From: Russ Combs Date: Sun, 16 Oct 2016 12:43:18 +0000 (-0400) Subject: initial IpsContext X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e66900f864294742dbba96f991c8fb3da6d4f365;p=thirdparty%2Fsnort3.git initial IpsContext --- diff --git a/src/detection/ips_context.cc b/src/detection/ips_context.cc new file mode 100644 index 000000000..61babf5fb --- /dev/null +++ b/src/detection/ips_context.cc @@ -0,0 +1,103 @@ +//-------------------------------------------------------------------------- +// Copyright (C) 2016-2016 Cisco and/or its affiliates. All rights reserved. +// +// This program is free software; you can redistribute it and/or modify it +// under the terms of the GNU General Public License Version 2 as published +// by the Free Software Foundation. You may not use, modify or distribute +// this program under any other version of the GNU General Public License. +// +// This program is distributed in the hope that it will be useful, but +// WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +// General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +//-------------------------------------------------------------------------- + +// ips_context.cc author Russ Combs + +#include "ips_context.h" + +#include + +#define UNIT_TEST + +#ifdef UNIT_TEST +#include "catch.hpp" +#endif + +unsigned IpsContextData::ips_id = 0; + +//-------------------------------------------------------------------------- +// context methods +//-------------------------------------------------------------------------- + +IpsContext::IpsContext(unsigned size) : data(size, nullptr) +{ } + +IpsContext::~IpsContext() +{ + for ( auto* p : data ) + if ( p ) + delete p; +} + +void IpsContext::set_context_data(unsigned id, IpsContextData* cd) +{ + assert(id < data.size()); + data[id] = cd; +} + +IpsContextData* IpsContext::get_context_data(unsigned id) const +{ + assert(id < data.size()); + return data[id]; +} + +//-------------------------------------------------------------------------- +// unit tests +//-------------------------------------------------------------------------- + +#ifdef UNIT_TEST +class ContextData : public IpsContextData +{ +public: + ContextData(int i) + { ++count; } + + ~ContextData() + { --count; } + + static int count; +}; + +int ContextData::count = 0; + +TEST_CASE("ips_ids", "[IpsContextData]") +{ + CHECK(IpsContextData::get_max_id() == 0); + + unsigned id1 = IpsContextData::get_ips_id(); + unsigned id2 = IpsContextData::get_ips_id(); + CHECK(id1 != id2); + + CHECK(IpsContextData::get_max_id() == id2); +} + +TEST_CASE("basic", "[IpsContext]") +{ + SECTION("one context") + { + auto id = IpsContextData::get_ips_id(); + auto* d1 = new ContextData(10); + auto ctxt = IpsContext(id+1); + ctxt.set_context_data(id, d1); + CHECK(ctxt.get_context_data(id) == d1); + } + CHECK(ContextData::count == 0); +} + +#endif + diff --git a/src/detection/ips_context.h b/src/detection/ips_context.h new file mode 100644 index 000000000..7bf172e04 --- /dev/null +++ b/src/detection/ips_context.h @@ -0,0 +1,73 @@ +//-------------------------------------------------------------------------- +// Copyright (C) 2016-2016 Cisco and/or its affiliates. All rights reserved. +// +// This program is free software; you can redistribute it and/or modify it +// under the terms of the GNU General Public License Version 2 as published +// by the Free Software Foundation. You may not use, modify or distribute +// this program under any other version of the GNU General Public License. +// +// This program is distributed in the hope that it will be useful, but +// WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +// General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +//-------------------------------------------------------------------------- + +// ips_context.h author Russ Combs + +#ifndef IPS_CONTEXT_H +#define IPS_CONTEXT_H + +// IpsContext provides access to all the state required for detection of a +// single packet. the state is stored in IpsContextData instances, which +// are accessed by id. +// +// FIXIT-H IpsContext will likely directly contain certain core detection +// state such as an event queue. This data will be migrated after +// integration into Snort. + +#include + +class IpsContextData +{ +public: + virtual ~IpsContextData() { }; + + static unsigned get_ips_id() + { return ++ips_id; } + + static unsigned get_max_id() + { return ips_id; } + +protected: + IpsContextData() { } + +private: + static unsigned ips_id; +}; + +class IpsContext +{ +public: + IpsContext(unsigned size); + ~IpsContext(); + + void set_context_data(unsigned id, IpsContextData*); + IpsContextData* get_context_data(unsigned id) const; + + void set_slot(unsigned s) + { slot = s; } + + unsigned get_slot() + { return slot; } + +private: + std::vector data; + unsigned slot; +}; + +#endif +