From: Victor Julien <vjulien@oisf.net>
Date: Thu, 12 Oct 2023 13:31:35 +0000 (+0200)
Subject: detect: improve explanation of offset tracking
X-Git-Tag: suricata-8.0.0-beta1~1998
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=15b545d16fd827f0ac4a5b48bf88f371ecc8e22f;p=thirdparty%2Fsuricata.git

detect: improve explanation of offset tracking
---

diff --git a/src/detect.h b/src/detect.h
index cdc098368f..e30bac279a 100644
--- a/src/detect.h
+++ b/src/detect.h
@@ -1103,10 +1103,11 @@ typedef struct DetectEngineThreadCtx_ {
 
     uint64_t raw_stream_progress;
 
-    /** offset into the payload of the last match by:
-     *  content, pcre, etc */
+    /** offset into the payload of the end of the last match by: content, pcre, etc */
     uint32_t buffer_offset;
-    /* used by pcre match function alone */
+
+    /** used by pcre match function alone: normally in sync with buffer_offset, but
+     *  points to 1 byte after the start of the last pcre match if a pcre match happened. */
     uint32_t pcre_match_start_offset;
 
     /* counter for the filestore array below -- up here for cache reasons. */