From: Victor Julien <victor@inliniac.net>
Date: Sat, 4 Nov 2017 10:11:54 +0000 (+0100)
Subject: mpm: add depth/offset support
X-Git-Tag: suricata-4.1.0-beta1~479
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=553c8ff485cecf3f9e56c83ee5c689812204e311;p=thirdparty%2Fsuricata.git

mpm: add depth/offset support
---

diff --git a/src/util-mpm.c b/src/util-mpm.c
index 92fdedd52e..b8b68f26dd 100644
--- a/src/util-mpm.c
+++ b/src/util-mpm.c
@@ -501,9 +501,10 @@ static inline uint32_t MpmInitHashRaw(uint8_t *pat, uint16_t patlen)
  *
  * \retval hash A 32 bit unsigned hash.
  */
-static inline MpmPattern *MpmInitHashLookup(MpmCtx *ctx, uint8_t *pat,
-                                                  uint16_t patlen, char flags,
-                                                  uint32_t pid)
+static inline MpmPattern *MpmInitHashLookup(MpmCtx *ctx,
+        uint8_t *pat, uint16_t patlen,
+        uint16_t offset, uint16_t depth,
+        uint8_t flags, uint32_t pid)
 {
     uint32_t hash = MpmInitHashRaw(pat, patlen);
 
@@ -517,7 +518,7 @@ static inline MpmPattern *MpmInitHashLookup(MpmCtx *ctx, uint8_t *pat,
             if (t->id == pid)
                 return t;
         } else {
-            if (t->len == patlen &&
+            if (t->len == patlen && t->offset == offset && t->depth == depth &&
                     memcmp(pat, t->original_pat, patlen) == 0 &&
                     t->flags == flags)
             {
@@ -652,7 +653,8 @@ int MpmAddPattern(MpmCtx *mpm_ctx, uint8_t *pat, uint16_t patlen,
         pid = UINT_MAX;
 
     /* check if we have already inserted this pattern */
-    MpmPattern *p = MpmInitHashLookup(mpm_ctx, pat, patlen, flags, pid);
+    MpmPattern *p = MpmInitHashLookup(mpm_ctx, pat, patlen,
+            offset, depth, flags, pid);
     if (p == NULL) {
         SCLogDebug("Allocing new pattern");
 
@@ -661,6 +663,8 @@ int MpmAddPattern(MpmCtx *mpm_ctx, uint8_t *pat, uint16_t patlen,
 
         p->len = patlen;
         p->flags = flags;
+        p->offset = offset;
+        p->depth = depth;
         if (flags & MPM_PATTERN_CTX_OWNS_ID)
             p->id = mpm_ctx->max_pat_id++;
         else
diff --git a/src/util-mpm.h b/src/util-mpm.h
index f20bf73774..3b7960a86d 100644
--- a/src/util-mpm.h
+++ b/src/util-mpm.h
@@ -59,6 +59,13 @@ typedef struct MpmPattern_ {
     uint16_t len;
     /* flags decribing the pattern */
     uint8_t flags;
+
+    /* offset into the buffer where match may start */
+    uint16_t offset;
+
+    /* offset into the buffer before which match much complete */
+    uint16_t depth;
+
     /* holds the original pattern that was added */
     uint8_t *original_pat;
     /* case sensitive */