From: Victor Julien <victor@inliniac.net>
Date: Wed, 17 Dec 2014 09:30:34 +0000 (+0100)
Subject: detect: add test for memcmp issue
X-Git-Tag: suricata-2.1beta3~54
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=43a1007788b453fdaffcd8e7ca74d47e0e510863;p=thirdparty%2Fsuricata.git

detect: add test for memcmp issue
---

diff --git a/src/detect.c b/src/detect.c
index c1cd88542b..54d035af6c 100644
--- a/src/detect.c
+++ b/src/detect.c
@@ -11562,6 +11562,65 @@ end:
     return result;
 }
 
+/** \test almost identical patterns */
+static int SigTestBug01(void)
+{
+    int result = 0;
+    Packet *p1 = NULL;
+    Signature *s = NULL;
+    ThreadVars tv;
+    DetectEngineThreadCtx *det_ctx = NULL;
+    uint8_t payload[] = "!mymy";
+
+    memset(&tv, 0, sizeof(ThreadVars));
+
+    p1 = UTHBuildPacket(payload, sizeof(payload), IPPROTO_TCP);
+
+    DetectEngineCtx *de_ctx = DetectEngineCtxInit();
+    if (de_ctx == NULL) {
+        goto end;
+    }
+    de_ctx->flags |= DE_QUIET;
+
+    s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any "
+                                   "(content:\"Omymy\"; nocase; sid:1;)");
+    if (s == NULL) {
+        goto end;
+    }
+    s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any "
+                                   "(content:\"!mymy\"; nocase; sid:2;)");
+    if (s == NULL) {
+        goto end;
+    }
+
+    SigGroupBuild(de_ctx);
+    DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
+
+    /* do detect */
+    SigMatchSignatures(&tv, de_ctx, det_ctx, p1);
+
+    if (PacketAlertCheck(p1, 1)) {
+        printf("sig 1 alerted on p1, but it should not: ");
+        goto end;
+    }
+    if (!(PacketAlertCheck(p1, 2))) {
+        printf("sig 2 did not p1, but it should have: ");
+        goto end;
+    }
+
+    result = 1;
+end:
+    if (det_ctx != NULL)
+        DetectEngineThreadCtxDeinit(&tv, det_ctx);
+    if (de_ctx != NULL)
+        SigGroupCleanup(de_ctx);
+    if (de_ctx != NULL)
+        DetectEngineCtxFree(de_ctx);
+
+    UTHFreePackets(&p1, 1);
+    return result;
+}
+
 static const char *dummy_conf_string2 =
     "%YAML 1.1\n"
     "---\n"
@@ -11966,6 +12025,7 @@ void SigRegisterTests(void)
     UtRegisterTest("DetectAddressYamlParsing04", DetectAddressYamlParsing04, 1);
 
     UtRegisterTest("SigTestPorts01", SigTestPorts01, 1);
+    UtRegisterTest("SigTestBug01", SigTestBug01, 1);
 
     DetectSimdRegisterTests();
 #endif /* UNITTESTS */