Go to the source code of this file.
Functions | |
| void | DetectByteExtractRegister (void) |
| Registers the keyword handlers for the "byte_extract" keyword. More... | |
| SigMatch * | DetectByteExtractRetrieveSMVar (const char *, int sm_list, const Signature *) |
| Lookup the SigMatch for a named byte_extract variable. More... | |
| int | DetectByteExtractDoMatch (DetectEngineThreadCtx *, const SigMatchData *, const Signature *, const uint8_t *, uint32_t, uint64_t *, uint8_t) |
Detailed Description
Definition in file detect-byte-extract.h.
Function Documentation
◆ DetectByteExtractDoMatch()
| int DetectByteExtractDoMatch | ( | DetectEngineThreadCtx * | , |
| const SigMatchData * | , | ||
| const Signature * | , | ||
| const uint8_t * | , | ||
| uint32_t | , | ||
| uint64_t * | , | ||
| uint8_t | |||
| ) |
Definition at line 82 of file detect-byte-extract.c.
References DetectEngineThreadCtx_::buffer_offset, BYTE_BIG_ENDIAN, BYTE_LITTLE_ENDIAN, ByteExtractStringUint64(), ByteExtractUint64(), SigMatchData_::ctx, len, payload_len, and SCLogDebug.
◆ DetectByteExtractRegister()
| void DetectByteExtractRegister | ( | void | ) |
Registers the keyword handlers for the "byte_extract" keyword.
Definition at line 69 of file detect-byte-extract.c.
References SigTableElmt_::desc, DETECT_BYTE_EXTRACT, SigTableElmt_::Match, SigTableElmt_::name, SigTableElmt_::Setup, sigmatch_table, and SigTableElmt_::url.
Referenced by SigTableSetup().
◆ DetectByteExtractRetrieveSMVar()
Lookup the SigMatch for a named byte_extract variable.
- Parameters
-
arg The name of the byte_extract variable to lookup. s Pointer the signature to look in.
- Return values
-
A pointer to the SigMatch if found, otherwise NULL.
Definition at line 375 of file detect-byte-extract.c.
References SignatureInitData_::buffer_index, SignatureInitData_::buffers, SigMatch_::ctx, DETECT_BYTE_EXTRACT, SignatureInitDataBuffer_::head, Signature_::init_data, SigMatch_::next, and SigMatch_::type.
Referenced by DetectByteRetrieveSMVar().
