From 549f7873dfce0f54f9c46bd4f5017be67e293df6 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Sat, 6 May 2023 08:29:38 +0200 Subject: [PATCH] detect: spelling --- src/detect-byte-extract.c | 4 ++-- src/detect-bytetest.c | 2 +- src/detect-cipservice.c | 6 +++--- src/detect-content.c | 16 ++++++++-------- src/detect-depth.c | 2 +- src/detect-dnp3.c | 2 +- src/detect-engine-address.c | 4 ++-- src/detect-engine-build.c | 4 ++-- src/detect-engine-content-inspection.c | 2 +- src/detect-engine-enip.c | 2 +- src/detect-engine-loader.c | 2 +- src/detect-engine-payload.c | 4 ++-- src/detect-engine-port.c | 2 +- src/detect-engine-proto.c | 2 +- src/detect-engine-siggroup.c | 2 +- src/detect-engine-state.c | 2 +- src/detect-engine-tag.c | 2 +- src/detect-engine-threshold.c | 6 +++--- src/detect-engine.h | 2 +- src/detect-fileext.c | 2 +- src/detect-flow.c | 2 +- src/detect-flowbits.c | 18 +++++++++--------- src/detect-flowint.c | 18 +++++++++--------- src/detect-flowint.h | 2 +- src/detect-flowvar.c | 2 +- src/detect-fragbits.c | 4 ++-- src/detect-ftpbounce.c | 18 +++++++++--------- src/detect-ftpdata.h | 2 +- src/detect-geoip.c | 2 +- src/detect-hostbits.c | 15 ++++++++------- src/detect-http-request-line.c | 2 +- src/detect-http-response-line.c | 2 +- src/detect-l3proto.c | 2 +- src/detect-metadata.c | 8 ++++---- src/detect-nocase.c | 2 +- src/detect-offset.c | 2 +- src/detect-parse.c | 12 +++++++----- src/detect-pcre.c | 2 +- src/detect-reference.c | 6 +++--- src/detect-replace.c | 2 +- src/detect-ssh-hassh-server.c | 2 +- src/detect-ssh-hassh.c | 2 +- src/detect-ssh-software-version.c | 2 +- src/detect-ssl-state.h | 3 +-- src/detect-tcp-flags.c | 10 +++++----- src/detect-tcp-flags.h | 2 +- src/detect-tcp-window.c | 2 +- src/detect-tls-cert-fingerprint.c | 2 +- src/detect-uricontent.c | 6 +++--- src/detect-urilen.c | 2 +- src/detect-xbits.c | 2 +- src/detect.c | 10 +++++----- 52 files changed, 120 insertions(+), 118 deletions(-) diff --git a/src/detect-byte-extract.c b/src/detect-byte-extract.c index 80324fcce6..fd96a46e5f 100644 --- a/src/detect-byte-extract.c +++ b/src/detect-byte-extract.c @@ -50,7 +50,7 @@ #include "util-unittest-helper.h" #include "util-spm.h" -/* the default value of endianess to be used, if none's specified */ +/* the default value of endianness to be used, if none's specified */ #define DETECT_BYTE_EXTRACT_ENDIAN_DEFAULT DETECT_BYTE_EXTRACT_ENDIAN_BIG /* the base to be used if string mode is specified. These options would be @@ -73,7 +73,7 @@ #define STRING_MAX_BYTES_TO_EXTRACT_FOR_OCT 23 #define STRING_MAX_BYTES_TO_EXTRACT_FOR_DEC 20 #define STRING_MAX_BYTES_TO_EXTRACT_FOR_HEX 14 -/* the max no of bytes that can be extraced in non-string mode */ +/* the max no of bytes that can be extracted in non-string mode */ #define NO_STRING_MAX_BYTES_TO_EXTRACT 8 #define PARSE_REGEX "^" \ diff --git a/src/detect-bytetest.c b/src/detect-bytetest.c index 1d6627a627..23508143e9 100644 --- a/src/detect-bytetest.c +++ b/src/detect-bytetest.c @@ -96,7 +96,7 @@ void DetectBytetestRegister (void) * * \param det_ctx thread de ctx * \param s signature - * \param m sigmatch for this bytettest + * \param m sigmatch for this bytetest * \param payload ptr to the start of the buffer to inspect * \param payload_len length of the payload * \retval 1 match diff --git a/src/detect-cipservice.c b/src/detect-cipservice.c index 184dec4b69..00b9a75ca0 100644 --- a/src/detect-cipservice.c +++ b/src/detect-cipservice.c @@ -20,7 +20,7 @@ * * \author Kevin Wong * - * Set up ENIP Commnad and CIP Service rule parsing and entry point for matching + * Set up ENIP Command and CIP Service rule parsing and entry point for matching */ #include "suricata-common.h" @@ -291,7 +291,7 @@ static void DetectCipServiceRegisterTests(void) */ /** - * \brief ENIP Commond Detect Prototypes + * \brief ENIP Command Detect Prototypes */ static int DetectEnipCommandSetup(DetectEngineCtx *, Signature *, const char *); static void DetectEnipCommandFree(DetectEngineCtx *, void *); @@ -328,7 +328,7 @@ void DetectEnipCommandRegister(void) * \brief This function is used to parse cip_service options passed via enip_command: keyword * * \param rulestr Pointer to the user provided rulestr options - * Takes single single numeric value + * Takes single numeric value * * \retval enipcmdd pointer to DetectCipServiceData on success * \retval NULL on failure diff --git a/src/detect-content.c b/src/detect-content.c index 536366e940..3aba73ab69 100644 --- a/src/detect-content.c +++ b/src/detect-content.c @@ -907,7 +907,7 @@ static int g_file_data_buffer_id = 0; static int g_dce_stub_data_buffer_id = 0; /** - * \test DetectCotentParseTest01 this is a test to make sure we can deal with escaped colons + * \test DetectContentParseTest01 this is a test to make sure we can deal with escaped colons */ static int DetectContentParseTest01 (void) { @@ -938,7 +938,7 @@ static int DetectContentParseTest01 (void) } /** - * \test DetectCotentParseTest02 this is a test to make sure we can deal with escaped semi-colons + * \test DetectContentParseTest02 this is a test to make sure we can deal with escaped semi-colons */ static int DetectContentParseTest02 (void) { @@ -969,7 +969,7 @@ static int DetectContentParseTest02 (void) } /** - * \test DetectCotentParseTest03 this is a test to make sure we can deal with escaped double-quotes + * \test DetectContentParseTest03 this is a test to make sure we can deal with escaped double-quotes */ static int DetectContentParseTest03 (void) { @@ -1000,7 +1000,7 @@ static int DetectContentParseTest03 (void) } /** - * \test DetectCotentParseTest04 this is a test to make sure we can deal with escaped backslashes + * \test DetectContentParseTest04 this is a test to make sure we can deal with escaped backslashes */ static int DetectContentParseTest04 (void) { @@ -1032,7 +1032,7 @@ static int DetectContentParseTest04 (void) } /** - * \test DetectCotentParseTest05 test illegal escape + * \test DetectContentParseTest05 test illegal escape */ static int DetectContentParseTest05 (void) { @@ -1057,7 +1057,7 @@ static int DetectContentParseTest05 (void) } /** - * \test DetectCotentParseTest06 test a binary content + * \test DetectContentParseTest06 test a binary content */ static int DetectContentParseTest06 (void) { @@ -1089,7 +1089,7 @@ static int DetectContentParseTest06 (void) } /** - * \test DetectCotentParseTest07 test an empty content + * \test DetectContentParseTest07 test an empty content */ static int DetectContentParseTest07 (void) { @@ -1112,7 +1112,7 @@ static int DetectContentParseTest07 (void) } /** - * \test DetectCotentParseTest08 test an empty content + * \test DetectContentParseTest08 test an empty content */ static int DetectContentParseTest08 (void) { diff --git a/src/detect-depth.c b/src/detect-depth.c index 2783bac72f..1c4f94a396 100644 --- a/src/detect-depth.c +++ b/src/detect-depth.c @@ -67,7 +67,7 @@ static int DetectDepthSetup (DetectEngineCtx *de_ctx, Signature *s, const char * SigMatch *pm = NULL; int ret = -1; - /* retrive the sm to apply the depth against */ + /* retrieve the sm to apply the depth against */ pm = DetectGetLastSMFromLists(s, DETECT_CONTENT, -1); if (pm == NULL) { SCLogError("depth needs " diff --git a/src/detect-dnp3.c b/src/detect-dnp3.c index e8f2c052ae..208dec7c3a 100644 --- a/src/detect-dnp3.c +++ b/src/detect-dnp3.c @@ -180,7 +180,7 @@ static InspectionBuffer *GetDNP3Data(DetectEngineThreadCtx *det_ctx, * within the range of valid function codes. If function name is * passed it will be resolved to its function code. * - * \retval The function code as an integer if successul, -1 on + * \retval The function code as an integer if successful, -1 on * failure. */ static int DetectDNP3FuncParseFunctionCode(const char *str, uint8_t *fc) diff --git a/src/detect-engine-address.c b/src/detect-engine-address.c index 8245c9b807..2875171947 100644 --- a/src/detect-engine-address.c +++ b/src/detect-engine-address.c @@ -601,7 +601,7 @@ static DetectAddress *DetectAddressParseSingle(const char *str) /** * \brief Setup a single address string, parse it and add the resulting - * Address-Range(s) to the AddessHead(DetectAddressHead instance). + * Address-Range(s) to the AddressHead(DetectAddressHead instance). * * \param gh Pointer to the Address-Head(DetectAddressHead) to which the * resulting Address-Range(s) from the parsed ip string has to @@ -1763,7 +1763,7 @@ static int DetectAddressMatch(DetectAddress *dd, Address *a) #ifdef DEBUG /** * \brief Prints the address data held by the DetectAddress. If the address - * data family is IPv4, we print the the ipv4 address and mask, and + * data family is IPv4, we print the ipv4 address and mask, and * if the address data family is IPv6, we print the ipv6 address and * mask. * diff --git a/src/detect-engine-build.c b/src/detect-engine-build.c index f12fef1cbc..73b1d2a111 100644 --- a/src/detect-engine-build.c +++ b/src/detect-engine-build.c @@ -1526,8 +1526,8 @@ int CreateGroupedPortList(DetectEngineCtx *de_ctx, DetectPort *port_list, Detect uint32_t groups = 0; DetectPort *list; - /* insert the addresses into the tmplist, where it will - * be sorted descending on 'cnt' and on wehther a group + /* insert the addresses into the tmplist, where it will + * be sorted descending on 'cnt' and on whether a group * is whitelisted. */ DetectPort *oldhead = port_list; diff --git a/src/detect-engine-content-inspection.c b/src/detect-engine-content-inspection.c index edb7804b24..38be242b32 100644 --- a/src/detect-engine-content-inspection.c +++ b/src/detect-engine-content-inspection.c @@ -70,7 +70,7 @@ * * The following keywords are inspected: * - content, including all the http and dce modified contents - * - isdaatat + * - isdataat * - pcre * - bytejump * - bytetest diff --git a/src/detect-engine-enip.c b/src/detect-engine-enip.c index 117191597c..0c5fb0a81c 100644 --- a/src/detect-engine-enip.c +++ b/src/detect-engine-enip.c @@ -158,7 +158,7 @@ static int CIPPathMatch(CIPServiceEntry *svc, DetectCipServiceData *cipserviced) /** * \brief Matches the rule to the ENIP Transaction - * @param enip_data - the ENIP transation + * @param enip_data - the ENIP transaction * * @param cipserviced - the CIP service rule */ diff --git a/src/detect-engine-loader.c b/src/detect-engine-loader.c index 45ea349abd..217665b24a 100644 --- a/src/detect-engine-loader.c +++ b/src/detect-engine-loader.c @@ -334,7 +334,7 @@ int SigLoadSignatures(DetectEngineCtx *de_ctx, char *sig_file, int sig_file_excl } } - /* If a Signature file is specified from commandline, parse it too */ + /* If a Signature file is specified from command-line, parse it too */ if (sig_file != NULL) { ret = ProcessSigFiles(de_ctx, sig_file, sig_stat, &good_sigs, &bad_sigs); diff --git a/src/detect-engine-payload.c b/src/detect-engine-payload.c index 6adbc7a775..5ce63109ac 100644 --- a/src/detect-engine-payload.c +++ b/src/detect-engine-payload.c @@ -375,8 +375,8 @@ uint8_t DetectEngineInspectStream(DetectEngineCtx *de_ctx, DetectEngineThreadCtx #ifdef UNITTESTS #include "detect-engine-alert.h" -/** \test Not the first but the second occurence of "abc" should be used - * for the 2nd match */ +/** \test Not the first but the second occurrence of "abc" should be used + * for the 2nd match */ static int PayloadTestSig01 (void) { uint8_t *buf = (uint8_t *) diff --git a/src/detect-engine-port.c b/src/detect-engine-port.c index 5129a6b92b..04d2a49d55 100644 --- a/src/detect-engine-port.c +++ b/src/detect-engine-port.c @@ -22,7 +22,7 @@ * * Ports part of the detection engine. * - * \todo more unittesting + * \todo more unit testing * */ diff --git a/src/detect-engine-proto.c b/src/detect-engine-proto.c index d864e7270f..5ead3d8d93 100644 --- a/src/detect-engine-proto.c +++ b/src/detect-engine-proto.c @@ -335,7 +335,7 @@ static int DetectProtoTestSetup01(void) } /** - * \test DetectrotoTestSetup02 is a test for a icmpv4 and icmpv6 + * \test DetectProtoTestSetup02 is a test for a icmpv4 and icmpv6 * protocol setting up in signature. */ static int DetectProtoTestSetup02(void) diff --git a/src/detect-engine-siggroup.c b/src/detect-engine-siggroup.c index 7a895104f2..67af1c115c 100644 --- a/src/detect-engine-siggroup.c +++ b/src/detect-engine-siggroup.c @@ -756,7 +756,7 @@ int SigGroupHeadContainsSigId(DetectEngineCtx *de_ctx, SigGroupHead *sgh, if ( !(sgh->init->sig_array[sig / 8] & (1 << (sig % 8))) ) continue; - /* If we have reached here, we have an entry for sid in the SigGrouHead. + /* If we have reached here, we have an entry for sid in the SigGroupHead. * Retrieve the Signature from the detection engine context */ s = de_ctx->sig_array[sig]; if (s == NULL) diff --git a/src/detect-engine-state.c b/src/detect-engine-state.c index aabb02f74d..6fd7f96e58 100644 --- a/src/detect-engine-state.c +++ b/src/detect-engine-state.c @@ -19,7 +19,7 @@ * \defgroup sigstate State support * * State is stored in the ::DetectEngineState structure. This is - * basically a containter for storage item of type ::DeStateStore. + * basically a container for storage item of type ::DeStateStore. * They contains an array of ::DeStateStoreItem which store the * state of match for an individual signature identified by * DeStateStoreItem::sid. diff --git a/src/detect-engine-tag.c b/src/detect-engine-tag.c index 3f2bc173b8..aceb5f10c6 100644 --- a/src/detect-engine-tag.c +++ b/src/detect-engine-tag.c @@ -534,7 +534,7 @@ void TagHandlePacket(DetectEngineCtx *de_ctx, } /** - * \brief Removes the entries exceding the max timeout value + * \brief Removes the entries exceeding the max timeout value * * \param tag_ctx Tag context * \param ts the current time diff --git a/src/detect-engine-threshold.c b/src/detect-engine-threshold.c index 7df117c116..b5ac8670d0 100644 --- a/src/detect-engine-threshold.c +++ b/src/detect-engine-threshold.c @@ -590,7 +590,7 @@ static int ThresholdHandlePacketRule(DetectEngineCtx *de_ctx, Packet *p, /** * \brief Make the threshold logic for signatures * - * \param de_ctx Dectection Context + * \param de_ctx Detection Context * \param tsh_ptr Threshold element * \param p Packet structure * \param s Signature structure @@ -641,7 +641,7 @@ int PacketAlertThreshold(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx /** * \brief Init threshold context hash tables * - * \param de_ctx Dectection Context + * \param de_ctx Detection Context * */ void ThresholdHashInit(DetectEngineCtx *de_ctx) @@ -722,7 +722,7 @@ void ThresholdHashAllocate(DetectEngineCtx *de_ctx) /** * \brief Destroy threshold context hash tables * - * \param de_ctx Dectection Context + * \param de_ctx Detection Context * */ void ThresholdContextDestroy(DetectEngineCtx *de_ctx) diff --git a/src/detect-engine.h b/src/detect-engine.h index 7766490ac2..097b2d7de2 100644 --- a/src/detect-engine.h +++ b/src/detect-engine.h @@ -43,7 +43,7 @@ void InspectionBufferSetupMulti(InspectionBuffer *buffer, const DetectEngineTran InspectionBuffer *InspectionBufferMultipleForListGet( DetectEngineThreadCtx *det_ctx, const int list_id, uint32_t local_id); -/* start up registery funcs */ +/* start up registry funcs */ int DetectBufferTypeRegister(const char *name); int DetectBufferTypeGetByName(const char *name); diff --git a/src/detect-fileext.c b/src/detect-fileext.c index 80f1d71ab9..9227943602 100644 --- a/src/detect-fileext.c +++ b/src/detect-fileext.c @@ -136,7 +136,7 @@ static int DetectFileextMatch (DetectEngineThreadCtx *det_ctx, } /** - * \brief This function is used to parse fileet + * \brief This function is used to parse fileext * * \param de_ctx Pointer to the detection engine context * \param str Pointer to the fileext value string diff --git a/src/detect-flow.c b/src/detect-flow.c index ce81d581f6..4739fdd48a 100644 --- a/src/detect-flow.c +++ b/src/detect-flow.c @@ -790,7 +790,7 @@ static int DetectFlowTestParseNocase11 (void) } /** - * \test DetectFlowTestParse12 is a test for setting an invalid seperator : + * \test DetectFlowTestParse12 is a test for setting an invalid separator : */ static int DetectFlowTestParse12 (void) { diff --git a/src/detect-flowbits.c b/src/detect-flowbits.c index 72eeaa4f6e..a0ccda9cf1 100644 --- a/src/detect-flowbits.c +++ b/src/detect-flowbits.c @@ -784,7 +784,7 @@ static int FlowBitsTestParse01(void) /** * \test FlowBitsTestSig01 is a test for a valid noalert flowbits option * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ @@ -809,7 +809,7 @@ static int FlowBitsTestSig01(void) /** * \test FlowBitsTestSig02 is a test for a valid isset,set,isnotset,unset,toggle flowbits options * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ @@ -853,7 +853,7 @@ static int FlowBitsTestSig02(void) /** * \test FlowBitsTestSig03 is a test for a invalid flowbits option * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ @@ -878,7 +878,7 @@ static int FlowBitsTestSig03(void) /** * \test FlowBitsTestSig04 is a test check idx value * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ @@ -906,7 +906,7 @@ static int FlowBitsTestSig04(void) /** * \test FlowBitsTestSig05 is a test check noalert flag * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ @@ -932,7 +932,7 @@ static int FlowBitsTestSig05(void) /** * \test FlowBitsTestSig06 is a test set flowbits option * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ @@ -1005,7 +1005,7 @@ static int FlowBitsTestSig06(void) /** * \test FlowBitsTestSig07 is a test unset flowbits option * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ @@ -1078,9 +1078,9 @@ static int FlowBitsTestSig07(void) } /** - * \test FlowBitsTestSig08 is a test toogle flowbits option + * \test FlowBitsTestSig08 is a test toggle flowbits option * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ diff --git a/src/detect-flowint.c b/src/detect-flowint.c index 7c606ca17e..7b9c223855 100644 --- a/src/detect-flowint.c +++ b/src/detect-flowint.c @@ -86,7 +86,7 @@ void DetectFlowintRegister(void) * \param m pointer to the sigmatch that we will cast into DetectFlowintData * * \retval 0 no match, when a var doesn't exist - * \retval 1 match, when a var is initialized well, add/substracted, or a true + * \retval 1 match, when a var is initialized well, add/subtracted, or a true * condition */ int DetectFlowintMatch(DetectEngineThreadCtx *det_ctx, @@ -157,7 +157,7 @@ int DetectFlowintMatch(DetectEngineThreadCtx *det_ctx, } if (sfd->modifier == FLOWINT_MODIFIER_SUB) { - SCLogDebug("Substracting %u to %s", targetval, sfd->name); + SCLogDebug("Subtracting %u to %s", targetval, sfd->name); FlowVarAddIntNoLock(p->flow, sfd->idx, fv->data.fv_int.value - targetval); ret = 1; @@ -430,7 +430,7 @@ void DetectFlowintFree(DetectEngineCtx *de_ctx, void *tmp) #ifdef UNITTESTS #include "detect-engine-alert.h" /** - * \brief This is a helper funtion used for debugging purposes + * \brief This is a helper function used for debugging purposes */ static void DetectFlowintPrintData(DetectFlowintData *sfd) { @@ -685,7 +685,7 @@ static int DetectFlowintTestParseVar04(void) /** * \test DetectFlowintTestParseVal05 is a test to make sure that we set the - * DetectFlowint correctly for cheking if not equal to a valid target value + * DetectFlowint correctly for checking if not equal to a valid target value */ static int DetectFlowintTestParseVal05(void) { @@ -742,7 +742,7 @@ static int DetectFlowintTestParseVar05(void) /** * \test DetectFlowintTestParseVal06 is a test to make sure that we set the - * DetectFlowint correctly for cheking if greater than a valid target value + * DetectFlowint correctly for checking if greater than a valid target value */ static int DetectFlowintTestParseVal06(void) { @@ -799,7 +799,7 @@ static int DetectFlowintTestParseVar06(void) /** * \test DetectFlowintTestParseVal07 is a test to make sure that we set the - * DetectFlowint correctly for cheking if greater or equal than a valid target value + * DetectFlowint correctly for checking if greater or equal than a valid target value */ static int DetectFlowintTestParseVal07(void) { @@ -856,7 +856,7 @@ static int DetectFlowintTestParseVar07(void) /** * \test DetectFlowintTestParseVal08 is a test to make sure that we set the - * DetectFlowint correctly for cheking if lower or equal than a valid target value + * DetectFlowint correctly for checking if lower or equal than a valid target value */ static int DetectFlowintTestParseVal08(void) { @@ -913,7 +913,7 @@ static int DetectFlowintTestParseVar08(void) /** * \test DetectFlowintTestParseVal09 is a test to make sure that we set the - * DetectFlowint correctly for cheking if lower than a valid target value + * DetectFlowint correctly for checking if lower than a valid target value */ static int DetectFlowintTestParseVal09(void) { @@ -1097,7 +1097,7 @@ error: * and when that counter reach 6 packets. * * All the Signatures generate an alert(its for testing) - * but the ignature that increment the second counter +1, that has + * but the signature that increment the second counter +1, that has * a "noalert", so we can do all increments * silently until we reach 6 next packets counted */ diff --git a/src/detect-flowint.h b/src/detect-flowint.h index 9caf68258c..1f4d22751f 100644 --- a/src/detect-flowint.h +++ b/src/detect-flowint.h @@ -45,7 +45,7 @@ enum { FLOWINT_MODIFIER_UNKNOWN }; -/** The target can be a value, or another variable arleady declared */ +/** The target can be a value, or another variable already declared */ enum { FLOWINT_TARGET_VAL, FLOWINT_TARGET_VAR, diff --git a/src/detect-flowvar.c b/src/detect-flowvar.c index 0d85f1c6d1..c8cffecced 100644 --- a/src/detect-flowvar.c +++ b/src/detect-flowvar.c @@ -70,7 +70,7 @@ void DetectFlowvarRegister (void) /** * \brief this function will SCFree memory associated with DetectFlowvarData * - * \param cd pointer to DetectCotentData + * \param cd pointer to DetectContentData */ static void DetectFlowvarDataFree(DetectEngineCtx *de_ctx, void *ptr) { diff --git a/src/detect-fragbits.c b/src/detect-fragbits.c index 2bc29b8f45..421dfe5b2b 100644 --- a/src/detect-fragbits.c +++ b/src/detect-fragbits.c @@ -391,7 +391,7 @@ static bool PrefilterFragBitsIsPrefilterable(const Signature *s) /** * \test FragBitsTestParse01 is a test for a valid fragbits value * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ static int FragBitsTestParse01 (void) @@ -409,7 +409,7 @@ static int FragBitsTestParse01 (void) /** * \test FragBitsTestParse02 is a test for an invalid fragbits value * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ static int FragBitsTestParse02 (void) diff --git a/src/detect-ftpbounce.c b/src/detect-ftpbounce.c index 6fe9457c25..b9134b11cb 100644 --- a/src/detect-ftpbounce.c +++ b/src/detect-ftpbounce.c @@ -97,7 +97,7 @@ static int DetectFtpbounceMatchArgs( /* PrintRawDataFp(stdout, payload, payload_len); */ if (payload_len < 7) { - /* we need at least a differet ip address + /* we need at least a different ip address * in the format 1,2,3,4,x,y where x,y is the port * in two byte representation so let's look at * least for the IP octets in comma separated */ @@ -220,14 +220,14 @@ int DetectFtpbounceSetup(DetectEngineCtx *de_ctx, Signature *s, const char *ftpb sm->type = DETECT_FTPBOUNCE; /* We don't need to allocate any data for ftpbounce here. - * - * TODO: As a suggestion, maybe we can add a flag in the flow - * to set the stream as "bounce detected" for fast Match. - * When you do a ftp bounce attack you usually use the same - * communication control stream to "setup" various destinations - * whithout breaking the connection, so I guess we can make it a bit faster - * with a flow flag set lookup in the Match function. - */ + * + * TODO: As a suggestion, maybe we can add a flag in the flow + * to set the stream as "bounce detected" for fast Match. + * When you do a ftp bounce attack you usually use the same + * communication control stream to "setup" various destinations + * without breaking the connection, so I guess we can make it a bit faster + * with a flow flag set lookup in the Match function. + */ sm->ctx = NULL; SigMatchAppendSMToList(s, sm, g_ftp_request_list_id); diff --git a/src/detect-ftpdata.h b/src/detect-ftpdata.h index aa16215973..9345c68e82 100644 --- a/src/detect-ftpdata.h +++ b/src/detect-ftpdata.h @@ -27,7 +27,7 @@ #include "app-layer-ftp.h" /** Per keyword data. This is set up by the DetectFtpcommandSetup() function. - * Each signature will have an instance of DetectFtpcommandData per occurence + * Each signature will have an instance of DetectFtpcommandData per occurrence * of the keyword. * The structure should be considered static/readonly after initialization. */ diff --git a/src/detect-geoip.c b/src/detect-geoip.c index 13454e93db..d3f6c14ecd 100644 --- a/src/detect-geoip.c +++ b/src/detect-geoip.c @@ -351,7 +351,7 @@ static DetectGeoipData *DetectGeoipDataParse (DetectEngineCtx *de_ctx, const cha } if (geoipdata->nlocations >= GEOOPTION_MAXLOCATIONS) { - SCLogError("too many arguements for geoip keyword"); + SCLogError("too many arguments for geoip keyword"); goto error; } diff --git a/src/detect-hostbits.c b/src/detect-hostbits.c index f5860b5357..ee8203e18a 100644 --- a/src/detect-hostbits.c +++ b/src/detect-hostbits.c @@ -62,10 +62,11 @@ TODO: hostbits:set,bitname,both,120; */ -#define PARSE_REGEX "^([a-z]+)" /* Action */ \ - "(?:\\s*,\\s*([^\\s,]+))?(?:\\s*)?" /* Name. */ \ - "(?:\\s*,\\s*([^,\\s]+))?(?:\\s*)?" /* Direction. */ \ - "(.+)?" /* Any remainding data. */ +#define PARSE_REGEX \ + "^([a-z]+)" /* Action */ \ + "(?:\\s*,\\s*([^\\s,]+))?(?:\\s*)?" /* Name. */ \ + "(?:\\s*,\\s*([^,\\s]+))?(?:\\s*)?" /* Direction. */ \ + "(.+)?" /* Any remaining data. */ static DetectParseRegex parse_regex; static int DetectHostbitMatch (DetectEngineThreadCtx *, Packet *, @@ -544,7 +545,7 @@ static int HostBitsTestParse01(void) /** * \test HostBitsTestSig01 is a test for a valid noalert flowbits option * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ @@ -594,7 +595,7 @@ static int HostBitsTestSig01(void) /** * \test various options * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ @@ -643,7 +644,7 @@ static int HostBitsTestSig02(void) /** * \test HostBitsTestSig03 is a test check idx value * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ diff --git a/src/detect-http-request-line.c b/src/detect-http-request-line.c index 2dc64c644c..d124118aaa 100644 --- a/src/detect-http-request-line.c +++ b/src/detect-http-request-line.c @@ -149,7 +149,7 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, #include "stream-tcp-reassemble.h" /** - * \test Test that a signature containting a http_request_line is correctly parsed + * \test Test that a signature containing a http_request_line is correctly parsed * and the keyword is registered. */ static int DetectHttpRequestLineTest01(void) diff --git a/src/detect-http-response-line.c b/src/detect-http-response-line.c index 2965c5b48b..2ce97eefe2 100644 --- a/src/detect-http-response-line.c +++ b/src/detect-http-response-line.c @@ -148,7 +148,7 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, #include "stream-tcp-reassemble.h" /** - * \test Test that a signature containting a http_response_line is correctly parsed + * \test Test that a signature containing a http_response_line is correctly parsed * and the keyword is registered. */ static int DetectHttpResponseLineTest01(void) diff --git a/src/detect-l3proto.c b/src/detect-l3proto.c index 355e52dfbb..6e08cf978b 100644 --- a/src/detect-l3proto.c +++ b/src/detect-l3proto.c @@ -234,7 +234,7 @@ static int DetectL3protoTestSig2(void) /** * \test DetectL3protoTestSig03 is a test for checking the working of l3proto keyword - * in conjonction with ip_proto keyword. + * in conjunction with ip_proto keyword. */ static int DetectL3protoTestSig3(void) diff --git a/src/detect-metadata.c b/src/detect-metadata.c index 316241f36b..6c6c8de7ff 100644 --- a/src/detect-metadata.c +++ b/src/detect-metadata.c @@ -23,7 +23,7 @@ * Implements metadata keyword support * * \todo Do we need to do anything more this is used in snort host attribute table - * It is also used for rule managment. + * It is also used for rule management. */ #include "suricata-common.h" @@ -83,7 +83,7 @@ void DetectMetadataHashFree(DetectEngineCtx *de_ctx) HashTableFree(de_ctx->metadata_table); } -static const char *DetectMedatataHashAdd(DetectEngineCtx *de_ctx, const char *string) +static const char *DetectMetadataHashAdd(DetectEngineCtx *de_ctx, const char *string) { const char *hstring = (char *)HashTableLookup( de_ctx->metadata_table, (void *)string, (uint16_t)strlen(string)); @@ -205,13 +205,13 @@ static int DetectMetadataParse(DetectEngineCtx *de_ctx, Signature *s, const char goto next; } - const char *hkey = DetectMedatataHashAdd(de_ctx, key); + const char *hkey = DetectMetadataHashAdd(de_ctx, key); if (hkey == NULL) { SCLogError("can't create metadata key"); continue; } - const char *hval = DetectMedatataHashAdd(de_ctx, val); + const char *hval = DetectMetadataHashAdd(de_ctx, val); if (hval == NULL) { SCLogError("can't create metadata value"); goto next; diff --git a/src/detect-nocase.c b/src/detect-nocase.c index c59d1a5e1a..34e60507e2 100644 --- a/src/detect-nocase.c +++ b/src/detect-nocase.c @@ -66,7 +66,7 @@ static int DetectNocaseSetup (DetectEngineCtx *de_ctx, Signature *s, const char goto end; } - /* retrive the sm to apply the nocase against */ + /* retrieve the sm to apply the nocase against */ pm = DetectGetLastSMFromLists(s, DETECT_CONTENT, -1); if (pm == NULL) { SCLogError("nocase needs " diff --git a/src/detect-offset.c b/src/detect-offset.c index b1746c7219..dd56e9a482 100644 --- a/src/detect-offset.c +++ b/src/detect-offset.c @@ -55,7 +55,7 @@ int DetectOffsetSetup (DetectEngineCtx *de_ctx, Signature *s, const char *offset { const char *str = offsetstr; - /* retrive the sm to apply the offset against */ + /* retrieve the sm to apply the offset against */ SigMatch *pm = DetectGetLastSMFromLists(s, DETECT_CONTENT, -1); if (pm == NULL) { SCLogError("offset needs preceding content option."); diff --git a/src/detect-parse.c b/src/detect-parse.c index 7e5e8dcef2..8de7fba9a9 100644 --- a/src/detect-parse.c +++ b/src/detect-parse.c @@ -1004,7 +1004,7 @@ error: * protocol has to be added. * \param protostr Pointer to the character string containing the protocol name. * - * \retval 0 On successfully parsing the protocl sent as the argument. + * \retval 0 On successfully parsing the protocol sent as the argument. * \retval -1 On failure */ static int SigParseProto(Signature *s, const char *protostr) @@ -4175,7 +4175,7 @@ end: return result; } -static int SigParseTestUnblanacedQuotes01(void) +static int SigParseTestUnbalancedQuotes01(void) { DetectEngineCtx *de_ctx; Signature *s; @@ -4184,7 +4184,10 @@ static int SigParseTestUnblanacedQuotes01(void) FAIL_IF_NULL(de_ctx); de_ctx->flags |= DE_QUIET; - s = SigInit(de_ctx, "alert http any any -> any any (msg:\"SigParseTestUnblanacedQuotes01\"; pcre:\"/\\/[a-z]+\\.php\\?[a-z]+?=\\d{7}&[a-z]+?=\\d{7,8}$/U\" flowbits:set,et.exploitkitlanding; classtype:trojan-activity; sid:2017078; rev:5;)"); + s = SigInit(de_ctx, + "alert http any any -> any any (msg:\"SigParseTestUnbalancedQuotes01\"; " + "pcre:\"/\\/[a-z]+\\.php\\?[a-z]+?=\\d{7}&[a-z]+?=\\d{7,8}$/U\" " + "flowbits:set,et.exploitkitlanding; classtype:trojan-activity; sid:2017078; rev:5;)"); FAIL_IF_NOT_NULL(s); PASS; @@ -4395,8 +4398,7 @@ void SigParseRegisterTests(void) UtRegisterTest("SigParseTestAppLayerTLS01", SigParseTestAppLayerTLS01); UtRegisterTest("SigParseTestAppLayerTLS02", SigParseTestAppLayerTLS02); UtRegisterTest("SigParseTestAppLayerTLS03", SigParseTestAppLayerTLS03); - UtRegisterTest("SigParseTestUnblanacedQuotes01", - SigParseTestUnblanacedQuotes01); + UtRegisterTest("SigParseTestUnbalancedQuotes01", SigParseTestUnbalancedQuotes01); UtRegisterTest("SigParseTestContentGtDsize01", SigParseTestContentGtDsize01); diff --git a/src/detect-pcre.c b/src/detect-pcre.c index 5a63c2cd50..0d3db1b2a7 100644 --- a/src/detect-pcre.c +++ b/src/detect-pcre.c @@ -636,7 +636,7 @@ static DetectPcreData *DetectPcreParse (DetectEngineCtx *de_ctx, pd->parse_regex.regex = pcre2_compile((PCRE2_SPTR8)re, PCRE2_ZERO_TERMINATED, opts, &en, &eo2, NULL); - if (pd->parse_regex.regex == NULL && en == 115) { // reference to non-existent subpattern + if (pd->parse_regex.regex == NULL && en == 115) { // reference to nonexistent subpattern opts &= ~PCRE2_NO_AUTO_CAPTURE; pd->parse_regex.regex = pcre2_compile((PCRE2_SPTR8)re, PCRE2_ZERO_TERMINATED, opts, &en, &eo2, NULL); diff --git a/src/detect-reference.c b/src/detect-reference.c index 381542d97d..d3fe1a0559 100644 --- a/src/detect-reference.c +++ b/src/detect-reference.c @@ -212,7 +212,7 @@ static int DetectReferenceSetup(DetectEngineCtx *de_ctx, Signature *s, /** * \test one valid reference. * - * \retval 1 on succces. + * \retval 1 on success. * \retval 0 on failure. */ static int DetectReferenceParseTest01(void) @@ -241,7 +241,7 @@ static int DetectReferenceParseTest01(void) /** * \test for two valid references. * - * \retval 1 on succces. + * \retval 1 on success. * \retval 0 on failure. */ static int DetectReferenceParseTest02(void) @@ -277,7 +277,7 @@ static int DetectReferenceParseTest02(void) /** * \test parsing: invalid reference. * - * \retval 1 on succces. + * \retval 1 on success. * \retval 0 on failure. */ static int DetectReferenceParseTest03(void) diff --git a/src/detect-replace.c b/src/detect-replace.c index f14c90acef..eae52a5a29 100644 --- a/src/detect-replace.c +++ b/src/detect-replace.c @@ -177,7 +177,7 @@ error: /* Add to the head of the replace-list. * * The first to add to the replace-list has the highest priority. So, - * adding the the head of the list results in the newest modifications + * adding the head of the list results in the newest modifications * of content being applied first, so later changes can over ride * earlier changes. Thus the highest priority modifications should be * applied last. diff --git a/src/detect-ssh-hassh-server.c b/src/detect-ssh-hassh-server.c index 29dfedb58d..295284108f 100644 --- a/src/detect-ssh-hassh-server.c +++ b/src/detect-ssh-hassh-server.c @@ -146,7 +146,7 @@ static bool DetectSshHasshServerHashValidateCallback(const Signature *s, const c } for (size_t i = 0; i < cd->content_len; ++i) { if (!isxdigit(cd->content[i])) { - *sigerror = "Invalid ssh.hassh.server string (should be string of hexademical " + *sigerror = "Invalid ssh.hassh.server string (should be string of hexadecimal " "characters)." "This rule will therefore never match."; SCLogWarning("rule %u: %s", s->id, *sigerror); diff --git a/src/detect-ssh-hassh.c b/src/detect-ssh-hassh.c index 75a88d25d5..b410a5ffee 100644 --- a/src/detect-ssh-hassh.c +++ b/src/detect-ssh-hassh.c @@ -149,7 +149,7 @@ static bool DetectSshHasshHashValidateCallback(const Signature *s, for (size_t i = 0; i < cd->content_len; ++i) { if (!isxdigit(cd->content[i])) { *sigerror = - "Invalid ssh.hassh string (should be string of hexademical characters)." + "Invalid ssh.hassh string (should be string of hexadecimal characters)." "This rule will therefore never match."; SCLogWarning("rule %u: %s", s->id, *sigerror); return false; diff --git a/src/detect-ssh-software-version.c b/src/detect-ssh-software-version.c index 3048a81dec..b8a74e538a 100644 --- a/src/detect-ssh-software-version.c +++ b/src/detect-ssh-software-version.c @@ -27,7 +27,7 @@ * also specify the version, something like * ssh.softwareversion:"PuTTY-Release-0.55" * I find this useful to match over a known vulnerable server/client - * software version incombination to other checks, so you can know + * software version in combination to other checks, so you can know * that the risk is higher */ diff --git a/src/detect-ssl-state.h b/src/detect-ssl-state.h index 39179612ad..2196ae019d 100644 --- a/src/detect-ssl-state.h +++ b/src/detect-ssl-state.h @@ -24,8 +24,7 @@ #ifndef DETECT_SSL_STATE_H #define DETECT_SSL_STATE_H - -/* we pick these flags flags from the parser */ +/* we pick these flags from the parser */ #define DETECT_SSL_STATE_CLIENT_HELLO SSL_AL_FLAG_STATE_CLIENT_HELLO #define DETECT_SSL_STATE_SERVER_HELLO SSL_AL_FLAG_STATE_SERVER_HELLO #define DETECT_SSL_STATE_CLIENT_KEYX SSL_AL_FLAG_STATE_CLIENT_KEYX diff --git a/src/detect-tcp-flags.c b/src/detect-tcp-flags.c index 4aff76d079..23a3bd23b0 100644 --- a/src/detect-tcp-flags.c +++ b/src/detect-tcp-flags.c @@ -618,7 +618,7 @@ static bool PrefilterTcpFlagsIsPrefilterable(const Signature *s) /** * \test FlagsTestParse01 is a test for a valid flags value * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ static int FlagsTestParse01 (void) @@ -633,7 +633,7 @@ static int FlagsTestParse01 (void) /** * \test FlagsTestParse02 is a test for an invalid flags value * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ static int FlagsTestParse02 (void) @@ -705,7 +705,7 @@ error: /** * \test FlagsTestParse04 check if ACK bit is set. Must fails. * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ static int FlagsTestParse04 (void) @@ -1141,7 +1141,7 @@ error: /** * \test FlagsTestParse12 check if no flags are set. Must fails. * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ static int FlagsTestParse12 (void) @@ -1198,7 +1198,7 @@ error: /** * \test test for a valid flags value * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ static int FlagsTestParse13 (void) diff --git a/src/detect-tcp-flags.h b/src/detect-tcp-flags.h index 994def6261..e5920b9c55 100644 --- a/src/detect-tcp-flags.h +++ b/src/detect-tcp-flags.h @@ -38,7 +38,7 @@ typedef struct DetectFlagsData_ { uint8_t flags; /**< TCP flags */ uint8_t modifier; /**< !(1) +(2) *(3) modifiers */ - uint8_t ignored_flags; /**< Ignored TCP flags defined by modifer , */ + uint8_t ignored_flags; /**< Ignored TCP flags defined by modifier , */ } DetectFlagsData; /** diff --git a/src/detect-tcp-window.c b/src/detect-tcp-window.c index c68c0105d7..c0817c93bf 100644 --- a/src/detect-tcp-window.c +++ b/src/detect-tcp-window.c @@ -148,7 +148,7 @@ static DetectWindowData *DetectWindowParse(DetectEngineCtx *de_ctx, const char * } /* Get the window size if it's a valid value (in packets, we - * should alert if this doesn't happend from decode) */ + * should alert if this doesn't happen from decode) */ if (StringParseUint16(&wd->size, 10, 0, copy_str) < 0) { goto error; } diff --git a/src/detect-tls-cert-fingerprint.c b/src/detect-tls-cert-fingerprint.c index bee1d01775..98ba46143d 100644 --- a/src/detect-tls-cert-fingerprint.c +++ b/src/detect-tls-cert-fingerprint.c @@ -74,7 +74,7 @@ void DetectTlsFingerprintRegister(void) sigmatch_table[DETECT_AL_TLS_CERT_FINGERPRINT].name = "tls.cert_fingerprint"; sigmatch_table[DETECT_AL_TLS_CERT_FINGERPRINT].alias = "tls_cert_fingerprint"; sigmatch_table[DETECT_AL_TLS_CERT_FINGERPRINT].desc = - "sticky byffer to match the TLS cert fingerprint buffer"; + "sticky buffer to match the TLS cert fingerprint buffer"; sigmatch_table[DETECT_AL_TLS_CERT_FINGERPRINT].url = "/rules/tls-keywords.html#tls-cert-fingerprint"; sigmatch_table[DETECT_AL_TLS_CERT_FINGERPRINT].Setup = DetectTlsFingerprintSetup; #ifdef UNITTESTS diff --git a/src/detect-uricontent.c b/src/detect-uricontent.c index a9f8d581ba..65d2c868f7 100644 --- a/src/detect-uricontent.c +++ b/src/detect-uricontent.c @@ -81,7 +81,7 @@ void DetectUricontentRegister (void) /** * \brief this function will Free memory associated with DetectContentData * - * \param cd pointer to DetectUricotentData + * \param cd pointer to DetectUricontentData */ void DetectUricontentFree(DetectEngineCtx *de_ctx, void *ptr) { @@ -115,7 +115,7 @@ int DetectUricontentSetup(DetectEngineCtx *de_ctx, Signature *s, const char *con const char *legacy = NULL; if (ConfGet("legacy.uricontent", &legacy) == 1) { if (strcasecmp("disabled", legacy) == 0) { - SCLogError("uriconent deprecated. To " + SCLogError("uricontent deprecated. To " "use a rule with \"uricontent\", either set the " "option - \"legacy.uricontent\" in the conf to " "\"enabled\" OR replace uricontent with " @@ -126,7 +126,7 @@ int DetectUricontentSetup(DetectEngineCtx *de_ctx, Signature *s, const char *con ; } else { SCLogError("Invalid value found " - "for legacy.uriconent - \"%s\". Valid values are " + "for legacy.uricontent - \"%s\". Valid values are " "\"enabled\" OR \"disabled\".", legacy); goto error; diff --git a/src/detect-urilen.c b/src/detect-urilen.c index 9add5838cc..a0736b3bf1 100644 --- a/src/detect-urilen.c +++ b/src/detect-urilen.c @@ -497,7 +497,7 @@ end: return res; } -/** \test Check a signature with gievn urilen */ +/** \test Check a signature with given urilen */ static int DetectUrilenSigTest01(void) { int result = 0; diff --git a/src/detect-xbits.c b/src/detect-xbits.c index 91fefa32d5..787b2dd50b 100644 --- a/src/detect-xbits.c +++ b/src/detect-xbits.c @@ -503,7 +503,7 @@ static int XBitsTestSig01(void) /** * \test various options * - * \retval 1 on succces + * \retval 1 on success * \retval 0 on failure */ diff --git a/src/detect.c b/src/detect.c index a140b0f879..5d75ebd61b 100644 --- a/src/detect.c +++ b/src/detect.c @@ -341,7 +341,7 @@ static inline void DetectPrefilterMergeSort(DetectEngineCtx *de_ctx, goto final; } /* otherwise, if nonmpm is done jump to final for mpm - * mpm ptrs alrady updated */ + * mpm ptrs already updated */ if (unlikely(--n_cnt == 0)) { final_ptr = mpm_ptr; final_cnt = m_cnt; @@ -1049,7 +1049,7 @@ DetectRunTxSortHelper(const void *a, const void *b) * detection. * * \param stored_flags pointer to stored flags or NULL. - * If stored_flags is set it means we're continueing + * If stored_flags is set it means we're continuing * inspection from an earlier run. * * \retval bool true sig matched, false didn't match @@ -1486,7 +1486,7 @@ static void DetectRunTx(ThreadVars *tv, if (inspect_flags) { /* continue previous inspection */ - SCLogDebug("%p/%"PRIu64" Continueing sid %u", tx.tx_ptr, tx.tx_id, s->id); + SCLogDebug("%p/%" PRIu64 " Continuing sid %u", tx.tx_ptr, tx.tx_id, s->id); } else { /* start new inspection */ SCLogDebug("%p/%"PRIu64" Start sid %u", tx.tx_ptr, tx.tx_id, s->id); @@ -1681,7 +1681,7 @@ static void DetectRunFrames(ThreadVars *tv, DetectEngineCtx *de_ctx, DetectEngin static DetectEngineThreadCtx *GetTenantById(HashTable *h, uint32_t id) { /* technically we need to pass a DetectEngineThreadCtx struct with the - * tentant_id member. But as that member is the first in the struct, we + * tenant_id member. But as that member is the first in the struct, we * can use the id directly. */ return HashTableLookup(h, &id, 0); } @@ -1724,7 +1724,7 @@ static void DetectNoFlow(ThreadVars *tv, DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, Packet *p) { - /* No need to perform any detection on this packet, if the the given flag is set.*/ + /* No need to perform any detection on this packet, if the given flag is set.*/ if ((p->flags & PKT_NOPACKET_INSPECTION) || (PacketCheckAction(p, ACTION_DROP))) { return; } -- 2.47.2