suricata
decode-sll.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2021 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \ingroup decode
20  *
21  * @{
22  */
23 
24 
25 /**
26  * \file
27  *
28  * \author Victor Julien <victor@inliniac.net>
29  *
30  * Decodes Sll
31  */
32 
33 #include "suricata-common.h"
34 #include "decode.h"
35 #include "decode-sll.h"
36 #include "decode-events.h"
37 
38 #include "util-validate.h"
39 #include "util-debug.h"
40 
41 int DecodeSll(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p,
42  const uint8_t *pkt, uint32_t len)
43 {
44  DEBUG_VALIDATE_BUG_ON(pkt == NULL);
45 
46  StatsIncr(tv, dtv->counter_sll);
47 
48  if (unlikely(len < SLL_HEADER_LEN)) {
49  ENGINE_SET_INVALID_EVENT(p, SLL_PKT_TOO_SMALL);
50  return TM_ECODE_FAILED;
51  }
52  if (!PacketIncreaseCheckLayers(p)) {
53  return TM_ECODE_FAILED;
54  }
55 
56  SllHdr *sllh = (SllHdr *)pkt;
57 
58  SCLogDebug("p %p pkt %p sll_protocol %04x", p, pkt, SCNtohs(sllh->sll_protocol));
59 
60  DecodeNetworkLayer(tv, dtv, SCNtohs(sllh->sll_protocol), p,
61  pkt + SLL_HEADER_LEN, len - SLL_HEADER_LEN);
62 
63  return TM_ECODE_OK;
64 }
65 /**
66  * @}
67  */
len
uint8_t len
Definition: app-layer-dnp3.h:2
StatsIncr
void StatsIncr(ThreadVars *tv, uint16_t id)
Increments the local counter.
Definition: counters.c:166
SLL_HEADER_LEN
#define SLL_HEADER_LEN
Definition: decode-sll.h:27
unlikely
#define unlikely(expr)
Definition: util-optimize.h:35
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:269
TM_ECODE_FAILED
@ TM_ECODE_FAILED
Definition: tm-threads-common.h:81
TM_ECODE_OK
@ TM_ECODE_OK
Definition: tm-threads-common.h:80
decode.h
util-debug.h
ThreadVars_
Per thread variable structure.
Definition: threadvars.h:58
Packet_
Definition: decode.h:473
decode-sll.h
DecodeThreadVars_::counter_sll
uint16_t counter_sll
Definition: decode.h:957
decode-events.h
dtv
DecodeThreadVars * dtv
Definition: fuzz_decodepcapfile.c:33
SCNtohs
#define SCNtohs(x)
Definition: suricata-common.h:414
suricata-common.h
DecodeSll
int DecodeSll(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len)
Definition: decode-sll.c:41
tv
ThreadVars * tv
Definition: fuzz_decodepcapfile.c:32
util-validate.h
DecodeThreadVars_
Structure to hold thread specific data for all decode modules.
Definition: decode.h:929
SLL_PKT_TOO_SMALL
@ SLL_PKT_TOO_SMALL
Definition: decode-events.h:109
ENGINE_SET_INVALID_EVENT
#define ENGINE_SET_INVALID_EVENT(p, e)
Definition: decode.h:1154
DEBUG_VALIDATE_BUG_ON
#define DEBUG_VALIDATE_BUG_ON(exp)
Definition: util-validate.h:102