From: Jeff Lucovsky <jlucovsky@oisf.net>
Date: Thu, 21 Mar 2024 13:37:26 +0000 (-0400)
Subject: detect/ipopts: Remove unneeded PCRE logic
X-Git-Tag: suricata-8.0.0-beta1~1459
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ee942391f78d9d1c88f28eefc22072b1c14179bd;p=thirdparty%2Fsuricata.git

detect/ipopts: Remove unneeded PCRE logic

Issue: 6864

Reduce complexity by eliminating the PCRE logic and adding a unittest to
validate null/empty string handling
---

diff --git a/src/detect-ipopts.c b/src/detect-ipopts.c
index 746036b009..fe77b40689 100644
--- a/src/detect-ipopts.c
+++ b/src/detect-ipopts.c
@@ -32,10 +32,6 @@
 #include "detect-ipopts.h"
 #include "util-unittest.h"
 
-#define PARSE_REGEX "\\S[A-z]"
-
-static DetectParseRegex parse_regex;
-
 static int DetectIpOptsMatch (DetectEngineThreadCtx *, Packet *,
         const Signature *, const SigMatchCtx *);
 static int DetectIpOptsSetup (DetectEngineCtx *, Signature *, const char *);
@@ -58,7 +54,6 @@ void DetectIpOptsRegister (void)
 #ifdef UNITTESTS
     sigmatch_table[DETECT_IPOPTS].RegisterTests = IpOptsRegisterTests;
 #endif
-    DetectSetupParseRegexes(PARSE_REGEX, &parse_regex);
 }
 
 /**
@@ -185,17 +180,11 @@ static int DetectIpOptsMatch (DetectEngineThreadCtx *det_ctx, Packet *p,
  */
 static DetectIpOptsData *DetectIpOptsParse (const char *rawstr)
 {
+    if (rawstr == NULL || strlen(rawstr) == 0)
+        return NULL;
+
     int i;
-    DetectIpOptsData *de = NULL;
     bool found = false;
-
-    pcre2_match_data *match = NULL;
-    int ret = DetectParsePcreExec(&parse_regex, &match, rawstr, 0, 0);
-    if (ret < 1) {
-        SCLogError("pcre_exec parse error, ret %" PRId32 ", string %s", ret, rawstr);
-        goto error;
-    }
-
     for(i = 0; ipopts[i].ipopt_name != NULL; i++)  {
         if((strcasecmp(ipopts[i].ipopt_name,rawstr)) == 0) {
             found = true;
@@ -205,24 +194,16 @@ static DetectIpOptsData *DetectIpOptsParse (const char *rawstr)
 
     if (!found) {
         SCLogError("unknown IP option specified \"%s\"", rawstr);
-        goto error;
+        return NULL;
     }
 
-    de = SCMalloc(sizeof(DetectIpOptsData));
+    DetectIpOptsData *de = SCMalloc(sizeof(DetectIpOptsData));
     if (unlikely(de == NULL))
-        goto error;
+        return NULL;
 
     de->ipopt = ipopts[i].code;
 
-    pcre2_match_data_free(match);
     return de;
-
-error:
-    if (match) {
-        pcre2_match_data_free(match);
-    }
-    if (de) SCFree(de);
-    return NULL;
 }
 
 /**
@@ -370,6 +351,20 @@ static int IpOptsTestParse04 (void)
     PASS;
 }
 
+/**
+ * \test IpOptsTestParse05 tests the NULL and empty string
+ */
+static int IpOptsTestParse05(void)
+{
+    DetectIpOptsData *de = DetectIpOptsParse("");
+    FAIL_IF_NOT_NULL(de);
+
+    de = DetectIpOptsParse(NULL);
+    FAIL_IF_NOT_NULL(de);
+
+    PASS;
+}
+
 /**
  * \brief this function registers unit tests for IpOpts
  */
@@ -379,5 +374,6 @@ void IpOptsRegisterTests(void)
     UtRegisterTest("IpOptsTestParse02", IpOptsTestParse02);
     UtRegisterTest("IpOptsTestParse03", IpOptsTestParse03);
     UtRegisterTest("IpOptsTestParse04", IpOptsTestParse04);
+    UtRegisterTest("IpOptsTestParse05", IpOptsTestParse05);
 }
 #endif /* UNITTESTS */