app-layer-events.c File Reference

#include "suricata-common.h"
#include "rust.h"
#include "app-layer-events.h"
#include "util-enum.h"

Include dependency graph for app-layer-events.c:

Go to the source code of this file.

Macros
#define	DECODER_EVENTS_BUFFER_STEPS   8

Functions
int	SCAppLayerGetEventIdByName (const char *event_name, SCEnumCharMap *table, uint8_t *event_id)
int	AppLayerGetEventInfoById (uint8_t event_id, const char **event_name, AppLayerEventType *event_type)
int	AppLayerGetPktEventInfo (const char *event_name, uint8_t *event_id)
void	SCAppLayerDecoderEventsSetEventRaw (AppLayerDecoderEvents **sevents, uint8_t event)
	Set an app layer decoder event. More...
void	AppLayerDecoderEventsResetEvents (AppLayerDecoderEvents *events)
void	SCAppLayerDecoderEventsFreeEvents (AppLayerDecoderEvents **events)
int	DetectEngineGetEventInfo (const char *event_name, uint8_t *event_id, AppLayerEventType *event_type)

Variables
SCEnumCharMap	app_layer_event_pkt_table []
SCEnumCharMap	det_ctx_event_table []

Detailed Description

Author

Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Anoop Saldanha anoop.nosp@m.sald.nosp@m.anha@.nosp@m.gmai.nosp@m.l.com

Definition in file app-layer-events.c.

Macro Definition Documentation

DECODER_EVENTS_BUFFER_STEPS

#define DECODER_EVENTS_BUFFER_STEPS   8

Definition at line 88 of file app-layer-events.c.

Function Documentation

AppLayerDecoderEventsResetEvents()

void AppLayerDecoderEventsResetEvents

(

AppLayerDecoderEvents *

events

)

Definition at line 129 of file app-layer-events.c.

References AppLayerDecoderEvents_::cnt, and AppLayerDecoderEvents_::event_last_logged.

AppLayerGetEventInfoById()

int AppLayerGetEventInfoById	(	uint8_t	event_id,
		const char **	event_name,
		AppLayerEventType *	event_type
	)

Definition at line 65 of file app-layer-events.c.

References app_layer_event_pkt_table, SCLogError, and SCMapEnumValueToName().

Here is the call graph for this function:

AppLayerGetPktEventInfo()

int AppLayerGetPktEventInfo	(	const char *	event_name,
		uint8_t *	event_id
	)

Definition at line 82 of file app-layer-events.c.

References app_layer_event_pkt_table, and SCAppLayerGetEventIdByName().

Here is the call graph for this function:

DetectEngineGetEventInfo()

int DetectEngineGetEventInfo	(	const char *	event_name,
		uint8_t *	event_id,
		AppLayerEventType *	event_type
	)

Definition at line 172 of file app-layer-events.c.

References det_ctx_event_table, and SCAppLayerGetEventIdByName().

Here is the call graph for this function:

SCAppLayerDecoderEventsFreeEvents()

void SCAppLayerDecoderEventsFreeEvents

(

AppLayerDecoderEvents **

events

)

Definition at line 137 of file app-layer-events.c.

References SCFree.

Referenced by AppLayerParserStateFree(), and PacketDestructor().

Here is the caller graph for this function:

SCAppLayerDecoderEventsSetEventRaw()

void SCAppLayerDecoderEventsSetEventRaw	(	AppLayerDecoderEvents **	sevents,
		uint8_t	event
	)

Set an app layer decoder event.

Parameters

sevents	Pointer to a AppLayerDecoderEvents pointer. If *sevents is NULL memory will be allocated.
event	The event to be stored.

Definition at line 96 of file app-layer-events.c.

References DECODER_EVENTS_BUFFER_STEPS, SCCalloc, and SCRealloc.

Referenced by AppLayerHandleUdp(), and DetectEngineSetEvent().

Here is the caller graph for this function:

SCAppLayerGetEventIdByName()

int SCAppLayerGetEventIdByName	(	const char *	event_name,
		SCEnumCharMap *	table,
		uint8_t *	event_id
	)

Definition at line 30 of file app-layer-events.c.

References SCLogError, and SCMapEnumNameToValue().

Referenced by AppLayerGetPktEventInfo(), and DetectEngineGetEventInfo().

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

app_layer_event_pkt_table

SCEnumCharMap app_layer_event_pkt_table[]

Initial value:

= {
    { "APPLAYER_MISMATCH_PROTOCOL_BOTH_DIRECTIONS",
      APPLAYER_MISMATCH_PROTOCOL_BOTH_DIRECTIONS },
    { "APPLAYER_WRONG_DIRECTION_FIRST_DATA",
      APPLAYER_WRONG_DIRECTION_FIRST_DATA },
    { "APPLAYER_DETECT_PROTOCOL_ONLY_ONE_DIRECTION",
      APPLAYER_DETECT_PROTOCOL_ONLY_ONE_DIRECTION },
    { "APPLAYER_PROTO_DETECTION_SKIPPED",
      APPLAYER_PROTO_DETECTION_SKIPPED },
    { "APPLAYER_NO_TLS_AFTER_STARTTLS",
      APPLAYER_NO_TLS_AFTER_STARTTLS },
    { "APPLAYER_UNEXPECTED_PROTOCOL",
      APPLAYER_UNEXPECTED_PROTOCOL },
    { NULL,
      -1 },
}

Definition at line 48 of file app-layer-events.c.

Referenced by AppLayerGetEventInfoById(), and AppLayerGetPktEventInfo().

det_ctx_event_table

SCEnumCharMap det_ctx_event_table[]

Initial value:

= {
    { "NO_MEMORY", FILE_DECODER_EVENT_NO_MEM },
    { "INVALID_SWF_LENGTH", FILE_DECODER_EVENT_INVALID_SWF_LENGTH },
    { "INVALID_SWF_VERSION", FILE_DECODER_EVENT_INVALID_SWF_VERSION },
    { "Z_DATA_ERROR", FILE_DECODER_EVENT_Z_DATA_ERROR },
    { "Z_STREAM_ERROR", FILE_DECODER_EVENT_Z_STREAM_ERROR },
    { "Z_BUF_ERROR", FILE_DECODER_EVENT_Z_BUF_ERROR },
    { "Z_UNKNOWN_ERROR", FILE_DECODER_EVENT_Z_UNKNOWN_ERROR },
    { "LZMA_IO_ERROR", FILE_DECODER_EVENT_LZMA_IO_ERROR },
    { "LZMA_HEADER_TOO_SHORT_ERROR", FILE_DECODER_EVENT_LZMA_HEADER_TOO_SHORT_ERROR },
    { "LZMA_DECODER_ERROR", FILE_DECODER_EVENT_LZMA_DECODER_ERROR },
    { "LZMA_MEMLIMIT_ERROR", FILE_DECODER_EVENT_LZMA_MEMLIMIT_ERROR },
    { "LZMA_XZ_ERROR", FILE_DECODER_EVENT_LZMA_XZ_ERROR },
    { "LZMA_UNKNOWN_ERROR", FILE_DECODER_EVENT_LZMA_UNKNOWN_ERROR },
    {
            "TOO_MANY_BUFFERS",
            DETECT_EVENT_TOO_MANY_BUFFERS,
    },
    {
            "POST_MATCH_QUEUE_FAILED",
            DETECT_EVENT_POST_MATCH_QUEUE_FAILED,
    },
    { NULL, -1 },
}

Definition at line 147 of file app-layer-events.c.

Referenced by DetectEngineGetEventInfo().