From: Jeff Lucovsky Date: Mon, 10 Jan 2022 18:20:29 +0000 (-0500) Subject: classification/config: Propagate validation errors X-Git-Tag: suricata-7.0.0-beta1~341 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F7662%2Fhead;p=thirdparty%2Fsuricata.git classification/config: Propagate validation errors Issue: #4554 This commit modifies the workflow to propagate classification parsing errors when in test mode. When not in test mode, errors continue to be displayed but they do not halt Suricata execution. --- diff --git a/src/detect-engine.c b/src/detect-engine.c index 5696d3587d..201e40558e 100644 --- a/src/detect-engine.c +++ b/src/detect-engine.c @@ -2369,8 +2369,7 @@ static DetectEngineCtx *DetectEngineCtxInitReal(enum DetectEngineType type, cons /* init iprep... ignore errors for now */ (void)SRepInit(de_ctx); - SCClassConfLoadClassficationConfigFile(de_ctx, NULL); - if (SCRConfLoadReferenceConfigFile(de_ctx, NULL) < 0) { + if (!SCClassConfLoadClassficationConfigFile(de_ctx, NULL)) { if (RunmodeGetCurrent() == RUNMODE_CONF_TEST) goto error; } @@ -2378,6 +2377,10 @@ static DetectEngineCtx *DetectEngineCtxInitReal(enum DetectEngineType type, cons if (ActionInitConfig() < 0) { goto error; } + if (SCRConfLoadReferenceConfigFile(de_ctx, NULL) < 0) { + if (RunmodeGetCurrent() == RUNMODE_CONF_TEST) + goto error; + } de_ctx->version = DetectEngineGetVersion(); VarNameStoreSetupStaging(de_ctx->version); @@ -2777,8 +2780,10 @@ static int DetectEngineCtxLoadConf(DetectEngineCtx *de_ctx) } if (DetectPortParse(de_ctx, &de_ctx->udp_whitelist, ports) != 0) { - SCLogWarning(SC_ERR_INVALID_YAML_CONF_ENTRY, "'%s' is not a valid value " - "forr detect.grouping.udp-whitelist", ports); + SCLogWarning(SC_ERR_INVALID_YAML_CONF_ENTRY, + "'%s' is not a valid value " + "for detect.grouping.udp-whitelist", + ports); } for (x = de_ctx->udp_whitelist; x != NULL; x = x->next) { if (x->port != x->port2) {