From: Victor Julien <victor@inliniac.net>
Date: Thu, 20 Nov 2014 13:18:03 +0000 (+0100)
Subject: Bug 977: -T / --init-errors-fatal to process all rules
X-Git-Tag: suricata-2.1beta3~112
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d951de2f199d67d0e516cfd11db1612ffee0d71a;p=thirdparty%2Fsuricata.git

Bug 977: -T / --init-errors-fatal to process all rules

Have -T / --init-errors-fatal process all rules so that it's easier
to debug problems in ruleset. Otherwise it can be a lengthy fix, test
error cycle if multiple rules have issues.

Convert empty rulefile error into a warning.

Bug #977
---

diff --git a/src/detect-parse.c b/src/detect-parse.c
index 8145b2c1ab..92501e016e 100644
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -1535,12 +1535,6 @@ error:
     if (sig != NULL) {
         SigFree(sig);
     }
-
-    if (de_ctx->failure_fatal == 1) {
-        SCLogError(SC_ERR_INVALID_SIGNATURE, "Signature parsing failed: "
-                   "\"%s\"", sigstr);
-        exit(EXIT_FAILURE);
-    }
     return NULL;
 }
 
@@ -1578,13 +1572,6 @@ error:
     if (sig != NULL) {
         SigFree(sig);
     }
-
-    if (de_ctx->failure_fatal == 1) {
-        SCLogError(SC_ERR_INVALID_SIGNATURE, "Signature parsing failed: "
-                   "\"%s\"", sigstr);
-        exit(EXIT_FAILURE);
-    }
-
     /* if something failed, restore the old signum count
      * since we didn't install it */
     de_ctx->signum = oldsignum;
diff --git a/src/detect.c b/src/detect.c
index 737bb3409c..c1cd88542b 100644
--- a/src/detect.c
+++ b/src/detect.c
@@ -282,7 +282,8 @@ char *DetectLoadCompleteSigPath(char *sig_file)
  *  \param sigs_tot Will store number of signatures processed in the file
  *  \retval Number of rules loaded successfully, -1 on error
  */
-int DetectLoadSigFile(DetectEngineCtx *de_ctx, char *sig_file, int *sigs_tot)
+static int DetectLoadSigFile(DetectEngineCtx *de_ctx, char *sig_file,
+        int *goodsigs, int *badsigs)
 {
     Signature *sig = NULL;
     int good = 0, bad = 0;
@@ -290,6 +291,9 @@ int DetectLoadSigFile(DetectEngineCtx *de_ctx, char *sig_file, int *sigs_tot)
     size_t offset = 0;
     int lineno = 0, multiline = 0;
 
+    (*goodsigs) = 0;
+    (*badsigs) = 0;
+
     if (sig_file == NULL) {
         SCLogError(SC_ERR_INVALID_ARGUMENT, "opening rule file null");
         return -1;
@@ -336,7 +340,6 @@ int DetectLoadSigFile(DetectEngineCtx *de_ctx, char *sig_file, int *sigs_tot)
         de_ctx->rule_line = lineno - multiline;
 
         sig = DetectEngineAppendSig(de_ctx, line);
-        (*sigs_tot)++;
         if (sig != NULL) {
             if (rule_engine_analysis_set || fp_engine_analysis_set) {
                 sig->mpm_sm = RetrieveFPForSigV2(sig);
@@ -356,16 +359,15 @@ int DetectLoadSigFile(DetectEngineCtx *de_ctx, char *sig_file, int *sigs_tot)
             if (rule_engine_analysis_set) {
                 EngineAnalysisRulesFailure(line, sig_file, lineno - multiline);
             }
-            if (de_ctx->failure_fatal == 1) {
-                exit(EXIT_FAILURE);
-            }
             bad++;
         }
         multiline = 0;
     }
     fclose(fp);
 
-    return good;
+    (*goodsigs) = good;
+    (*badsigs) = bad;
+    return 0;
 }
 
 /**
@@ -383,11 +385,17 @@ int SigLoadSignatures(DetectEngineCtx *de_ctx, char *sig_file, int sig_file_excl
     ConfNode *file = NULL;
     int ret = 0;
     int r = 0;
-    int cnt = 0;
     int cntf = 0;
-    int sigtotal = 0;
     char *sfile = NULL;
 
+    int goodsigs = 0;
+    int badsigs = 0;
+
+    int badfiles = 0;
+
+    int goodtotal = 0;
+    int badtotal = 0;
+
     if (RunmodeGetCurrent() == RUNMODE_ENGINE_ANALYSIS) {
         fp_engine_analysis_set = SetupFPAnalyzer();
         rule_engine_analysis_set = SetupRuleAnalyzer();
@@ -401,21 +409,18 @@ int SigLoadSignatures(DetectEngineCtx *de_ctx, char *sig_file, int sig_file_excl
                 sfile = DetectLoadCompleteSigPath(file->val);
                 SCLogDebug("Loading rule file: %s", sfile);
 
-                r = DetectLoadSigFile(de_ctx, sfile, &sigtotal);
                 cntf++;
-                if (r > 0) {
-                    cnt += r;
-                } else if (r == 0){
+                r = DetectLoadSigFile(de_ctx, sfile, &goodsigs, &badsigs);
+                if (r < 0) {
+                    badfiles++;
+                }
+                if (goodsigs == 0) {
                     SCLogWarning(SC_ERR_NO_RULES, "No rules loaded from %s", sfile);
-                    if (de_ctx->failure_fatal == 1) {
-                        exit(EXIT_FAILURE);
-                    }
-                } else if (r < 0){
-                    if (de_ctx->failure_fatal == 1) {
-                        exit(EXIT_FAILURE);
-                    }
                 }
                 SCFree(sfile);
+
+                goodtotal += goodsigs;
+                badtotal += badsigs;
             }
         }
     }
@@ -423,40 +428,34 @@ int SigLoadSignatures(DetectEngineCtx *de_ctx, char *sig_file, int sig_file_excl
     /* If a Signature file is specified from commandline, parse it too */
     if (sig_file != NULL) {
         SCLogInfo("Loading rule file: %s", sig_file);
-        r = DetectLoadSigFile(de_ctx, sig_file, &sigtotal);
         cntf++;
-        if (r > 0) {
-            cnt += r;
-        } else if (r == 0) {
-            SCLogError(SC_ERR_NO_RULES, "No rules loaded from %s", sig_file);
-            if (de_ctx->failure_fatal == 1) {
-                exit(EXIT_FAILURE);
-            }
-        } else if (r < 0){
-           if (de_ctx->failure_fatal == 1) {
-                exit(EXIT_FAILURE);
-           }
+        r = DetectLoadSigFile(de_ctx, sig_file, &goodsigs, &badsigs);
+        if (r < 0) {
+            badfiles++;
         }
+        if (goodsigs == 0) {
+            SCLogWarning(SC_ERR_NO_RULES, "No rules loaded from %s", sig_file);
+        }
+
+        goodtotal += goodsigs;
+        badtotal += badsigs;
     }
 
     /* now we should have signatures to work with */
-    if (cnt <= 0) {
+    if (goodsigs <= 0) {
         if (cntf > 0) {
-           SCLogError(SC_ERR_NO_RULES_LOADED, "%d rule files specified, but no rule was loaded at all!", cntf);
-           if (de_ctx->failure_fatal == 1) {
-               exit(EXIT_FAILURE);
-           }
-           ret = -1;
+           SCLogWarning(SC_ERR_NO_RULES_LOADED, "%d rule files specified, but no rule was loaded at all!", cntf);
         } else {
             SCLogInfo("No signatures supplied.");
             goto end;
         }
     } else {
         /* we report the total of files and rules successfully loaded and failed */
-        SCLogInfo("%" PRId32 " rule files processed. %" PRId32 " rules successfully loaded, %" PRId32 " rules failed", cntf, cnt, sigtotal-cnt);
+        SCLogInfo("%" PRId32 " rule files processed. %" PRId32 " rules successfully loaded, %" PRId32 " rules failed", cntf, goodtotal, badtotal);
     }
 
-    if (ret < 0 && de_ctx->failure_fatal) {
+    if ((badtotal || badfiles) && de_ctx->failure_fatal) {
+        ret = -1;
         goto end;
     }
 
diff --git a/src/suricata.c b/src/suricata.c
index c9a2084a95..31a2411fe7 100644
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -1917,11 +1917,7 @@ static void SetupDelayedDetect(DetectEngineCtx *de_ctx, SCInstance *suri)
 static int LoadSignatures(DetectEngineCtx *de_ctx, SCInstance *suri)
 {
     if (SigLoadSignatures(de_ctx, suri->sig_file, suri->sig_file_exclusive) < 0) {
-        if (suri->sig_file == NULL) {
-            SCLogError(SC_ERR_OPENING_FILE, "Signature file has not been provided");
-        } else {
-            SCLogError(SC_ERR_NO_RULES_LOADED, "Loading signatures failed.");
-        }
+        SCLogError(SC_ERR_NO_RULES_LOADED, "Loading signatures failed.");
         if (de_ctx->failure_fatal)
             return TM_ECODE_FAILED;
     }