From: Philippe Antoine <contact@catenacyber.fr>
Date: Mon, 23 May 2022 15:49:49 +0000 (+0200)
Subject: modbus: bump up rust crate version
X-Git-Tag: suricata-7.0.0-beta1~523
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6224e283fab12ebe75b635f9b3085d25525a40bc;p=thirdparty%2Fsuricata.git

modbus: bump up rust crate version

So that probing parser is more strict and does not accept unknown
function code as valid modbus.

Ticket: #5377
---

diff --git a/rust/Cargo.toml.in b/rust/Cargo.toml.in
index be8e02f783..12fcbae906 100644
--- a/rust/Cargo.toml.in
+++ b/rust/Cargo.toml.in
@@ -36,8 +36,8 @@ widestring = "~0.4.3"
 flate2 = "~1.0.19"
 brotli = "~3.3.0"
 
-sawp-modbus = "~0.5.0"
-sawp = "~0.5.0"
+sawp-modbus = "~0.11.0"
+sawp = "~0.11.0"
 der-parser = "~4.0.2"
 kerberos-parser = "~0.5.0"
 ntp-parser = "~0.6.0"
diff --git a/rust/src/modbus/modbus.rs b/rust/src/modbus/modbus.rs
index ac08703c64..9d10d04ddc 100644
--- a/rust/src/modbus/modbus.rs
+++ b/rust/src/modbus/modbus.rs
@@ -26,7 +26,7 @@ use sawp::probe::{Probe, Status};
 use sawp_modbus::{self, AccessType, ErrorFlags, Flags, Message};
 
 pub const REQUEST_FLOOD: usize = 500; // Default unreplied Modbus requests are considered a flood
-pub const MODBUS_PARSER: sawp_modbus::Modbus = sawp_modbus::Modbus {};
+pub const MODBUS_PARSER: sawp_modbus::Modbus = sawp_modbus::Modbus { probe_strict: true };
 
 static mut ALPROTO_MODBUS: AppProto = ALPROTO_UNKNOWN;