detect-xbits: error on some invalid config

diff --git a/src/detect-xbits.c b/src/detect-xbits.c
index c521076e30b6e28f67b4b91b4f78cb459574a278..e722193609501161104501161cc502119508a4a6 100644 (file)
--- a/src/detect-xbits.c
+++ b/src/detect-xbits.c
@@ -53,7 +53,7 @@
     xbits:set,bitname,track ip_pair,expire 60
  */
 
-#define PARSE_REGEX     "([a-z]+)" "(?:,\\s*([^,]+))?" "(?:,\\s*(?:track\\s+([^,]+)))" "(?:,\\s*(?:expire\\s+([^,]+)))?"
+#define PARSE_REGEX     "^([a-z]+)" "(?:,\\s*([^,]+))?" "(?:,\\s*(?:track\\s+([^,]+)))" "(?:,\\s*(?:expire\\s+([^,]+)))?"
 static pcre *parse_regex;
 static pcre_extra *parse_regex_study;
 
@@ -528,6 +528,10 @@ static int XBitsTestSig02(void)
             "alert ip any any -> any any (xbits:toggle,abc,track ip_dst; content:\"GET \"; sid:5;)");
     FAIL_IF_NULL(s);
 
+    s = DetectEngineAppendSig(de_ctx,
+            "alert ip any any -> any any (xbits:!set,abc,track ip_dst; content:\"GET \"; sid:6;)");
+    FAIL_IF_NOT_NULL(s);
+
     DetectEngineCtxFree(de_ctx);
     PASS;
 }