suricata
Macros | Functions
detect-base64-decode.c File Reference
#include "suricata-common.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-base64-decode.h"
#include "util-base64.h"
#include "util-byte.h"
#include "util-print.h"
#include "detect-engine.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "app-layer-parser.h"
#include "flow-util.h"
#include "stream-tcp.h"
Include dependency graph for detect-base64-decode.c:

Go to the source code of this file.

Macros

#define BASE64_DECODE_MAX   65535
 

Functions

void DetectBase64DecodeRegister (void)
 
int DetectBase64DecodeDoMatch (DetectEngineThreadCtx *det_ctx, const Signature *s, const SigMatchData *smd, const uint8_t *payload, uint32_t payload_len)
 

Macro Definition Documentation

#define BASE64_DECODE_MAX   65535

Definition at line 27 of file detect-base64-decode.c.

Referenced by DetectBase64DecodeDoMatch().

Function Documentation

int DetectBase64DecodeDoMatch ( DetectEngineThreadCtx det_ctx,
const Signature s,
const SigMatchData smd,
const uint8_t *  payload,
uint32_t  payload_len 
)

Definition at line 56 of file detect-base64-decode.c.

References BASE64_DECODE_MAX, DetectEngineCtx_::base64_decode_max_len, DetectEngineThreadCtx_::base64_decoded, DetectEngineThreadCtx_::base64_decoded_len, DetectEngineThreadCtx_::buffer_offset, ByteExtractStringUint32(), DetectBase64Decode_::bytes, SigMatch_::ctx, SigMatchData_::ctx, DecodeBase64(), DETECT_BASE64_DECODE, DETECT_BYTE_EXTRACT, DETECT_BYTEJUMP, DETECT_BYTETEST, DETECT_CONTENT, DETECT_ISDATAAT, DETECT_PCRE, DETECT_SM_LIST_NOTSET, DETECT_SM_LIST_PMATCH, DetectBufferTypeGetByName(), DetectEngineCtxFree(), DetectEngineCtxInit(), DetectEngineThreadCtxDeinit(), DetectEngineThreadCtxInit(), DetectGetLastSMFromLists(), Signature_::init_data, SignatureInitData_::list, MIN, DetectBase64Decode_::offset, offset, PrintRawDataFp(), DetectBase64Decode_::relative, SC_ERR_INVALID_RULE_ARGUMENT, SCCalloc, SCFree, SCLogDebug, SCLogError, DetectEngineCtx_::sig_list, SigCleanSignatures(), SigGroupBuild(), SigGroupCleanup(), SigInit(), SigMatchAlloc(), SigMatchAppendSMToList(), SigMatchListSMBelongsTo(), SigMatchSignatures(), str, SigMatch_::type, unlikely, UTHBuildPacket(), UTHFreePacket(), and UtRegisterTest().

Referenced by DetectEngineContentInspection().

Here is the call graph for this function:

Here is the caller graph for this function:

void DetectBase64DecodeRegister ( void  )

Definition at line 39 of file detect-base64-decode.c.

References SigTableElmt_::desc, DETECT_BASE64_DECODE, DetectSetupParseRegexes(), DOC_URL, DOC_VERSION, SigTableElmt_::flags, SigTableElmt_::Free, SigTableElmt_::name, SigTableElmt_::RegisterTests, SigTableElmt_::Setup, SIGMATCH_OPTIONAL_OPT, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the call graph for this function:

Here is the caller graph for this function: