From 4f2f745bed4858c6441b1b936f66453e87b715bb Mon Sep 17 00:00:00 2001 From: Jeff Lucovsky Date: Sat, 12 Feb 2022 09:46:29 -0500 Subject: [PATCH] detect/ipproto: Use builtin protocol table Issue 5072 This commit causes the built-in protocol table to be used for protocol name and number validation. --- src/detect-ipproto.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/detect-ipproto.c b/src/detect-ipproto.c index 2eb4833692..598f5ad761 100644 --- a/src/detect-ipproto.c +++ b/src/detect-ipproto.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2020 Open Information Security Foundation +/* Copyright (C) 2007-2022 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -38,6 +38,7 @@ #include "detect-engine-address.h" #include "util-byte.h" +#include "util-proto-name.h" #include "util-unittest.h" #include "util-unittest-helper.h" @@ -121,13 +122,12 @@ static DetectIPProtoData *DetectIPProtoParse(const char *optstr) /* Protocol name/number */ if (!isdigit((unsigned char)*(args[1]))) { - struct protoent *pent = getprotobyname(args[1]); - if (pent == NULL) { - SCLogError(SC_ERR_INVALID_VALUE, "Malformed protocol name: %s", - str_ptr); + uint8_t proto; + if (!SCGetProtoByName(args[1], &proto)) { + SCLogError(SC_ERR_INVALID_VALUE, "Unknown protocol name: \"%s\"", str_ptr); goto error; } - data->proto = (uint8_t)pent->p_proto; + data->proto = proto; } else { if (StringParseUint8(&data->proto, 10, 0, args[1]) <= 0) { -- 2.47.2