From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Sat, 13 Feb 2021 15:36:11 +0000 (-0500)
Subject: tests: Add test case for 2982
X-Git-Tag: suricata-6.0.9~15
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=53be882b1c5b29515cbffa69dc7046e16c2e8572;p=thirdparty%2Fsuricata-verify.git

tests: Add test case for 2982
---

diff --git a/tests/test-unreachable-distance-1/input.pcap b/tests/test-unreachable-distance-1/input.pcap
new file mode 100644
index 000000000..bc6ba8ff9
Binary files /dev/null and b/tests/test-unreachable-distance-1/input.pcap differ
diff --git a/tests/test-unreachable-distance-1/test.rules b/tests/test-unreachable-distance-1/test.rules
new file mode 100644
index 000000000..a26c3383c
--- /dev/null
+++ b/tests/test-unreachable-distance-1/test.rules
@@ -0,0 +1,5 @@
+alert udp any any -> any any (msg:"dsize/distance INVALID combination #1"; dsize:10; content:"boom"; content:"loom"; distance:10; sid:1; rev:1;)
+alert udp any any -> any any (msg:"dsize/distance INVALID combination #2"; dsize:6; content:"boom"; content:"loom"; distance:3; sid:2; rev:1;)
+alert udp any any -> any any (msg:"dsize/distance INVALID combination #3"; dsize:6; content:"boom"; content:"loom"; distance:2; sid:3; rev:1;)
+alert udp any any -> any any (msg:"dsize/distance VALID combination #1"; dsize:10; content:"boom"; content:"loom"; distance:-10; sid:4; rev:1;)
+alert udp any any -> any any (msg:"dsize/distance VALID combination #2"; dsize:10; content:"boom"; content:"loom"; distance:-15; sid:5; rev:1;)
diff --git a/tests/test-unreachable-distance-1/test.yaml b/tests/test-unreachable-distance-1/test.yaml
new file mode 100644
index 000000000..af39ec497
--- /dev/null
+++ b/tests/test-unreachable-distance-1/test.yaml
@@ -0,0 +1,17 @@
+requires:
+  min-version: 7
+
+checks:
+    - shell:
+        args: grep "signature can't match" suricata.log | wc -l | xargs
+        expect: 3
+
+    - shell:
+        args: grep SC_ERR_INVALID_SIGNATURE suricata.log | wc -l | xargs
+        expect: 6
+
+    - shell:
+        args: grep "1 rule files processed. 2 rules successfully loaded, 3 rules failed" suricata.log | wc -l | xargs
+        expect: 1
+
+exit-code: 1