From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Sun, 1 Dec 2019 18:15:34 +0000 (-0500)
Subject: detect/analyzer: Improved fast pattern display
X-Git-Tag: suricata-5.0.1~61
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8f4f1cb633c6c7b1feb2648869a1d9cd2b4594eb;p=thirdparty%2Fsuricata.git

detect/analyzer: Improved fast pattern display

When transforms are part of a rule, improve information displayed with
fast patterns to include the original buffer name and whether any
transform(s) are applied.
---

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index 5d598f2d27..d8bcbd162c 100644
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -526,10 +526,18 @@ static void EngineAnalysisRulesPrintFP(const DetectEngineCtx *de_ctx, const Sign
         const char *name = DetectBufferTypeGetNameById(de_ctx, list_type);
         if (desc && name) {
             fprintf(rule_engine_analysis_FD, "%s (%s)", desc, name);
+        } else if (desc || name) {
+            fprintf(rule_engine_analysis_FD, "%s", desc ? desc : name);
         }
+
     }
 
-    fprintf(rule_engine_analysis_FD, "\" buffer.\n");
+    fprintf(rule_engine_analysis_FD, "\" ");
+    if (de_ctx->buffer_type_map[list_type] && de_ctx->buffer_type_map[list_type]->transforms.cnt) {
+        fprintf(rule_engine_analysis_FD, "(with %d transform(s)) ",
+                de_ctx->buffer_type_map[list_type]->transforms.cnt);
+    }
+    fprintf(rule_engine_analysis_FD, "buffer.\n");
 
     return;
 }