detect/analyzer: Extend analyzer output with dsize value info

author Jeff Lucovsky <jlucovsky@oisf.net>

Sun, 15 Jun 2025 15:06:58 +0000 (11:06 -0400)

committer Victor Julien <victor@inliniac.net>

Sat, 21 Jun 2025 19:32:46 +0000 (21:32 +0200)
author Jeff Lucovsky <jlucovsky@oisf.net>
Sun, 15 Jun 2025 15:06:58 +0000 (11:06 -0400)
committer Victor Julien <victor@inliniac.net>
Sat, 21 Jun 2025 19:32:46 +0000 (21:32 +0200)
diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c

index 4536b6d4654677a6196efd07c7942e5d128f17f8..b262868271caa7f8e28184bf3193dd0fff428914 100644 (file)
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -935,6 +935,13 @@ static void DumpMatches(RuleAnalyzer *ctx, SCJsonBuilder *js, const SigMatchData
                  SCJbClose(js);
                  break;
              }
+            case DETECT_DSIZE: {
+                const DetectU16Data *cd = (const DetectU16Data *)smd->ctx;
+                SCJbOpenObject(js, "dsize");
+                SCDetectU16ToJson(js, cd);
+                SCJbClose(js);
+                break;
+            }
              case DETECT_ICMP_ID: {
                  const DetectIcmpIdData *cd = (const DetectIcmpIdData *)smd->ctx;
                  SCJbOpenObject(js, "id");
author	Jeff Lucovsky <jlucovsky@oisf.net>
	Sun, 15 Jun 2025 15:06:58 +0000 (11:06 -0400)
committer	Victor Julien <victor@inliniac.net>
	Sat, 21 Jun 2025 19:32:46 +0000 (21:32 +0200)