From: Jason Ish Date: Wed, 24 Jan 2024 15:02:19 +0000 (-0600) Subject: detect/requires: reset sigerror flags for each rule X-Git-Tag: suricata-8.0.0-beta1~1819 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=de3cbe4c90fb7fb6d54b6876ab515f791145271a;p=thirdparty%2Fsuricata.git detect/requires: reset sigerror flags for each rule "sigerror_ok" and "sigerror_requires" were not being reset after each rule which could lead to a rule load error being incorrectly tracked as skipped rather than failed. Also initialize "skippedsigs" to 0 along with "goodsigs" and "badsigs", while not directly related to this issue, could also throw off some stats. Ticket: #6710 --- diff --git a/src/detect-engine-loader.c b/src/detect-engine-loader.c index 9c3e3e8b53..1f5363c6f8 100644 --- a/src/detect-engine-loader.c +++ b/src/detect-engine-loader.c @@ -122,6 +122,7 @@ static int DetectLoadSigFile( (*goodsigs) = 0; (*badsigs) = 0; + (*skippedsigs) = 0; FILE *fp = fopen(sig_file, "r"); if (fp == NULL) { diff --git a/src/detect-parse.c b/src/detect-parse.c index 31df3d0aae..e1c073efd6 100644 --- a/src/detect-parse.c +++ b/src/detect-parse.c @@ -2315,7 +2315,9 @@ Signature *SigInit(DetectEngineCtx *de_ctx, const char *sigstr) SCEnter(); uint32_t oldsignum = de_ctx->signum; + de_ctx->sigerror_ok = false; de_ctx->sigerror_silent = false; + de_ctx->sigerror_requires = false; Signature *sig;