-layer-event.c b/src/detect-app-layer-event.c

index 173313aa1491289a445d434227e2eabcaf977766..8ca0804bf0ca01b8d0074c83cc1c7215c7abe279 100644 (file)
--- a/src/detect-app-layer-event.c
+++ b/src/detect-app-layer-event.c
@@ -44,7 +44,7 @@
  #include "util-debug.h"
  #include "util-unittest.h"
  #include "util-unittest-helper.h"
-
+#include "stream-tcp-util.h"
  
  static int DetectAppLayerEventPktMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx,
                                         Packet *p, Signature *s, const SigMatchCtx *ctx);
@@ -489,7 +489,6 @@ int DetectAppLayerEventTest02(void)
  
  int DetectAppLayerEventTest03(void)
  {
-    int result = 0;
      ThreadVars tv;
      TcpReassemblyThreadCtx *ra_ctx = NULL;
      Packet *p = NULL;
@@ -530,70 +529,53 @@ int DetectAppLayerEventTest03(void)
      ssn.data_first_seen_dir = STREAM_TOSERVER;
  
      de_ctx = DetectEngineCtxInit();
-    if (de_ctx == NULL)
-        goto end;
+    FAIL_IF(de_ctx == NULL);
      de_ctx->flags |= DE_QUIET;
      de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any "
                                 "(app-layer-event: applayer_mismatch_protocol_both_directions; "
                                 "sid:1;)");
-    if (de_ctx->sig_list == NULL)
-        goto end;
+    FAIL_IF(de_ctx->sig_list == NULL);
      SigGroupBuild(de_ctx);
      DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
  
      f = UTHBuildFlow(AF_INET, "1.2.3.4", "1.2.3.5", 200, 220);
-    if (f == NULL)
-        goto end;
+    FAIL_IF(f == NULL);
      FLOW_INITIALIZE(f);
      f->protoctx = &ssn;
      f->proto = IPPROTO_TCP;
      f->flags |= FLOW_IPV4;
  
      p = PacketGetFromAlloc();
-    if (unlikely(p == NULL))
-        goto end;
+    FAIL_IF(unlikely(p == NULL));
      p->flow = f;
      p->src.family = AF_INET;
      p->dst.family = AF_INET;
      p->proto = IPPROTO_TCP;
  
-    ra_ctx = StreamTcpReassembleInitThreadCtx(&tv);
-    if (ra_ctx == NULL)
-        goto end;
-    StreamTcpInitConfig(TRUE);
+    StreamTcpUTInit(&ra_ctx);
  
      p->flowflags = FLOW_PKT_TOSERVER;
-    if (AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_ts, buf_ts,
-                              sizeof(buf_ts), STREAM_TOSERVER | STREAM_START) < 0) {
-        printf("AppLayerHandleTCPData failure\n");
-        goto end;
-    }
+    FAIL_IF(AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_ts, buf_ts,
+                             sizeof(buf_ts), STREAM_TOSERVER | STREAM_START) < 0);
+
      SigMatchSignatures(&tv, de_ctx, det_ctx, p);
-    if (PacketAlertCheck(p, 1)) {
-        printf("sid 1 matched but shouldn't have\n");
-        goto end;
-    }
+
+    FAIL_IF (PacketAlertCheck(p, 1));
  
      p->flowflags = FLOW_PKT_TOCLIENT;
-    if (AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_tc, buf_tc,
-                              sizeof(buf_tc), STREAM_TOCLIENT | STREAM_START) < 0) {
-        printf("AppLayerHandleTCPData failure\n");
-        goto end;
-    }
+    FAIL_IF (AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_tc, buf_tc,
+                              sizeof(buf_tc), STREAM_TOCLIENT | STREAM_START) < 0);
+
      SigMatchSignatures(&tv, de_ctx, det_ctx, p);
-    if (PacketAlertCheck(p, 1)) {
-        printf("sid 1 matched but shouldn't have\n");
-        goto end;
-    }
  
-    result = 1;
- end:
-    return result;
+    FAIL_IF(PacketAlertCheck(p, 1));
+
+    StreamTcpUTDeinit(ra_ctx);
+    PASS;
  }
  
  int DetectAppLayerEventTest04(void)
  {
-    int result = 0;
      ThreadVars tv;
      TcpReassemblyThreadCtx *ra_ctx = NULL;
      Packet *p = NULL;
@@ -634,70 +616,49 @@ int DetectAppLayerEventTest04(void)
      ssn.data_first_seen_dir = STREAM_TOSERVER;
  
      de_ctx = DetectEngineCtxInit();
-    if (de_ctx == NULL)
-        goto end;
+    FAIL_IF (de_ctx == NULL);
      de_ctx->flags |= DE_QUIET;
      de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any "
                                 "(app-layer-event: applayer_detect_protocol_only_one_direction; "
                                 "sid:1;)");
-    if (de_ctx->sig_list == NULL)
-        goto end;
+    FAIL_IF(de_ctx->sig_list == NULL);
      SigGroupBuild(de_ctx);
      DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
  
      f = UTHBuildFlow(AF_INET, "1.2.3.4", "1.2.3.5", 200, 220);
-    if (f == NULL)
-        goto end;
+    FAIL_IF (f == NULL);
      FLOW_INITIALIZE(f);
      f->protoctx = &ssn;
      f->proto = IPPROTO_TCP;
      f->flags |= FLOW_IPV4;
  
      p = PacketGetFromAlloc();
-    if (unlikely(p == NULL))
-        goto end;
+    FAIL_IF(unlikely(p == NULL));
      p->flow = f;
      p->src.family = AF_INET;
      p->dst.family = AF_INET;
      p->proto = IPPROTO_TCP;
  
-    ra_ctx = StreamTcpReassembleInitThreadCtx(&tv);
-    if (ra_ctx == NULL)
-        goto end;
-    StreamTcpInitConfig(TRUE);
+    StreamTcpUTInit(&ra_ctx);
  
      p->flowflags = FLOW_PKT_TOSERVER;
-    if (AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_ts, buf_ts,
-                              sizeof(buf_ts), STREAM_TOSERVER | STREAM_START) < 0) {
-        printf("AppLayerHandleTCPData failure\n");
-        goto end;
-    }
+    FAIL_IF(AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_ts, buf_ts,
+                              sizeof(buf_ts), STREAM_TOSERVER | STREAM_START) < 0);
      SigMatchSignatures(&tv, de_ctx, det_ctx, p);
-    if (PacketAlertCheck(p, 1)) {
-        printf("sid 1 matched but shouldn't have\n");
-        goto end;
-    }
+    FAIL_IF (PacketAlertCheck(p, 1));
  
      p->flowflags = FLOW_PKT_TOCLIENT;
-    if (AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_tc, buf_tc,
-                              sizeof(buf_tc), STREAM_TOCLIENT | STREAM_START) < 0) {
-        printf("AppLayerHandleTCPData failure\n");
-        goto end;
-    }
+    FAIL_IF (AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_tc, buf_tc,
+                              sizeof(buf_tc), STREAM_TOCLIENT | STREAM_START) < 0);
      SigMatchSignatures(&tv, de_ctx, det_ctx, p);
-    if (!PacketAlertCheck(p, 1)) {
-        printf("sid 1 didn't match but should have\n");
-        goto end;
-    }
+    FAIL_IF (!PacketAlertCheck(p, 1));
  
-    result = 1;
- end:
-    return result;
+    StreamTcpUTDeinit(ra_ctx);
+    PASS;
  }
  
  int DetectAppLayerEventTest05(void)
  {
-    int result = 0;
      ThreadVars tv;
      TcpReassemblyThreadCtx *ra_ctx = NULL;
      Packet *p = NULL;
@@ -754,65 +715,45 @@ int DetectAppLayerEventTest05(void)
      ssn.data_first_seen_dir = STREAM_TOSERVER;
  
      de_ctx = DetectEngineCtxInit();
-    if (de_ctx == NULL)
-        goto end;
+    FAIL_IF (de_ctx == NULL);
      de_ctx->flags |= DE_QUIET;
      de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any "
                                 "(app-layer-event: applayer_mismatch_protocol_both_directions; "
                                 "sid:1;)");
-    if (de_ctx->sig_list == NULL)
-        goto end;
+    FAIL_IF (de_ctx->sig_list == NULL);
      SigGroupBuild(de_ctx);
      DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
  
      f = UTHBuildFlow(AF_INET, "1.2.3.4", "1.2.3.5", 200, 220);
-    if (f == NULL)
-        goto end;
+    FAIL_IF (f == NULL);
      FLOW_INITIALIZE(f);
      f->protoctx = &ssn;
      f->proto = IPPROTO_TCP;
      f->flags |= FLOW_IPV4;
  
      p = PacketGetFromAlloc();
-    if (unlikely(p == NULL))
-        goto end;
+    FAIL_IF (unlikely(p == NULL));
      p->flow = f;
      p->src.family = AF_INET;
      p->dst.family = AF_INET;
      p->proto = IPPROTO_TCP;
  
-    ra_ctx = StreamTcpReassembleInitThreadCtx(&tv);
-    if (ra_ctx == NULL)
-        goto end;
-    StreamTcpInitConfig(TRUE);
+    StreamTcpUTInit(&ra_ctx);
  
      p->flowflags = FLOW_PKT_TOSERVER;
-    if (AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_ts, buf_ts,
-                              sizeof(buf_ts), STREAM_TOSERVER | STREAM_START) < 0) {
-        printf("AppLayerHandleTCPData failure\n");
-        goto end;
-    }
+    FAIL_IF (AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_ts, buf_ts,
+                              sizeof(buf_ts), STREAM_TOSERVER | STREAM_START) < 0);
      SigMatchSignatures(&tv, de_ctx, det_ctx, p);
-    if (PacketAlertCheck(p, 1)) {
-        printf("sid 1 matched but shouldn't have\n");
-        goto end;
-    }
+    FAIL_IF (PacketAlertCheck(p, 1));
  
      p->flowflags = FLOW_PKT_TOCLIENT;
-    if (AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_tc, buf_tc,
-                              sizeof(buf_tc), STREAM_TOCLIENT | STREAM_START) < 0) {
-        printf("AppLayerHandleTCPData failure\n");
-        goto end;
-    }
+    FAIL_IF (AppLayerHandleTCPData(&tv, ra_ctx, p, f, &ssn, &stream_tc, buf_tc,
+                              sizeof(buf_tc), STREAM_TOCLIENT | STREAM_START) < 0);
      SigMatchSignatures(&tv, de_ctx, det_ctx, p);
-    if (!PacketAlertCheck(p, 1)) {
-        printf("sid 1 didn't match but should have\n");
-        goto end;
-    }
+    FAIL_IF (!PacketAlertCheck(p, 1));
  
-    result = 1;
- end:
-    return result;
+    StreamTcpUTDeinit(ra_ctx);
+    PASS;
  }
  
  #endif /* UNITTESTS */
author	Victor Julien <victor@inliniac.net>
	Sat, 7 May 2016 15:21:04 +0000 (17:21 +0200)
committer	Victor Julien <victor@inliniac.net>
	Tue, 17 May 2016 10:36:47 +0000 (12:36 +0200)