42 #define DETECT_CSUM_VALID "valid"
43 #define DETECT_CSUM_INVALID "invalid"
94 static void DetectCsumRegisterTests(
void);
192 static int DetectCsumParseArg(
const char *key,
DetectCsumData *cd)
196 if (key[0] ==
'\"' && key[strlen(key) - 1] ==
'\"') {
201 str[strlen(key) - 2] =
'\0';
291 if (DetectCsumParseArg(csum_str, cd) == 0)
301 if (cd != NULL) DetectIPV4CsumFree(
de_ctx, cd);
302 if (sm != NULL)
SCFree(sm);
388 if (DetectCsumParseArg(csum_str, cd) == 0)
398 if (cd != NULL) DetectTCPV4CsumFree(
de_ctx, cd);
399 if (sm != NULL)
SCFree(sm);
485 if (DetectCsumParseArg(csum_str, cd) == 0)
495 if (cd != NULL) DetectTCPV6CsumFree(
de_ctx, cd);
496 if (sm != NULL)
SCFree(sm);
582 if (DetectCsumParseArg(csum_str, cd) == 0)
592 if (cd != NULL) DetectUDPV4CsumFree(
de_ctx, cd);
593 if (sm != NULL)
SCFree(sm);
679 if (DetectCsumParseArg(csum_str, cd) == 0)
682 sm->
ctx = (
void *)cd;
689 if (cd != NULL) DetectUDPV6CsumFree(
de_ctx, cd);
690 if (sm != NULL)
SCFree(sm);
774 if (DetectCsumParseArg(csum_str, cd) == 0)
784 if (cd != NULL) DetectICMPV4CsumFree(
de_ctx, cd);
785 if (sm != NULL)
SCFree(sm);
872 if (DetectCsumParseArg(csum_str, cd) == 0)
882 if (cd != NULL) DetectICMPV6CsumFree(
de_ctx, cd);
883 if (sm != NULL)
SCFree(sm);
907 #define TEST1(kwstr) {\
908 DetectEngineCtx *de_ctx = DetectEngineCtxInit();\
909 FAIL_IF_NULL(de_ctx);\
910 de_ctx->flags = DE_QUIET;\
912 Signature *s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:valid; sid:1;)");\
914 s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:invalid; sid:2;)");\
916 s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:vaLid; sid:3;)");\
918 s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:VALID; sid:4;)");\
920 s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:iNvaLid; sid:5;)");\
922 DetectEngineCtxFree(de_ctx);\
926 static int DetectCsumValidArgsTestParse01(
void)
939 #define TEST2(kwstr) { \
940 DetectEngineCtx *de_ctx = DetectEngineCtxInit();\
941 FAIL_IF_NULL(de_ctx);\
942 Signature *s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:vaid; sid:1;)");\
944 s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:invaalid; sid:2;)");\
946 s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:vaLiid; sid:3;)");\
948 s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:VALieD; sid:4;)");\
950 s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:iNvamid; sid:5;)");\
952 DetectEngineCtxFree(de_ctx);\
955 static int DetectCsumInvalidArgsTestParse02(
void)
968 #define TEST3(kwstr, kwtype) { \
969 DetectEngineCtx *de_ctx = DetectEngineCtxInit();\
970 FAIL_IF_NULL(de_ctx);\
971 Signature *s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:valid; sid:1;)");\
973 SigMatch *sm = DetectGetLastSMFromLists(s, (kwtype), -1);\
975 FAIL_IF_NULL(sm->ctx);\
976 FAIL_IF_NOT(((DetectCsumData *)sm->ctx)->valid == 1);\
977 s = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any ("mystr(kwstr)"-csum:INVALID; sid:2;)");\
979 sm = DetectGetLastSMFromLists(s, (kwtype), -1);\
981 FAIL_IF_NULL(sm->ctx);\
982 FAIL_IF_NOT(((DetectCsumData *)sm->ctx)->valid == 0);\
983 DetectEngineCtxFree(de_ctx);\
986 static int DetectCsumValidArgsTestParse03(
void)
1002 static int DetectCsumICMPV6Test01(
void)
1014 0x00, 0x30, 0x18, 0xa8, 0x7c, 0x23, 0x2c, 0x41,
1015 0x38, 0xa7, 0xea, 0xeb, 0x86, 0xdd, 0x60, 0x00,
1016 0x00, 0x00, 0x00, 0x40, 0x3c, 0x40, 0xad, 0xa1,
1017 0x09, 0x80, 0x00, 0x01, 0xd6, 0xf3, 0x20, 0x01,
1018 0xf4, 0xbe, 0xea, 0x3c, 0x00, 0x01, 0x00, 0x00,
1019 0x00, 0x00, 0x32, 0xb2, 0x00, 0x01, 0x32, 0xb2,
1020 0x09, 0x80, 0x20, 0x01, 0x00, 0x00, 0x3c, 0x00,
1021 0x01, 0x04, 0x00, 0x00, 0x00, 0x00, 0x3c, 0x00,
1022 0x01, 0x04, 0x00, 0x00, 0x00, 0x00, 0x2c, 0x00,
1023 0x01, 0x04, 0x00, 0x00, 0x00, 0x00, 0x2c, 0x00,
1024 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3c, 0x00,
1025 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x2c, 0x00,
1026 0x01, 0x04, 0x00, 0x00, 0x00, 0x00, 0x3a, 0x00,
1027 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00,
1028 0x63, 0xc2, 0x00, 0x00, 0x00, 0x00 };
1032 memset(&
tv, 0,
sizeof(
tv));
1033 memset(&
dtv, 0,
sizeof(
dtv));
1044 "(icmpv6-csum:valid; sid:1;)");
1066 static void DetectCsumRegisterTests(
void)
1069 DetectCsumValidArgsTestParse01);
1071 DetectCsumInvalidArgsTestParse02);
1073 DetectCsumValidArgsTestParse03);
1076 DetectCsumICMPV6Test01);