From: Modupe Falodun Date: Wed, 26 Jan 2022 09:11:11 +0000 (+0100) Subject: detect/modbus: remove unittests X-Git-Tag: suricata-7.0.0-beta1~975 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=926c02a1410e62586972ef7233be802b928d2be9;p=thirdparty%2Fsuricata.git detect/modbus: remove unittests These tests are reimplemented in Suricata-Verify Task: 4911 --- diff --git a/src/detect-modbus.c b/src/detect-modbus.c index 6603ffbf37..6940a333a8 100644 --- a/src/detect-modbus.c +++ b/src/detect-modbus.c @@ -57,10 +57,6 @@ static int g_modbus_buffer_id = 0; -#ifdef UNITTESTS -static void DetectModbusRegisterTests(void); -#endif - /** \internal * * \brief this function will free memory associated with DetectModbus @@ -157,190 +153,9 @@ void DetectModbusRegister(void) sigmatch_table[DETECT_AL_MODBUS].Setup = DetectModbusSetup; sigmatch_table[DETECT_AL_MODBUS].Free = DetectModbusFree; sigmatch_table[DETECT_AL_MODBUS].AppLayerTxMatch = DetectModbusMatch; -#ifdef UNITTESTS - sigmatch_table[DETECT_AL_MODBUS].RegisterTests = DetectModbusRegisterTests; -#endif DetectAppLayerInspectEngineRegister2( "modbus", ALPROTO_MODBUS, SIG_FLAG_TOSERVER, 0, DetectEngineInspectModbus, NULL); g_modbus_buffer_id = DetectBufferTypeGetByName("modbus"); } - -#ifdef UNITTESTS /* UNITTESTS */ -#include "app-layer-parser.h" - -#include "flow-util.h" - -#include "util-unittest.h" -#include "util-unittest-helper.h" - -/** - * Sample data for tests derived from - * https://github.com/bro/bro/blob/master/testing/btest/Traces/modbus/modbus.trace - */ -static uint8_t writeSingleCoil[] = { - /* Transaction ID */ 0x00, 0x01, - /* Protocol ID */ 0x00, 0x00, - /* Length */ 0x00, 0x06, - /* Unit ID */ 0x0a, - /* Function code */ 0x05, - /* Read Starting Address */ 0x00, 0x02, - /* Data */ 0x00, 0x00 -}; - -static uint8_t restartCommOption[] = { - /* Transaction ID */ 0x00, 0x00, - /* Protocol ID */ 0x00, 0x00, - /* Length */ 0x00, 0x06, - /* Unit ID */ 0x0a, - /* Function code */ 0x08, - /* Diagnostic Code */ 0x00, 0x01, - /* Data */ 0x00, 0x00 -}; - -/** \test Signature containing an access type. */ -static int DetectModbusTestAccess(void) -{ - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - DetectEngineThreadCtx *det_ctx = NULL; - DetectEngineCtx *de_ctx = NULL; - Flow f; - Packet *p = NULL; - Signature *s = NULL; - TcpSession ssn; - ThreadVars tv; - - FAIL_IF_NULL(alp_tctx); - - memset(&tv, 0, sizeof(ThreadVars)); - memset(&f, 0, sizeof(Flow)); - memset(&ssn, 0, sizeof(TcpSession)); - - p = UTHBuildPacket(restartCommOption, sizeof(restartCommOption), IPPROTO_TCP); - - FLOW_INITIALIZE(&f); - f.alproto = ALPROTO_MODBUS; - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.flags |= FLOW_IPV4; - - p->flow = &f; - p->flags |= PKT_HAS_FLOW | PKT_STREAM_EST; - p->flowflags |= FLOW_PKT_TOSERVER | FLOW_PKT_ESTABLISHED; - - StreamTcpInitConfig(TRUE); - - de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->flags |= DE_QUIET; - s = de_ctx->sig_list = SigInit(de_ctx, "alert modbus any any -> any any " - "(msg:\"Testing modbus code function\"; " - "modbus: access write; sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_MODBUS, STREAM_TOSERVER, - writeSingleCoil, sizeof(writeSingleCoil)); - FAIL_IF_NOT(r == 0); - FLOWLOCK_UNLOCK(&f); - - FAIL_IF_NULL(f.alstate); - - /* do detect */ - SigMatchSignatures(&tv, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&tv, det_ctx); - SigGroupCleanup(de_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePacket(p); - PASS; -} - -/** \test Signature containing a function. */ -static int DetectModbusTestFunction(void) -{ - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - DetectEngineThreadCtx *det_ctx = NULL; - DetectEngineCtx *de_ctx = NULL; - Flow f; - Packet *p = NULL; - Signature *s = NULL; - TcpSession ssn; - ThreadVars tv; - - FAIL_IF_NULL(alp_tctx); - - memset(&tv, 0, sizeof(ThreadVars)); - memset(&f, 0, sizeof(Flow)); - memset(&ssn, 0, sizeof(TcpSession)); - - p = UTHBuildPacket(writeSingleCoil, sizeof(writeSingleCoil), IPPROTO_TCP); - - FLOW_INITIALIZE(&f); - f.alproto = ALPROTO_MODBUS; - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.flags |= FLOW_IPV4; - - p->flow = &f; - p->flags |= PKT_HAS_FLOW | PKT_STREAM_EST; - p->flowflags |= FLOW_PKT_TOSERVER | FLOW_PKT_ESTABLISHED; - - StreamTcpInitConfig(TRUE); - - de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->flags |= DE_QUIET; - s = de_ctx->sig_list = SigInit(de_ctx, "alert modbus any any -> any any " - "(msg:\"Testing modbus code function\"; " - "modbus: function 8; sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_MODBUS, STREAM_TOSERVER, - restartCommOption, sizeof(restartCommOption)); - FAIL_IF_NOT(r == 0); - FLOWLOCK_UNLOCK(&f); - - FAIL_IF_NULL(f.alstate); - - /* do detect */ - SigMatchSignatures(&tv, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&tv, det_ctx); - SigGroupCleanup(de_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePacket(p); - PASS; -} - -/** - * \brief this function registers unit tests for DetectModbus - */ -void DetectModbusRegisterTests(void) -{ - UtRegisterTest("DetectModbusTestAccess", DetectModbusTestAccess); - UtRegisterTest("DetectModbusTestFunction", DetectModbusTestFunction); -} -#endif /* UNITTESTS */