From: Victor Julien Date: Tue, 12 Dec 2023 13:54:41 +0000 (+0100) Subject: detect/byte_extract: modernize tests X-Git-Tag: suricata-8.0.0-beta1~1913 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=804a40e0366a0f9a14aba1ae53ae3d057040dee7;p=thirdparty%2Fsuricata.git detect/byte_extract: modernize tests --- diff --git a/src/detect-byte-extract.c b/src/detect-byte-extract.c index 214b21877d..379d3dce01 100644 --- a/src/detect-byte-extract.c +++ b/src/detect-byte-extract.c @@ -1575,90 +1575,47 @@ static int DetectByteExtractTest35(void) static int DetectByteExtractTest36(void) { - DetectEngineCtx *de_ctx = NULL; - int result = 0; - Signature *s = NULL; - SigMatch *sm = NULL; - DetectContentData *cd = NULL; - DetectBytejumpData *bjd = NULL; - DetectByteExtractData *bed = NULL; - - de_ctx = DetectEngineCtxInit(); - if (de_ctx == NULL) - goto end; - + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + FAIL_IF_NULL(de_ctx); de_ctx->flags |= DE_QUIET; - s = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any " - "(msg:\"Testing bytejump_body\"; " - "content:\"one\"; byte_jump:1,13; " - "byte_extract:4,0,two,relative,string,hex; " - "sid:1;)"); - if (de_ctx->sig_list == NULL) { - result = 0; - goto end; - } - if (s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH] == NULL) { - result = 0; - goto end; - } + Signature *s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any (" + "content:\"one\"; byte_jump:1,13; " + "byte_extract:4,0,two,relative,string,hex; " + "sid:1;)"); + FAIL_IF_NULL(s); + FAIL_IF_NULL(s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH]); - sm = s->init_data->smlists[DETECT_SM_LIST_PMATCH]; - if (sm->type != DETECT_CONTENT) { - result = 0; - goto end; - } - cd = (DetectContentData *)sm->ctx; - if (cd->flags & DETECT_CONTENT_RAWBYTES || - strncmp((char *)cd->content, "one", cd->content_len) != 0 || - cd->flags & DETECT_CONTENT_NOCASE || - cd->flags & DETECT_CONTENT_WITHIN || - cd->flags & DETECT_CONTENT_DISTANCE || - cd->flags & DETECT_CONTENT_FAST_PATTERN || - cd->flags & DETECT_CONTENT_RELATIVE_NEXT || - cd->flags & DETECT_CONTENT_NEGATED ) { - printf("one failed\n"); - result = 0; - goto end; - } + SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_PMATCH]; + FAIL_IF(sm->type != DETECT_CONTENT); + DetectContentData *cd = (DetectContentData *)sm->ctx; + FAIL_IF(cd->flags & DETECT_CONTENT_RAWBYTES); + FAIL_IF(strncmp((char *)cd->content, "one", cd->content_len) != 0); + FAIL_IF(cd->flags & DETECT_CONTENT_NOCASE); + FAIL_IF(cd->flags & DETECT_CONTENT_WITHIN); + FAIL_IF(cd->flags & DETECT_CONTENT_DISTANCE); + FAIL_IF(cd->flags & DETECT_CONTENT_FAST_PATTERN); + FAIL_IF(cd->flags & DETECT_CONTENT_RELATIVE_NEXT); + FAIL_IF(cd->flags & DETECT_CONTENT_NEGATED); sm = sm->next; - if (sm->type != DETECT_BYTEJUMP) { - result = 0; - goto end; - } - bjd = (DetectBytejumpData *)sm->ctx; - if (bjd->flags != 0) { - result = 0; - goto end; - } - + FAIL_IF(sm->type != DETECT_BYTEJUMP); + DetectBytejumpData *bjd = (DetectBytejumpData *)sm->ctx; + FAIL_IF(bjd->flags != 0); sm = sm->next; - if (sm->type != DETECT_BYTE_EXTRACT) { - result = 0; - goto end; - } - bed = (DetectByteExtractData *)sm->ctx; - if (bed->nbytes != 4 || - bed->offset != 0 || - strcmp(bed->name, "two") != 0 || - bed->flags != (DETECT_BYTE_EXTRACT_FLAG_RELATIVE | - DETECT_BYTE_EXTRACT_FLAG_STRING) || - bed->endian != DETECT_BYTE_EXTRACT_ENDIAN_NONE || - bed->base != DETECT_BYTE_EXTRACT_BASE_HEX || - bed->align_value != 0 || - bed->multiplier_value != DETECT_BYTE_EXTRACT_MULTIPLIER_DEFAULT) { - goto end; - } - - result = 1; + FAIL_IF(sm->type != DETECT_BYTE_EXTRACT); + DetectByteExtractData *bed = (DetectByteExtractData *)sm->ctx; + FAIL_IF(bed->nbytes != 4); + FAIL_IF(bed->offset != 0); + FAIL_IF(strcmp(bed->name, "two") != 0); + FAIL_IF(bed->flags != (DETECT_BYTE_EXTRACT_FLAG_RELATIVE | DETECT_BYTE_EXTRACT_FLAG_STRING)); + FAIL_IF(bed->endian != DETECT_BYTE_EXTRACT_ENDIAN_NONE); + FAIL_IF(bed->base != DETECT_BYTE_EXTRACT_BASE_HEX); + FAIL_IF(bed->align_value != 0); + FAIL_IF(bed->multiplier_value != DETECT_BYTE_EXTRACT_MULTIPLIER_DEFAULT); - end: - SigGroupCleanup(de_ctx); - SigCleanSignatures(de_ctx); DetectEngineCtxFree(de_ctx); - - return result; + PASS; } static int DetectByteExtractTest37(void) @@ -4159,134 +4116,81 @@ static int DetectByteExtractTest58(void) static int DetectByteExtractTest59(void) { - DetectEngineCtx *de_ctx = NULL; - int result = 0; - Signature *s = NULL; - SigMatch *sm = NULL; - DetectContentData *cd = NULL; - DetectByteExtractData *bed1 = NULL; - DetectBytejumpData *bjd = NULL; - DetectIsdataatData *isdd = NULL; - - de_ctx = DetectEngineCtxInit(); - if (de_ctx == NULL) - goto end; - + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + FAIL_IF_NULL(de_ctx); de_ctx->flags |= DE_QUIET; - s = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any " - "(msg:\"Testing bytejump_body\"; " - "content:\"one\"; " - "byte_extract:4,0,two,string,hex; " - "byte_extract:4,0,three,string,hex; " - "byte_jump: 2,two; " - "byte_jump: 3,three; " - "isdataat: three,relative; " - "sid:1;)"); - if (de_ctx->sig_list == NULL) { - result = 0; - goto end; - } - if (s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH] == NULL) { - result = 0; - goto end; - } + Signature *s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any (" + "content:\"one\"; " + "byte_extract:4,0,two,string,hex; " + "byte_extract:4,0,three,string,hex; " + "byte_jump: 2,two; " + "byte_jump: 3,three; " + "isdataat: three,relative; " + "sid:1;)"); + FAIL_IF_NULL(s); - sm = s->init_data->smlists[DETECT_SM_LIST_PMATCH]; - if (sm->type != DETECT_CONTENT) { - result = 0; - goto end; - } - cd = (DetectContentData *)sm->ctx; - if (cd->flags & DETECT_CONTENT_RAWBYTES || - strncmp((char *)cd->content, "one", cd->content_len) != 0 || - cd->flags & DETECT_CONTENT_NOCASE || - cd->flags & DETECT_CONTENT_WITHIN || - cd->flags & DETECT_CONTENT_DISTANCE || - cd->flags & DETECT_CONTENT_FAST_PATTERN || - cd->flags & DETECT_CONTENT_RELATIVE_NEXT || - cd->flags & DETECT_CONTENT_NEGATED ) { - printf("one failed\n"); - result = 0; - goto end; - } + FAIL_IF_NULL(s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH]); + SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_PMATCH]; + FAIL_IF(sm->type != DETECT_CONTENT); - sm = sm->next; - if (sm->type != DETECT_BYTE_EXTRACT) { - result = 0; - goto end; - } - bed1 = (DetectByteExtractData *)sm->ctx; - if (bed1->nbytes != 4 || - bed1->offset != 0 || - strcmp(bed1->name, "two") != 0 || - bed1->flags != DETECT_BYTE_EXTRACT_FLAG_STRING || - bed1->endian != DETECT_BYTE_EXTRACT_ENDIAN_NONE || - bed1->base != DETECT_BYTE_EXTRACT_BASE_HEX || - bed1->align_value != 0 || - bed1->multiplier_value != DETECT_BYTE_EXTRACT_MULTIPLIER_DEFAULT) { - goto end; - } - if (bed1->local_id != 0) { - result = 0; - goto end; - } + DetectContentData *cd = (DetectContentData *)sm->ctx; + FAIL_IF(cd->flags & DETECT_CONTENT_RAWBYTES); + FAIL_IF(strncmp((char *)cd->content, "one", cd->content_len) != 0); + FAIL_IF(cd->flags & DETECT_CONTENT_NOCASE); + FAIL_IF(cd->flags & DETECT_CONTENT_WITHIN); + FAIL_IF(cd->flags & DETECT_CONTENT_DISTANCE); + FAIL_IF(cd->flags & DETECT_CONTENT_FAST_PATTERN); + FAIL_IF(cd->flags & DETECT_CONTENT_RELATIVE_NEXT); + FAIL_IF(cd->flags & DETECT_CONTENT_NEGATED); sm = sm->next; - if (sm->type != DETECT_BYTE_EXTRACT) { - result = 0; - goto end; - } + FAIL_IF_NULL(sm); + FAIL_IF(sm->type != DETECT_BYTE_EXTRACT); + + DetectByteExtractData *bed1 = (DetectByteExtractData *)sm->ctx; + FAIL_IF(bed1->nbytes != 4); + FAIL_IF(bed1->offset != 0); + FAIL_IF(strcmp(bed1->name, "two") != 0); + FAIL_IF(bed1->flags != DETECT_BYTE_EXTRACT_FLAG_STRING); + FAIL_IF(bed1->endian != DETECT_BYTE_EXTRACT_ENDIAN_NONE); + FAIL_IF(bed1->base != DETECT_BYTE_EXTRACT_BASE_HEX); + FAIL_IF(bed1->align_value != 0); + FAIL_IF(bed1->multiplier_value != DETECT_BYTE_EXTRACT_MULTIPLIER_DEFAULT); + + FAIL_IF(bed1->local_id != 0); sm = sm->next; - if (sm->type != DETECT_BYTEJUMP) { - result = 0; - goto end; - } - bjd = (DetectBytejumpData *)sm->ctx; - if (bjd->flags != DETECT_BYTEJUMP_OFFSET_VAR || bjd->offset != 0) { - printf("three failed\n"); - result = 0; - goto end; - } + FAIL_IF_NULL(sm); + FAIL_IF(sm->type != DETECT_BYTE_EXTRACT); sm = sm->next; - if (sm->type != DETECT_BYTEJUMP) { - result = 0; - goto end; - } - bjd = (DetectBytejumpData *)sm->ctx; - if (bjd->flags != DETECT_BYTEJUMP_OFFSET_VAR || bjd->offset != 1) { - printf("four failed\n"); - result = 0; - goto end; - } + FAIL_IF_NULL(sm); + FAIL_IF(sm->type != DETECT_BYTEJUMP); + + DetectBytejumpData *bjd = (DetectBytejumpData *)sm->ctx; + FAIL_IF(bjd->flags != DETECT_BYTEJUMP_OFFSET_VAR); + FAIL_IF(bjd->offset != 0); sm = sm->next; - if (sm->type != DETECT_ISDATAAT) { - result = 0; - goto end; - } - isdd = (DetectIsdataatData *)sm->ctx; - if (isdd->flags != (ISDATAAT_OFFSET_VAR | - ISDATAAT_RELATIVE) || - isdd->dataat != 1) { - printf("isdataat failed\n"); - result = 0; - goto end; - } + FAIL_IF_NULL(sm); + FAIL_IF(sm->type != DETECT_BYTEJUMP); - if (sm->next != NULL) - goto end; + bjd = (DetectBytejumpData *)sm->ctx; + FAIL_IF(bjd->flags != DETECT_BYTEJUMP_OFFSET_VAR); + FAIL_IF(bjd->offset != 1); - result = 1; + sm = sm->next; + FAIL_IF_NULL(sm); + FAIL_IF(sm->type != DETECT_ISDATAAT); + DetectIsdataatData *isdd = (DetectIsdataatData *)sm->ctx; + FAIL_IF(isdd->flags != (ISDATAAT_OFFSET_VAR | ISDATAAT_RELATIVE)); + FAIL_IF(isdd->dataat != 1); - end: - SigGroupCleanup(de_ctx); - SigCleanSignatures(de_ctx); + FAIL_IF(sm->next != NULL); DetectEngineCtxFree(de_ctx); - return result; + PASS; } static int DetectByteExtractTest60(void)