From: Victor Julien <vjulien@oisf.net>
Date: Wed, 27 Jul 2022 14:05:08 +0000 (+0200)
Subject: detect: reduce datatype scope for various keywords
X-Git-Tag: suricata-7.0.0-beta1~373
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9fa0033966be34b73a86e178c9f0d95ddb795e51;p=thirdparty%2Fsuricata.git

detect: reduce datatype scope for various keywords
---

diff --git a/src/detect-app-layer-event.c b/src/detect-app-layer-event.c
index 040566dda3..f189cbfd3c 100644
--- a/src/detect-app-layer-event.c
+++ b/src/detect-app-layer-event.c
@@ -51,6 +51,16 @@
 
 #define MAX_ALPROTO_NAME 50
 
+typedef struct DetectAppLayerEventData_ {
+    AppProto alproto;
+    uint8_t event_id;
+
+    /* it's used to check if there are event set into the detect engine */
+    bool needs_detctx;
+
+    char *arg;
+} DetectAppLayerEventData;
+
 static int DetectAppLayerEventPktMatch(DetectEngineThreadCtx *det_ctx,
                                        Packet *p, const Signature *s, const SigMatchCtx *ctx);
 static int DetectAppLayerEventSetupP1(DetectEngineCtx *, Signature *, const char *);
diff --git a/src/detect-app-layer-event.h b/src/detect-app-layer-event.h
index 13be31733d..28580c60d0 100644
--- a/src/detect-app-layer-event.h
+++ b/src/detect-app-layer-event.h
@@ -24,16 +24,6 @@
 #ifndef __DETECT_APP_LAYER_EVENT_H__
 #define __DETECT_APP_LAYER_EVENT_H__
 
-typedef struct DetectAppLayerEventData_ {
-    AppProto alproto;
-    uint8_t event_id;
-
-    /* it's used to check if there are event set into the detect engine */
-    bool needs_detctx;
-
-    char *arg;
-} DetectAppLayerEventData;
-
 int DetectAppLayerEventPrepare(DetectEngineCtx *de_ctx, Signature *s);
 void DetectAppLayerEventRegister(void);
 
diff --git a/src/detect-app-layer-protocol.c b/src/detect-app-layer-protocol.c
index 72475a111a..0673eaac09 100644
--- a/src/detect-app-layer-protocol.c
+++ b/src/detect-app-layer-protocol.c
@@ -38,6 +38,11 @@
 static void DetectAppLayerProtocolRegisterTests(void);
 #endif
 
+typedef struct DetectAppLayerProtocolData_ {
+    AppProto alproto;
+    uint8_t negated;
+} DetectAppLayerProtocolData;
+
 static int DetectAppLayerProtocolPacketMatch(
         DetectEngineThreadCtx *det_ctx,
         Packet *p, const Signature *s, const SigMatchCtx *ctx)
diff --git a/src/detect-app-layer-protocol.h b/src/detect-app-layer-protocol.h
index 65bc3d8c76..864bd671b2 100644
--- a/src/detect-app-layer-protocol.h
+++ b/src/detect-app-layer-protocol.h
@@ -24,11 +24,6 @@
 #ifndef __DETECT_APP_LAYER_PROTOCOL__H__
 #define __DETECT_APP_LAYER_PROTOCOL__H__
 
-typedef struct DetectAppLayerProtocolData_ {
-    AppProto alproto;
-    uint8_t negated;
-} DetectAppLayerProtocolData;
-
 void DetectAppLayerProtocolRegister(void);
 
 #endif /* __DETECT_APP_LAYER_PROTOCOL__H__ */
diff --git a/src/detect-base64-decode.c b/src/detect-base64-decode.c
index 25198b7112..1fe4904793 100644
--- a/src/detect-base64-decode.c
+++ b/src/detect-base64-decode.c
@@ -27,6 +27,12 @@
 /* Arbitrary maximum buffer size for decoded base64 data. */
 #define BASE64_DECODE_MAX 65535
 
+typedef struct DetectBase64Decode_ {
+    uint32_t bytes;
+    uint32_t offset;
+    uint8_t relative;
+} DetectBase64Decode;
+
 static const char decode_pattern[] = "\\s*(bytes\\s+(\\d+),?)?"
     "\\s*(offset\\s+(\\d+),?)?"
     "\\s*(\\w+)?";
diff --git a/src/detect-base64-decode.h b/src/detect-base64-decode.h
index b2f7bdaaf5..58f4e52688 100644
--- a/src/detect-base64-decode.h
+++ b/src/detect-base64-decode.h
@@ -18,13 +18,6 @@
 #ifndef __DETECT_BASE64_DECODE_H__
 #define __DETECT_BASE64_DECODE_H__
 
-
-typedef struct DetectBase64Decode_ {
-    uint32_t bytes;
-    uint32_t offset;
-    uint8_t relative;
-} DetectBase64Decode;
-
 void DetectBase64DecodeRegister(void);
 int DetectBase64DecodeDoMatch(DetectEngineThreadCtx *, const Signature *,
     const SigMatchData *, const uint8_t *, uint32_t);
diff --git a/src/detect-csum.c b/src/detect-csum.c
index 0a1c5d8295..09ae62275c 100644
--- a/src/detect-csum.c
+++ b/src/detect-csum.c
@@ -40,6 +40,15 @@
 #include "util-profiling.h"
 #include "detect-engine-build.h"
 
+#define DETECT_CSUM_VALID   "valid"
+#define DETECT_CSUM_INVALID "invalid"
+
+typedef struct DetectCsumData_ {
+    /* Indicates if the csum-<protocol> keyword in a rule holds the
+       keyvalue "valid" or "invalid" */
+    int16_t valid;
+} DetectCsumData;
+
 /* prototypes for the "ipv4-csum" rule keyword */
 static int DetectIPV4CsumMatch(DetectEngineThreadCtx *,
         Packet *, const Signature *, const SigMatchCtx *);
diff --git a/src/detect-csum.h b/src/detect-csum.h
index 8dd1f4a656..64914912fe 100644
--- a/src/detect-csum.h
+++ b/src/detect-csum.h
@@ -24,15 +24,6 @@
 #ifndef __DETECT_CSUM_H__
 #define __DETECT_CSUM_H__
 
-#define DETECT_CSUM_VALID "valid"
-#define DETECT_CSUM_INVALID "invalid"
-
-typedef struct DetectCsumData_ {
-    /* Indicates if the csum-<protocol> keyword in a rule holds the
-       keyvalue "valid" or "invalid" */
-    int16_t valid;
-} DetectCsumData;
-
 void DetectCsumRegister(void);
 
 #endif /* __DETECT_CSUM_H__ */