From: Jason Ish <jason.ish@oisf.net>
Date: Tue, 20 Sep 2022 17:48:59 +0000 (-0600)
Subject: detect: allow rule errors to display error, but not be fatal
X-Git-Tag: suricata-6.0.7~15
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=726de4e70c7e7cff714f89d1d00208a162817f4f;p=thirdparty%2Fsuricata.git

detect: allow rule errors to display error, but not be fatal

Add a new setup return code, -4 which will print the error, but not
error out in test mode. This is to support allowing incomplete hex, as
there is no context as to which rule had the issue.

For context:
- -3: error ok, no message
- -2: error not ok, no message
- -4: error ok, message
---

diff --git a/src/detect-parse.c b/src/detect-parse.c
index 020778eea5..14f400e493 100644
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -1908,7 +1908,11 @@ static Signature *SigInitHelper(DetectEngineCtx *de_ctx, const char *sigstr,
     sig->gid = 1;
 
     int ret = SigParse(de_ctx, sig, sigstr, dir, &parser);
-    if (ret == -3) {
+    if (ret == -4) {
+        de_ctx->sigerror_ok = true;
+        goto error;
+    }
+    else if (ret == -3) {
         de_ctx->sigerror_silent = true;
         de_ctx->sigerror_ok = true;
         goto error;