From: Tom Peters (thopeter) <thopeter@cisco.com>
Date: Thu, 4 Apr 2019 17:55:46 +0000 (-0400)
Subject: Merge pull request #1560 in SNORT/snort3 from ~MIREDDEN/snort3:raw_data_conversion... 
X-Git-Tag: 3.0.0-252~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=49defd708a66e11fab814e9979b3f7064e40c100;p=thirdparty%2Fsnort3.git

Merge pull request #1560 in SNORT/snort3 from ~MIREDDEN/snort3:raw_data_conversion to master

Squashed commit of the following:

commit e79c9266e5324907de4d5cd730cc4934331b706e
Author: Mike Redden <miredden@cisco.com>
Date:   Tue Mar 26 15:58:55 2019 -0400

    snort2lua: Convert rawbytes to raw_data sticky buffer
---

diff --git a/tools/snort2lua/data/data_types/dt_rule.cc b/tools/snort2lua/data/data_types/dt_rule.cc
index b5119ee4d..4ca57d101 100644
--- a/tools/snort2lua/data/data_types/dt_rule.cc
+++ b/tools/snort2lua/data/data_types/dt_rule.cc
@@ -271,7 +271,8 @@ void Rule::resolve_pcre_buffer_options()
             name == "http_raw_uri" ||
             name == "http_stat_code" ||
             name == "http_stat_msg" ||
-            name == "http_uri")
+            name == "http_uri" ||
+            name == "raw_data")
         {
             if (curr_sticky_buffer == name)
             {
diff --git a/tools/snort2lua/rule_states/rule_content.cc b/tools/snort2lua/rule_states/rule_content.cc
index 40a87aed0..e50694489 100644
--- a/tools/snort2lua/rule_states/rule_content.cc
+++ b/tools/snort2lua/rule_states/rule_content.cc
@@ -87,7 +87,7 @@ bool Content<option_name>::parse_options(
         rule_api.add_suboption("length", val);
 
     else if (keyword == "rawbytes")
-        add_sticky_buffer(data_stream, "pkt_data");
+        add_sticky_buffer(data_stream, "raw_data");
 
     else if (keyword == "http_client_body")
         add_sticky_buffer(data_stream, "http_client_body");