From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Sat, 12 Feb 2022 14:46:29 +0000 (-0500)
Subject: detect/ipproto: Use builtin protocol table
X-Git-Tag: suricata-5.0.9~66
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=927401805c0859fb85f3af36e5886f706e6932c1;p=thirdparty%2Fsuricata.git

detect/ipproto: Use builtin protocol table

Issue 5072

This commit causes the built-in protocol table to be used for protocol
name and number validation.

(cherry picked from commit 4f2f745bed4858c6441b1b936f66453e87b715bb)
---

diff --git a/src/detect-ipproto.c b/src/detect-ipproto.c
index 19cf2ae508..d0b591ada6 100644
--- a/src/detect-ipproto.c
+++ b/src/detect-ipproto.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2007-2013 Open Information Security Foundation
+/* Copyright (C) 2007-2022 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
@@ -38,6 +38,7 @@
 #include "detect-engine-address.h"
 
 #include "util-byte.h"
+#include "util-proto-name.h"
 #include "util-unittest.h"
 #include "util-unittest-helper.h"
 
@@ -120,13 +121,12 @@ static DetectIPProtoData *DetectIPProtoParse(const char *optstr)
 
     /* Protocol name/number */
     if (!isdigit((unsigned char)*(args[1]))) {
-        struct protoent *pent = getprotobyname(args[1]);
-        if (pent == NULL) {
-            SCLogError(SC_ERR_INVALID_VALUE, "Malformed protocol name: %s",
-                       str_ptr);
+        uint8_t proto;
+        if (!SCGetProtoByName(args[1], &proto)) {
+            SCLogError(SC_ERR_INVALID_VALUE, "Unknown protocol name: \"%s\"", str_ptr);
             goto error;
         }
-        data->proto = (uint8_t)pent->p_proto;
+        data->proto = proto;
     }
     else {
         if (ByteExtractStringUint8(&data->proto, 10, 0, args[1]) <= 0) {