From: Eric Leblond <eric@regit.org>
Date: Fri, 16 Sep 2016 09:47:20 +0000 (+0200)
Subject: coccinelle: add siginit test
X-Git-Tag: suricata-3.1.3~25
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4324805478dabb699a1650490c89023c0a695b70;p=thirdparty%2Fsuricata.git

coccinelle: add siginit test

Add a test that check an inversion during keyword setup where
we add a sigmatch to a signature and then do error handling on it.
This was causing a double free of some elements and ultimately a
segfault.

Proposed-by: Victor Julien <victor@inliniac.net>
---

diff --git a/qa/coccinelle/siginit.cocci b/qa/coccinelle/siginit.cocci
new file mode 100644
index 0000000000..9a2193be40
--- /dev/null
+++ b/qa/coccinelle/siginit.cocci
@@ -0,0 +1,26 @@
+@siginit@
+identifier func =~ "Detect.*Setup";
+expression E1;
+position p1;
+identifier de_ctx, s, str, error;
+type DetectEngineCtx, Signature;
+@@
+
+func(DetectEngineCtx *de_ctx, Signature *s, char *str) {
+...
+SigMatchAppendSMToList(s, ...)@p1;
+...
+if (s->alproto != E1 && ...) {
+...
+goto error;
+}
+...
+}
+
+
+@script:python@
+p1 << siginit.p1;
+@@
+print "SigMatch added at %s:%s but error handling can cause it to be freed later." % (p1[0].file, p1[0].line)
+import sys
+sys.exit(1)