suricata
detect-engine-address-ipv6.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2010 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Victor Julien <victor@inliniac.net>
22  *
23  * IPV6 Address part of the detection engine.
24  */
25 
26 #include "suricata-common.h"
27 
28 #include "decode.h"
29 #include "detect.h"
30 #include "flow-var.h"
31 
32 #include "util-cidr.h"
33 #include "util-unittest.h"
34 
35 #include "detect-engine-address.h"
36 #include "detect-engine-address-ipv6.h"
37 #include "detect-engine-siggroup.h"
38 #include "detect-engine-port.h"
39 
40 #include "util-debug.h"
41 
42 /**
43  * \brief Compares 2 ipv6 addresses and returns if the first address(a) is less
44  * than the second address(b) or not.
45  *
46  * \param a The first ipv6 address to be compared.
47  * \param b The second ipv6 address to be compared.
48  *
49  * \retval 1 If a < b.
50  * \retval 0 Otherwise, i.e. a >= b.
51  */
52 int AddressIPv6Lt(const Address *a, const Address *b)
53 {
54  int i = 0;
55 
56  for (i = 0; i < 4; i++) {
57  if (SCNtohl(a->addr_data32[i]) < SCNtohl(b->addr_data32[i]))
58  return 1;
59  if (SCNtohl(a->addr_data32[i]) > SCNtohl(b->addr_data32[i]))
60  break;
61  }
62 
63  return 0;
64 }
65 
66 int AddressIPv6LtU32(uint32_t *a, uint32_t *b)
67 {
68  int i = 0;
69 
70  for (i = 0; i < 4; i++) {
71  if (SCNtohl(a[i]) < SCNtohl(b[i]))
72  return 1;
73  if (SCNtohl(a[i]) > SCNtohl(b[i]))
74  break;
75  }
76 
77  return 0;
78 }
79 
80 /**
81  * \brief Compares 2 ipv6 addresses and returns if the first address(a) is
82  * greater than the second address(b) or not.
83  *
84  * \param a The first ipv6 address to be compared.
85  * \param b The second ipv6 address to be compared.
86  *
87  * \retval 1 If a > b.
88  * \retval 0 Otherwise, i.e. a <= b.
89  */
90 int AddressIPv6Gt(const Address *a, const Address *b)
91 {
92  int i = 0;
93 
94  for (i = 0; i < 4; i++) {
95  if (SCNtohl(a->addr_data32[i]) > SCNtohl(b->addr_data32[i]))
96  return 1;
97  if (SCNtohl(a->addr_data32[i]) < SCNtohl(b->addr_data32[i]))
98  break;
99  }
100 
101  return 0;
102 }
103 
104 int AddressIPv6GtU32(uint32_t *a, uint32_t *b)
105 {
106  int i = 0;
107 
108  for (i = 0; i < 4; i++) {
109  if (SCNtohl(a[i]) > SCNtohl(b[i]))
110  return 1;
111  if (SCNtohl(a[i]) < SCNtohl(b[i]))
112  break;
113  }
114 
115  return 0;
116 }
117 
118 /**
119  * \brief Compares 2 ipv6 addresses and returns if the addresses are equal
120  * or not.
121  *
122  * \param a The first ipv6 address to be compared.
123  * \param b The second ipv6 address to be compared.
124  *
125  * \retval 1 If a == b.
126  * \retval 0 Otherwise.
127  */
128 int AddressIPv6Eq(const Address *a, const Address *b)
129 {
130  int i = 0;
131 
132  for (i = 0; i < 4; i++) {
133  if (a->addr_data32[i] != b->addr_data32[i])
134  return 0;
135  }
136 
137  return 1;
138 }
139 
140 int AddressIPv6EqU32(uint32_t *a, uint32_t *b)
141 {
142  int i = 0;
143 
144  for (i = 0; i < 4; i++) {
145  if (a[i] != b[i])
146  return 0;
147  }
148 
149  return 1;
150 }
151 
152 /**
153  * \brief Compares 2 ipv6 addresses and returns if the first address(a) is less
154  * than or equal to the second address(b) or not.
155  *
156  * \param a The first ipv6 address to be compared.
157  * \param b The second ipv6 address to be compared.
158  *
159  * \retval 1 If a <= b.
160  * \retval 0 Otherwise, i.e. a > b.
161  */
162 int AddressIPv6Le(const Address *a, const Address *b)
163 {
164 
165  if (AddressIPv6Eq(a, b) == 1)
166  return 1;
167  if (AddressIPv6Lt(a, b) == 1)
168  return 1;
169 
170  return 0;
171 }
172 
173 int AddressIPv6LeU32(uint32_t *a, uint32_t *b)
174 {
175 
176  if (AddressIPv6EqU32(a, b) == 1)
177  return 1;
178  if (AddressIPv6LtU32(a, b) == 1)
179  return 1;
180 
181  return 0;
182 }
183 
184 /**
185  * \brief Compares 2 ipv6 addresses and returns if the first address(a) is
186  * greater than or equal to the second address(b) or not.
187  *
188  * \param a The first ipv6 address to be compared.
189  * \param b The second ipv6 address to be compared.
190  *
191  * \retval 1 If a >= b.
192  * \retval 0 Otherwise, i.e. a < b.
193  */
194 int AddressIPv6Ge(const Address *a, const Address *b)
195 {
196 
197  if (AddressIPv6Eq(a, b) == 1)
198  return 1;
199  if (AddressIPv6Gt(a, b) == 1)
200  return 1;
201 
202  return 0;
203 }
204 
205 int AddressIPv6GeU32(uint32_t *a, uint32_t *b)
206 {
207 
208  if (AddressIPv6EqU32(a, b) == 1)
209  return 1;
210  if (AddressIPv6GtU32(a, b) == 1)
211  return 1;
212 
213  return 0;
214 }
215 
216 /**
217  * \brief Compares 2 addresses(address ranges) and returns the relationship
218  * between the 2 addresses.
219  *
220  * \param a Pointer to the first address instance to be compared.
221  * \param b Pointer to the second address instance to be compared.
222  *
223  * \retval ADDRESS_EQ If the 2 address ranges a and b, are equal.
224  * \retval ADDRESS_ES b encapsulates a. b_ip1[...a_ip1...a_ip2...]b_ip2.
225  * \retval ADDRESS_EB a encapsulates b. a_ip1[...b_ip1....b_ip2...]a_ip2.
226  * \retval ADDRESS_LE a_ip1(...b_ip1==a_ip2...)b_ip2
227  * \retval ADDRESS_LT a_ip1(...b_ip1...a_ip2...)b_ip2
228  * \retval ADDRESS_GE b_ip1(...a_ip1==b_ip2...)a_ip2
229  * \retval ADDRESS_GT a_ip1 > b_ip2, i.e. the address range for 'a' starts only
230  * after the end of the address range for 'b'
231  */
232 int DetectAddressCmpIPv6(DetectAddress *a, DetectAddress *b)
233 {
234  if (AddressIPv6Eq(&a->ip, &b->ip) == 1 &&
235  AddressIPv6Eq(&a->ip2, &b->ip2) == 1) {
236  return ADDRESS_EQ;
237  } else if (AddressIPv6Ge(&a->ip, &b->ip) == 1 &&
238  AddressIPv6Le(&a->ip, &b->ip2) == 1 &&
239  AddressIPv6Le(&a->ip2, &b->ip2) == 1) {
240  return ADDRESS_ES;
241  } else if (AddressIPv6Le(&a->ip, &b->ip) == 1 &&
242  AddressIPv6Ge(&a->ip2, &b->ip2) == 1) {
243  return ADDRESS_EB;
244  } else if (AddressIPv6Lt(&a->ip, &b->ip) == 1 &&
245  AddressIPv6Lt(&a->ip2, &b->ip2) == 1 &&
246  AddressIPv6Ge(&a->ip2, &b->ip) == 1) {
247  return ADDRESS_LE;
248  } else if (AddressIPv6Lt(&a->ip, &b->ip) == 1 &&
249  AddressIPv6Lt(&a->ip2, &b->ip2) == 1) {
250  return ADDRESS_LT;
251  } else if (AddressIPv6Gt(&a->ip, &b->ip) == 1 &&
252  AddressIPv6Le(&a->ip, &b->ip2) == 1 &&
253  AddressIPv6Gt(&a->ip2, &b->ip2) == 1) {
254  return ADDRESS_GE;
255  } else if (AddressIPv6Gt(&a->ip, &b->ip2) == 1) {
256  return ADDRESS_GT;
257  } else {
258  /* should be unreachable */
259  SCLogDebug("Internal Error: should be unreachable\n");
260  }
261 
262  return ADDRESS_ER;
263 }
264 
265 /**
266  * \brief Takes an IPv6 address in a, and returns in b an IPv6 address which is
267  * one less than the IPv6 address in a. The address sent in a is in host
268  * order, and the address in b will be returned in network order!
269  *
270  * \param a Pointer to an IPv6 address in host order.
271  * \param b Pointer to an IPv6 address store in memory which has to be updated
272  * with the new address(a - 1).
273  */
274 static void AddressCutIPv6CopySubOne(uint32_t *a, uint32_t *b)
275 {
276  uint32_t t = a[3];
277 
278  b[0] = a[0];
279  b[1] = a[1];
280  b[2] = a[2];
281  b[3] = a[3];
282 
283  b[3]--;
284  if (b[3] > t) {
285  t = b[2];
286  b[2]--;
287  if (b[2] > t) {
288  t = b[1];
289  b[1]--;
290  if (b[1] > t)
291  b[0]--;
292  }
293  }
294 
295  b[0] = htonl(b[0]);
296  b[1] = htonl(b[1]);
297  b[2] = htonl(b[2]);
298  b[3] = htonl(b[3]);
299 }
300 
301 /**
302  * \brief Takes an IPv6 address in a, and returns in b an IPv6 address which is
303  * one more than the IPv6 address in a. The address sent in a is in host
304  * order, and the address in b will be returned in network order!
305  *
306  * \param a Pointer to an IPv6 address in host order.
307  * \param b Pointer to an IPv6 address store in memory which has to be updated
308  * with the new address(a + 1).
309  */
310 static void AddressCutIPv6CopyAddOne(uint32_t *a, uint32_t *b)
311 {
312  uint32_t t = a[3];
313 
314  b[0] = a[0];
315  b[1] = a[1];
316  b[2] = a[2];
317  b[3] = a[3];
318 
319  b[3]++;
320  if (b[3] < t) {
321  t = b[2];
322  b[2]++;
323  if (b[2] < t) {
324  t = b[1];
325  b[1]++;
326  if (b[1] < t)
327  b[0]++;
328  }
329  }
330 
331  b[0] = htonl(b[0]);
332  b[1] = htonl(b[1]);
333  b[2] = htonl(b[2]);
334  b[3] = htonl(b[3]);
335 }
336 
337 /**
338  * \brief Copies an IPv6 address in a to the b. The address in a is in host
339  * order and will be copied in network order to b!
340  *
341  * \param a Pointer to the IPv6 address to be copied.
342  * \param b Pointer to an IPv6 address in memory which will be updated with the
343  * address in a.
344  */
345 static void AddressCutIPv6Copy(uint32_t *a, uint32_t *b)
346 {
347  b[0] = htonl(a[0]);
348  b[1] = htonl(a[1]);
349  b[2] = htonl(a[2]);
350  b[3] = htonl(a[3]);
351 }
352 
353 int DetectAddressCutIPv6(DetectEngineCtx *de_ctx, DetectAddress *a,
354  DetectAddress *b, DetectAddress **c)
355 {
356  uint32_t a_ip1[4] = { SCNtohl(a->ip.addr_data32[0]), SCNtohl(a->ip.addr_data32[1]),
357  SCNtohl(a->ip.addr_data32[2]), SCNtohl(a->ip.addr_data32[3]) };
358  uint32_t a_ip2[4] = { SCNtohl(a->ip2.addr_data32[0]), SCNtohl(a->ip2.addr_data32[1]),
359  SCNtohl(a->ip2.addr_data32[2]), SCNtohl(a->ip2.addr_data32[3]) };
360  uint32_t b_ip1[4] = { SCNtohl(b->ip.addr_data32[0]), SCNtohl(b->ip.addr_data32[1]),
361  SCNtohl(b->ip.addr_data32[2]), SCNtohl(b->ip.addr_data32[3]) };
362  uint32_t b_ip2[4] = { SCNtohl(b->ip2.addr_data32[0]), SCNtohl(b->ip2.addr_data32[1]),
363  SCNtohl(b->ip2.addr_data32[2]), SCNtohl(b->ip2.addr_data32[3]) };
364 
365  /* default to NULL */
366  *c = NULL;
367 
368  int r = DetectAddressCmpIPv6(a, b);
369  if (r != ADDRESS_ES && r != ADDRESS_EB && r != ADDRESS_LE && r != ADDRESS_GE) {
370  goto error;
371  }
372 
373  /* we have 3 parts: [aaa[abab]bbb]
374  * part a: a_ip1 <-> b_ip1 - 1
375  * part b: b_ip1 <-> a_ip2
376  * part c: a_ip2 + 1 <-> b_ip2
377  */
378  if (r == ADDRESS_LE) {
379  AddressCutIPv6Copy(a_ip1, a->ip.addr_data32);
380  AddressCutIPv6CopySubOne(b_ip1, a->ip2.addr_data32);
381 
382  AddressCutIPv6Copy(b_ip1, b->ip.addr_data32);
383  AddressCutIPv6Copy(a_ip2, b->ip2.addr_data32);
384 
385  DetectAddress *tmp_c;
386  tmp_c = DetectAddressInit();
387  if (tmp_c == NULL)
388  goto error;
389  tmp_c->ip.family = AF_INET6;
390 
391  AddressCutIPv6CopyAddOne(a_ip2, tmp_c->ip.addr_data32);
392  AddressCutIPv6Copy(b_ip2, tmp_c->ip2.addr_data32);
393 
394  *c = tmp_c;
395 
396  /* we have 3 parts: [bbb[baba]aaa]
397  * part a: b_ip1 <-> a_ip1 - 1
398  * part b: a_ip1 <-> b_ip2
399  * part c: b_ip2 + 1 <-> a_ip2
400  */
401  } else if (r == ADDRESS_GE) {
402  AddressCutIPv6Copy(b_ip1, a->ip.addr_data32);
403  AddressCutIPv6CopySubOne(a_ip1, a->ip2.addr_data32);
404 
405  AddressCutIPv6Copy(a_ip1, b->ip.addr_data32);
406  AddressCutIPv6Copy(b_ip2, b->ip2.addr_data32);
407 
408  DetectAddress *tmp_c;
409  tmp_c = DetectAddressInit();
410  if (tmp_c == NULL)
411  goto error;
412  tmp_c->ip.family = AF_INET6;
413 
414  AddressCutIPv6CopyAddOne(b_ip2, tmp_c->ip.addr_data32);
415  AddressCutIPv6Copy(a_ip2, tmp_c->ip2.addr_data32);
416  *c = tmp_c;
417 
418  /* we have 2 or three parts:
419  *
420  * 2 part: [[abab]bbb] or [bbb[baba]]
421  * part a: a_ip1 <-> a_ip2
422  * part b: a_ip2 + 1 <-> b_ip2
423  *
424  * part a: b_ip1 <-> a_ip1 - 1
425  * part b: a_ip1 <-> a_ip2
426  *
427  * 3 part [bbb[aaa]bbb]
428  * part a: b_ip1 <-> a_ip1 - 1
429  * part b: a_ip1 <-> a_ip2
430  * part c: a_ip2 + 1 <-> b_ip2
431  */
432  } else if (r == ADDRESS_ES) {
433  if (AddressIPv6EqU32(a_ip1, b_ip1) == 1) {
434  AddressCutIPv6Copy(a_ip1, a->ip.addr_data32);
435  AddressCutIPv6Copy(a_ip2, a->ip2.addr_data32);
436 
437  AddressCutIPv6CopyAddOne(a_ip2, b->ip.addr_data32);
438  AddressCutIPv6Copy(b_ip2, b->ip2.addr_data32);
439 
440  } else if (AddressIPv6EqU32(a_ip2, b_ip2) == 1) {
441  AddressCutIPv6Copy(b_ip1, a->ip.addr_data32);
442  AddressCutIPv6CopySubOne(a_ip1, a->ip2.addr_data32);
443 
444  AddressCutIPv6Copy(a_ip1, b->ip.addr_data32);
445  AddressCutIPv6Copy(a_ip2, b->ip2.addr_data32);
446 
447  } else {
448  AddressCutIPv6Copy(b_ip1, a->ip.addr_data32);
449  AddressCutIPv6CopySubOne(a_ip1, a->ip2.addr_data32);
450 
451  AddressCutIPv6Copy(a_ip1, b->ip.addr_data32);
452  AddressCutIPv6Copy(a_ip2, b->ip2.addr_data32);
453 
454  DetectAddress *tmp_c;
455  tmp_c = DetectAddressInit();
456  if (tmp_c == NULL) {
457  goto error;
458  }
459  tmp_c->ip.family = AF_INET6;
460  AddressCutIPv6CopyAddOne(a_ip2, tmp_c->ip.addr_data32);
461  AddressCutIPv6Copy(b_ip2, tmp_c->ip2.addr_data32);
462  *c = tmp_c;
463 
464  }
465  /* we have 2 or three parts:
466  *
467  * 2 part: [[baba]aaa] or [aaa[abab]]
468  * part a: b_ip1 <-> b_ip2
469  * part b: b_ip2 + 1 <-> a_ip2
470  *
471  * part a: a_ip1 <-> b_ip1 - 1
472  * part b: b_ip1 <-> b_ip2
473  *
474  * 3 part [aaa[bbb]aaa]
475  * part a: a_ip1 <-> b_ip2 - 1
476  * part b: b_ip1 <-> b_ip2
477  * part c: b_ip2 + 1 <-> a_ip2
478  */
479  } else if (r == ADDRESS_EB) {
480  if (AddressIPv6EqU32(a_ip1, b_ip1) == 1) {
481  AddressCutIPv6Copy(b_ip1, a->ip.addr_data32);
482  AddressCutIPv6Copy(b_ip2, a->ip2.addr_data32);
483 
484  AddressCutIPv6CopyAddOne(b_ip2, b->ip.addr_data32);
485  AddressCutIPv6Copy(a_ip2, b->ip2.addr_data32);
486  } else if (AddressIPv6EqU32(a_ip2, b_ip2) == 1) {
487  AddressCutIPv6Copy(a_ip1, a->ip.addr_data32);
488  AddressCutIPv6CopySubOne(b_ip1, a->ip2.addr_data32);
489 
490  AddressCutIPv6Copy(b_ip1, b->ip.addr_data32);
491  AddressCutIPv6Copy(b_ip2, b->ip2.addr_data32);
492  } else {
493  AddressCutIPv6Copy(a_ip1, a->ip.addr_data32);
494  AddressCutIPv6CopySubOne(b_ip1, a->ip2.addr_data32);
495 
496  AddressCutIPv6Copy(b_ip1, b->ip.addr_data32);
497  AddressCutIPv6Copy(b_ip2, b->ip2.addr_data32);
498 
499  DetectAddress *tmp_c;
500  tmp_c = DetectAddressInit();
501  if (tmp_c == NULL)
502  goto error;
503 
504  tmp_c->ip.family = AF_INET6;
505  AddressCutIPv6CopyAddOne(b_ip2, tmp_c->ip.addr_data32);
506  AddressCutIPv6Copy(a_ip2, tmp_c->ip2.addr_data32);
507  *c = tmp_c;
508  }
509  }
510 
511  return 0;
512 
513 error:
514  return -1;
515 }
516 
517 #if 0
518 int DetectAddressCutIPv6(DetectAddressData *a, DetectAddressData *b,
519  DetectAddressData **c)
520 {
521  uint32_t a_ip1[4] = { SCNtohl(a->ip[0]), SCNtohl(a->ip[1]),
522  SCNtohl(a->ip[2]), SCNtohl(a->ip[3]) };
523  uint32_t a_ip2[4] = { SCNtohl(a->ip2[0]), SCNtohl(a->ip2[1]),
524  SCNtohl(a->ip2[2]), SCNtohl(a->ip2[3]) };
525  uint32_t b_ip1[4] = { SCNtohl(b->ip[0]), SCNtohl(b->ip[1]),
526  SCNtohl(b->ip[2]), SCNtohl(b->ip[3]) };
527  uint32_t b_ip2[4] = { SCNtohl(b->ip2[0]), SCNtohl(b->ip2[1]),
528  SCNtohl(b->ip2[2]), SCNtohl(b->ip2[3]) };
529 
530  /* default to NULL */
531  *c = NULL;
532 
533  int r = DetectAddressCmpIPv6(a, b);
534  if (r != ADDRESS_ES && r != ADDRESS_EB && r != ADDRESS_LE && r != ADDRESS_GE) {
535  goto error;
536  }
537 
538  /* we have 3 parts: [aaa[abab]bbb]
539  * part a: a_ip1 <-> b_ip1 - 1
540  * part b: b_ip1 <-> a_ip2
541  * part c: a_ip2 + 1 <-> b_ip2
542  */
543  if (r == ADDRESS_LE) {
544  AddressCutIPv6Copy(a_ip1, a->ip);
545  AddressCutIPv6CopySubOne(b_ip1, a->ip2);
546 
547  AddressCutIPv6Copy(b_ip1, b->ip);
548  AddressCutIPv6Copy(a_ip2, b->ip2);
549 
550  DetectAddressData *tmp_c;
551  tmp_c = DetectAddressDataInit();
552  if (tmp_c == NULL)
553  goto error;
554  tmp_c->family = AF_INET6;
555 
556  AddressCutIPv6CopyAddOne(a_ip2, tmp_c->ip);
557  AddressCutIPv6Copy(b_ip2, tmp_c->ip2);
558 
559  *c = tmp_c;
560 
561  /* we have 3 parts: [bbb[baba]aaa]
562  * part a: b_ip1 <-> a_ip1 - 1
563  * part b: a_ip1 <-> b_ip2
564  * part c: b_ip2 + 1 <-> a_ip2
565  */
566  } else if (r == ADDRESS_GE) {
567  AddressCutIPv6Copy(b_ip1, a->ip);
568  AddressCutIPv6CopySubOne(a_ip1, a->ip2);
569 
570  AddressCutIPv6Copy(a_ip1, b->ip);
571  AddressCutIPv6Copy(b_ip2, b->ip2);
572 
573  DetectAddressData *tmp_c;
574  tmp_c = DetectAddressDataInit();
575  if (tmp_c == NULL)
576  goto error;
577  tmp_c->family = AF_INET6;
578 
579  AddressCutIPv6CopyAddOne(b_ip2, tmp_c->ip);
580  AddressCutIPv6Copy(a_ip2, tmp_c->ip2);
581 
582  *c = tmp_c;
583 
584  /* we have 2 or three parts:
585  *
586  * 2 part: [[abab]bbb] or [bbb[baba]]
587  * part a: a_ip1 <-> a_ip2
588  * part b: a_ip2 + 1 <-> b_ip2
589  *
590  * part a: b_ip1 <-> a_ip1 - 1
591  * part b: a_ip1 <-> a_ip2
592  *
593  * 3 part [bbb[aaa]bbb]
594  * part a: b_ip1 <-> a_ip1 - 1
595  * part b: a_ip1 <-> a_ip2
596  * part c: a_ip2 + 1 <-> b_ip2
597  */
598  } else if (r == ADDRESS_ES) {
599  if (AddressIPv6Eq(a_ip1,b_ip1) == 1) {
600  AddressCutIPv6Copy(a_ip1, a->ip);
601  AddressCutIPv6Copy(a_ip2, a->ip2);
602 
603  AddressCutIPv6CopyAddOne(a_ip2, b->ip);
604  AddressCutIPv6Copy(b_ip2, b->ip2);
605  } else if (AddressIPv6Eq(a_ip2, b_ip2) == 1) {
606  AddressCutIPv6Copy(b_ip1, a->ip);
607  AddressCutIPv6CopySubOne(a_ip1, a->ip2);
608 
609  AddressCutIPv6Copy(a_ip1, b->ip);
610  AddressCutIPv6Copy(a_ip2, b->ip2);
611  } else {
612  AddressCutIPv6Copy(b_ip1, a->ip);
613  AddressCutIPv6CopySubOne(a_ip1, a->ip2);
614 
615  AddressCutIPv6Copy(a_ip1, b->ip);
616  AddressCutIPv6Copy(a_ip2, b->ip2);
617 
618  DetectAddressData *tmp_c;
619  tmp_c = DetectAddressDataInit();
620  if (tmp_c == NULL)
621  goto error;
622 
623  tmp_c->family = AF_INET6;
624 
625  AddressCutIPv6CopyAddOne(a_ip2, tmp_c->ip);
626  AddressCutIPv6Copy(b_ip2, tmp_c->ip2);
627  *c = tmp_c;
628  }
629  /* we have 2 or three parts:
630  *
631  * 2 part: [[baba]aaa] or [aaa[abab]]
632  * part a: b_ip1 <-> b_ip2
633  * part b: b_ip2 + 1 <-> a_ip2
634  *
635  * part a: a_ip1 <-> b_ip1 - 1
636  * part b: b_ip1 <-> b_ip2
637  *
638  * 3 part [aaa[bbb]aaa]
639  * part a: a_ip1 <-> b_ip2 - 1
640  * part b: b_ip1 <-> b_ip2
641  * part c: b_ip2 + 1 <-> a_ip2
642  */
643  } else if (r == ADDRESS_EB) {
644  if (AddressIPv6Eq(a_ip1, b_ip1) == 1) {
645  AddressCutIPv6Copy(b_ip1, a->ip);
646  AddressCutIPv6Copy(b_ip2, a->ip2);
647 
648  AddressCutIPv6CopyAddOne(b_ip2, b->ip);
649  AddressCutIPv6Copy(a_ip2, b->ip2);
650  } else if (AddressIPv6Eq(a_ip2, b_ip2) == 1) {
651  AddressCutIPv6Copy(a_ip1, a->ip);
652  AddressCutIPv6CopySubOne(b_ip1, a->ip2);
653 
654  AddressCutIPv6Copy(b_ip1, b->ip);
655  AddressCutIPv6Copy(b_ip2, b->ip2);
656  } else {
657  AddressCutIPv6Copy(a_ip1, a->ip);
658  AddressCutIPv6CopySubOne(b_ip1, a->ip2);
659 
660  AddressCutIPv6Copy(b_ip1, b->ip);
661  AddressCutIPv6Copy(b_ip2, b->ip2);
662 
663  DetectAddressData *tmp_c;
664  tmp_c = DetectAddressDataInit();
665  if (tmp_c == NULL)
666  goto error;
667  tmp_c->family = AF_INET6;
668 
669  AddressCutIPv6CopyAddOne(b_ip2, tmp_c->ip);
670  AddressCutIPv6Copy(a_ip2, tmp_c->ip2);
671  *c = tmp_c;
672  }
673  }
674 
675  return 0;
676 
677 error:
678  return -1;
679 }
680 #endif
681 
682 /**
683  * \brief Cuts and returns an address range, which is the complement of the
684  * address range that is supplied as the argument.
685  *
686  * For example:
687  *
688  * If a = ::-2000::,
689  * then a = 2000::1-FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF and b = NULL
690  * If a = 2000::1-FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF,
691  * then a = ::-2000:: and b = NULL
692  * If a = 2000::1-20FF::2,
693  * then a = ::-2000:: and
694  * b = 20FF::3-FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
695  *
696  * \param a Pointer to an address range (DetectAddress) instance whose complement
697  * has to be returned in a and b.
698  * \param b Pointer to DetectAddress pointer, that will be supplied back with a
699  * new DetectAddress instance, if the complement demands so.
700  *
701  * \retval 0 On success.
702  * \retval -1 On failure.
703  */
704 int DetectAddressCutNotIPv6(DetectAddress *a, DetectAddress **b)
705 {
706  uint32_t a_ip1[4] = { SCNtohl(a->ip.addr_data32[0]), SCNtohl(a->ip.addr_data32[1]),
707  SCNtohl(a->ip.addr_data32[2]), SCNtohl(a->ip.addr_data32[3]) };
708  uint32_t a_ip2[4] = { SCNtohl(a->ip2.addr_data32[0]), SCNtohl(a->ip2.addr_data32[1]),
709  SCNtohl(a->ip2.addr_data32[2]), SCNtohl(a->ip2.addr_data32[3]) };
710  uint32_t ip_nul[4] = { 0x00000000, 0x00000000, 0x00000000, 0x00000000 };
711  uint32_t ip_max[4] = { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
712 
713  /* default to NULL */
714  *b = NULL;
715 
716  if (!(a_ip1[0] == 0x00000000 && a_ip1[1] == 0x00000000 &&
717  a_ip1[2] == 0x00000000 && a_ip1[3] == 0x00000000) &&
718  !(a_ip2[0] == 0xFFFFFFFF && a_ip2[1] == 0xFFFFFFFF &&
719  a_ip2[2] == 0xFFFFFFFF && a_ip2[3] == 0xFFFFFFFF)) {
720  AddressCutIPv6Copy(ip_nul, a->ip.addr_data32);
721  AddressCutIPv6CopySubOne(a_ip1, a->ip2.addr_data32);
722 
723  DetectAddress *tmp_b = DetectAddressInit();
724  if (tmp_b == NULL)
725  goto error;
726 
727  tmp_b->ip.family = AF_INET6;
728  AddressCutIPv6CopyAddOne(a_ip2, tmp_b->ip.addr_data32);
729  AddressCutIPv6Copy(ip_max, tmp_b->ip2.addr_data32);
730  *b = tmp_b;
731  } else if ((a_ip1[0] == 0x00000000 && a_ip1[1] == 0x00000000 &&
732  a_ip1[2] == 0x00000000 && a_ip1[3] == 0x00000000) &&
733  !(a_ip2[0] == 0xFFFFFFFF && a_ip2[1] == 0xFFFFFFFF &&
734  a_ip2[2] == 0xFFFFFFFF && a_ip2[3] == 0xFFFFFFFF)) {
735  AddressCutIPv6CopyAddOne(a_ip2, a->ip.addr_data32);
736  AddressCutIPv6Copy(ip_max, a->ip2.addr_data32);
737  } else if (!(a_ip1[0] == 0x00000000 && a_ip1[1] == 0x00000000 &&
738  a_ip1[2] == 0x00000000 && a_ip1[3] == 0x00000000) &&
739  (a_ip2[0] == 0xFFFFFFFF && a_ip2[1] == 0xFFFFFFFF &&
740  a_ip2[2] == 0xFFFFFFFF && a_ip2[3] == 0xFFFFFFFF)) {
741  AddressCutIPv6Copy(ip_nul, a->ip.addr_data32);
742  AddressCutIPv6CopySubOne(a_ip1, a->ip2.addr_data32);
743  } else {
744  goto error;
745  }
746 
747  return 0;
748 
749 error:
750  return -1;
751 }
752 
753 
754 /***************************************Unittests******************************/
755 
756 #ifdef UNITTESTS
757 
758 static int AddressTestIPv6Gt01(void)
759 {
760  int result = 0;
761 
762  uint32_t a[4] = { 1, 2, 3, 4 };
763  uint32_t b[4] = { 0, 2, 3, 4 };
764 
765  if (AddressIPv6GtU32(a, b) == 1)
766  result = 1;
767 
768  return result;
769 }
770 
771 static int AddressTestIPv6Gt02(void)
772 {
773  int result = 0;
774 
775  uint32_t a[4] = { 0, 2, 3, 4 };
776  uint32_t b[4] = { 1, 2, 3, 4 };
777 
778  if (AddressIPv6GtU32(a, b) == 0)
779  result = 1;
780 
781  return result;
782 }
783 
784 static int AddressTestIPv6Gt03(void)
785 {
786  int result = 0;
787 
788  uint32_t a[4] = { 1, 2, 3, 4 };
789  uint32_t b[4] = { 1, 2, 3, 4 };
790 
791  if (AddressIPv6GtU32(a, b) == 0)
792  result = 1;
793 
794  return result;
795 }
796 
797 static int AddressTestIPv6Gt04(void)
798 {
799  int result = 0;
800 
801  uint32_t a[4] = { 1, 2, 3, 5 };
802  uint32_t b[4] = { 1, 2, 3, 4 };
803 
804  if (AddressIPv6GtU32(a, b) == 1)
805  result = 1;
806 
807  return result;
808 }
809 
810 static int AddressTestIPv6Lt01(void)
811 {
812  int result = 0;
813 
814  uint32_t a[4] = { 0, 2, 3, 4 };
815  uint32_t b[4] = { 1, 2, 3, 4 };
816 
817  if (AddressIPv6LtU32(a, b) == 1)
818  result = 1;
819 
820  return result;
821 }
822 
823 static int AddressTestIPv6Lt02(void)
824 {
825  int result = 0;
826 
827  uint32_t a[4] = { 1, 2, 3, 4 };
828  uint32_t b[4] = { 0, 2, 3, 4 };
829 
830  if (AddressIPv6LtU32(a, b) == 0)
831  result = 1;
832 
833  return result;
834 }
835 
836 static int AddressTestIPv6Lt03(void)
837 {
838  int result = 0;
839 
840  uint32_t a[4] = { 1, 2, 3, 4 };
841  uint32_t b[4] = { 1, 2, 3, 4 };
842 
843  if (AddressIPv6LtU32(a, b) == 0)
844  result = 1;
845 
846  return result;
847 }
848 
849 static int AddressTestIPv6Lt04(void)
850 {
851  int result = 0;
852 
853  uint32_t a[4] = { 1, 2, 3, 4 };
854  uint32_t b[4] = { 1, 2, 3, 5 };
855 
856  if (AddressIPv6LtU32(a, b) == 1)
857  result = 1;
858 
859  return result;
860 }
861 
862 static int AddressTestIPv6Eq01(void)
863 {
864  int result = 0;
865 
866  uint32_t a[4] = { 0, 2, 3, 4 };
867  uint32_t b[4] = { 1, 2, 3, 4 };
868 
869  if (AddressIPv6EqU32(a, b) == 0)
870  result = 1;
871 
872  return result;
873 }
874 
875 static int AddressTestIPv6Eq02(void)
876 {
877  int result = 0;
878 
879  uint32_t a[4] = { 1, 2, 3, 4 };
880  uint32_t b[4] = { 0, 2, 3, 4 };
881 
882  if (AddressIPv6EqU32(a, b) == 0)
883  result = 1;
884 
885  return result;
886 }
887 
888 static int AddressTestIPv6Eq03(void)
889 {
890  int result = 0;
891 
892  uint32_t a[4] = { 1, 2, 3, 4 };
893  uint32_t b[4] = { 1, 2, 3, 4 };
894 
895  if (AddressIPv6EqU32(a, b) == 1)
896  result = 1;
897 
898  return result;
899 }
900 
901 static int AddressTestIPv6Eq04(void)
902 {
903  int result = 0;
904 
905  uint32_t a[4] = { 1, 2, 3, 4 };
906  uint32_t b[4] = { 1, 2, 3, 5 };
907 
908  if (AddressIPv6EqU32(a, b) == 0)
909  result = 1;
910 
911  return result;
912 }
913 
914 static int AddressTestIPv6Le01(void)
915 {
916  int result = 0;
917 
918  uint32_t a[4] = { 0, 2, 3, 4 };
919  uint32_t b[4] = { 1, 2, 3, 4 };
920 
921  if (AddressIPv6LeU32(a, b) == 1)
922  result = 1;
923 
924  return result;
925 }
926 
927 static int AddressTestIPv6Le02(void)
928 {
929  int result = 0;
930 
931  uint32_t a[4] = { 1, 2, 3, 4 };
932  uint32_t b[4] = { 0, 2, 3, 4 };
933 
934  if (AddressIPv6LeU32(a, b) == 0)
935  result = 1;
936 
937  return result;
938 }
939 
940 static int AddressTestIPv6Le03(void)
941 {
942  int result = 0;
943 
944  uint32_t a[4] = { 1, 2, 3, 4 };
945  uint32_t b[4] = { 1, 2, 3, 4 };
946 
947  if (AddressIPv6LeU32(a, b) == 1)
948  result = 1;
949 
950  return result;
951 }
952 
953 static int AddressTestIPv6Le04(void)
954 {
955  int result = 0;
956 
957  uint32_t a[4] = { 1, 2, 3, 4 };
958  uint32_t b[4] = { 1, 2, 3, 5 };
959 
960  if (AddressIPv6LeU32(a, b) == 1)
961  result = 1;
962 
963  return result;
964 }
965 
966 static int AddressTestIPv6Le05(void)
967 {
968  int result = 0;
969 
970  uint32_t a[4];
971  uint32_t b[4];
972  struct in6_addr in6;
973 
974  if (inet_pton(AF_INET6, "1999:ffff:ffff:ffff:ffff:ffff:ffff:ffff", &in6) != 1)
975  return 0;
976  memcpy(&a, &in6.s6_addr, sizeof(in6.s6_addr));
977 
978  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
979  return 0;
980  memcpy(&b, &in6.s6_addr, sizeof(in6.s6_addr));
981 
982  if (AddressIPv6LeU32(a, b) == 1)
983  result = 1;
984 
985  return result;
986 }
987 
988 static int AddressTestIPv6Ge01(void)
989 {
990  int result = 0;
991 
992  uint32_t a[4] = { 0, 2, 3, 4 };
993  uint32_t b[4] = { 1, 2, 3, 4 };
994 
995  if (AddressIPv6GeU32(a, b) == 0)
996  result = 1;
997 
998  return result;
999 }
1000 
1001 static int AddressTestIPv6Ge02(void)
1002 {
1003  int result = 0;
1004 
1005  uint32_t a[4] = { 1, 2, 3, 4 };
1006  uint32_t b[4] = { 0, 2, 3, 4 };
1007 
1008  if (AddressIPv6GeU32(a, b) == 1)
1009  result = 1;
1010 
1011  return result;
1012 }
1013 
1014 static int AddressTestIPv6Ge03(void)
1015 {
1016  int result = 0;
1017 
1018  uint32_t a[4] = { 1, 2, 3, 4 };
1019  uint32_t b[4] = { 1, 2, 3, 4 };
1020 
1021  if (AddressIPv6GeU32(a, b) == 1)
1022  result = 1;
1023 
1024  return result;
1025 }
1026 
1027 static int AddressTestIPv6Ge04(void)
1028 {
1029  int result = 0;
1030 
1031  uint32_t a[4] = { 1, 2, 3, 4 };
1032  uint32_t b[4] = { 1, 2, 3, 5 };
1033 
1034  if (AddressIPv6GeU32(a, b) == 0)
1035  result = 1;
1036 
1037  return result;
1038 }
1039 
1040 static int AddressTestIPv6Ge05(void)
1041 {
1042  int result = 0;
1043 
1044  uint32_t a[4];
1045  uint32_t b[4];
1046  struct in6_addr in6;
1047 
1048  if (inet_pton(AF_INET6, "1999:ffff:ffff:ffff:ffff:ffff:ffff:ffff", &in6) != 1)
1049  return 0;
1050  memcpy(&a, &in6.s6_addr, sizeof(in6.s6_addr));
1051 
1052  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1053  return 0;
1054  memcpy(&b, &in6.s6_addr, sizeof(in6.s6_addr));
1055 
1056  if (AddressIPv6GeU32(a, b) == 0)
1057  result = 1;
1058 
1059  return result;
1060 }
1061 
1062 static int AddressTestIPv6SubOne01(void)
1063 {
1064  int result = 0;
1065 
1066  uint32_t a[4], b[4];
1067  struct in6_addr in6;
1068 
1069  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1070  return 0;
1071  memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1072 
1073  a[0] = SCNtohl(a[0]);
1074  a[1] = SCNtohl(a[1]);
1075  a[2] = SCNtohl(a[2]);
1076  a[3] = SCNtohl(a[3]);
1077 
1078  AddressCutIPv6CopySubOne(a, b);
1079 
1080  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1081  return 0;
1082  memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1083  if (b[0] == a[0] && b[1] == a[1] &&
1084  b[2] == a[2] && b[3] == a[3]) {
1085  result = 1;
1086  }
1087 
1088  return result;
1089 }
1090 
1091 static int AddressTestIPv6SubOne02(void)
1092 {
1093  int result = 0;
1094 
1095  uint32_t a[4], b[4];
1096  struct in6_addr in6;
1097 
1098  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1099  return 0;
1100  memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1101 
1102  a[0] = SCNtohl(a[0]);
1103  a[1] = SCNtohl(a[1]);
1104  a[2] = SCNtohl(a[2]);
1105  a[3] = SCNtohl(a[3]);
1106 
1107  AddressCutIPv6CopySubOne(a, b);
1108 
1109  if (inet_pton(AF_INET6, "1FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1110  return 0;
1111  memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1112  if (b[0] == a[0] && b[1] == a[1] &&
1113  b[2] == a[2] && b[3] == a[3]) {
1114  result = 1;
1115  }
1116 
1117  return result;
1118 }
1119 
1120 static int AddressTestIPv6AddOne01(void)
1121 {
1122  int result = 0;
1123 
1124  uint32_t a[4], b[4];
1125  struct in6_addr in6;
1126 
1127  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1128  return 0;
1129  memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1130 
1131  a[0] = SCNtohl(a[0]);
1132  a[1] = SCNtohl(a[1]);
1133  a[2] = SCNtohl(a[2]);
1134  a[3] = SCNtohl(a[3]);
1135 
1136  AddressCutIPv6CopyAddOne(a, b);
1137 
1138  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1139  return 0;
1140  memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1141  if (b[0] == a[0] && b[1] == a[1] &&
1142  b[2] == a[2] && b[3] == a[3]) {
1143  result = 1;
1144  }
1145 
1146  return result;
1147 }
1148 
1149 static int AddressTestIPv6AddOne02(void)
1150 {
1151  int result = 0;
1152 
1153  uint32_t a[4], b[4];
1154  struct in6_addr in6;
1155 
1156  if (inet_pton(AF_INET6, "1FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1157  return 0;
1158  memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1159 
1160  a[0] = SCNtohl(a[0]);
1161  a[1] = SCNtohl(a[1]);
1162  a[2] = SCNtohl(a[2]);
1163  a[3] = SCNtohl(a[3]);
1164 
1165  AddressCutIPv6CopyAddOne(a, b);
1166 
1167  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1168  return 0;
1169  memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1170  if (b[0] == a[0] && b[1] == a[1] &&
1171  b[2] == a[2] && b[3] == a[3]) {
1172  result = 1;
1173  }
1174 
1175  return result;
1176 }
1177 
1178 static int AddressTestIPv6AddressCmp01(void)
1179 {
1180  DetectAddress *a = DetectAddressInit();
1181  DetectAddress *b = DetectAddressInit();
1182  struct in6_addr in6;
1183  int result = 1;
1184 
1185  if (a == NULL || b == NULL)
1186  goto error;
1187 
1188  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1189  goto error;
1190  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1191  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1192  goto error;
1193  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1194  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1195  goto error;
1196  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1197  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1198  goto error;
1199  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1200  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_EQ);
1201 
1202  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1203  goto error;
1204  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1205  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1206  goto error;
1207  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1208  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1209  goto error;
1210  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1211  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1212  goto error;
1213  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1214  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_ES);
1215 
1216  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1217  goto error;
1218  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1219  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1220  goto error;
1221  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1222  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1223  goto error;
1224  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1225  if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1226  goto error;
1227  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1228  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_ES);
1229 
1230  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1231  goto error;
1232  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1233  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1234  goto error;
1235  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1236  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1237  goto error;
1238  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1239  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1240  goto error;
1241  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1242  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_ES);
1243 
1244  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1245  goto error;
1246  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1247  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1248  goto error;
1249  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1250  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1251  goto error;
1252  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1253  if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1254  goto error;
1255  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1256  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_ES);
1257 
1258  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1259  goto error;
1260  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1261  if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1262  goto error;
1263  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1264  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1265  goto error;
1266  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1267  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1268  goto error;
1269  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1270  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_ES);
1271 
1272  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1273  goto error;
1274  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1275  if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1276  goto error;
1277  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1278  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1279  goto error;
1280  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1281  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1282  goto error;
1283  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1284  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_EB);
1285 
1286  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1287  goto error;
1288  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1289  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1290  goto error;
1291  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1292  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1293  goto error;
1294  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1295  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1296  goto error;
1297  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1298  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_EB);
1299 
1300  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1301  goto error;
1302  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1303  if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1304  goto error;
1305  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1306  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1307  goto error;
1308  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1309  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1310  goto error;
1311  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1312  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_EB);
1313 
1314  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1315  goto error;
1316  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1317  if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1318  goto error;
1319  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1320  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1321  goto error;
1322  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1323  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1324  goto error;
1325  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1326  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_EB);
1327 
1328  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1329  goto error;
1330  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1331  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1332  goto error;
1333  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1334  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1335  goto error;
1336  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1337  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1338  goto error;
1339  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1340  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_LE);
1341 
1342  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1343  goto error;
1344  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1345  if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1346  goto error;
1347  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1348  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1349  goto error;
1350  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1351  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1352  goto error;
1353  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1354  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_LE);
1355 
1356  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1357  goto error;
1358  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1359  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1360  goto error;
1361  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1362  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1363  goto error;
1364  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1365  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1366  goto error;
1367  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1368  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LE);
1369 
1370  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1371  goto error;
1372  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1373  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1374  goto error;
1375  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1376  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1377  goto error;
1378  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1379  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1380  goto error;
1381  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1382  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_LE);
1383 
1384  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1385  goto error;
1386  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1387  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1388  goto error;
1389  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1390  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1391  goto error;
1392  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1393  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1394  goto error;
1395  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1396  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LE);
1397 
1398  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1399  goto error;
1400  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1401  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1402  goto error;
1403  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1404  if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1405  goto error;
1406  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1407  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1408  goto error;
1409  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1410  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_LT);
1411 
1412  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1413  goto error;
1414  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1415  if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1416  goto error;
1417  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1418  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1419  goto error;
1420  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1421  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1422  goto error;
1423  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1424  /* we could get a LE */
1425  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LT);
1426 
1427  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1428  goto error;
1429  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1430  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1431  goto error;
1432  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1433  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1434  goto error;
1435  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1436  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1437  goto error;
1438  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1439  /* we could get a LE */
1440  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LT);
1441 
1442  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1443  goto error;
1444  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1445  if (inet_pton(AF_INET6, "2000::19", &in6) != 1)
1446  goto error;
1447  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1448  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1449  goto error;
1450  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1451  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1452  goto error;
1453  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1454  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LT);
1455 
1456  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1457  goto error;
1458  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1459  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1460  goto error;
1461  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1462  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1463  goto error;
1464  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1465  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1466  goto error;
1467  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1468  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LT);
1469 
1470  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1471  goto error;
1472  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1473  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1474  goto error;
1475  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1476  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1477  goto error;
1478  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1479  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1480  goto error;
1481  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1482  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LT);
1483 
1484  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1485  goto error;
1486  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1487  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1488  goto error;
1489  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1490  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1491  goto error;
1492  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1493  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1494  goto error;
1495  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1496  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_GE);
1497 
1498  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1499  goto error;
1500  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1501  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1502  goto error;
1503  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1504  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1505  goto error;
1506  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1507  if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1508  goto error;
1509  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1510  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_GE);
1511 
1512  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1513  goto error;
1514  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1515  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1516  goto error;
1517  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1518  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1519  goto error;
1520  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1521  if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1522  goto error;
1523  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1524  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_GE);
1525 
1526  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1527  goto error;
1528  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1529  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1530  goto error;
1531  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1532  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1533  goto error;
1534  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1535  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1536  goto error;
1537  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1538  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_GE);
1539 
1540  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1541  goto error;
1542  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1543  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1544  goto error;
1545  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1546  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1547  goto error;
1548  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1549  if (inet_pton(AF_INET6, "2000::19", &in6) != 1)
1550  goto error;
1551  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1552  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_GE);
1553 
1554  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1555  goto error;
1556  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1557  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1558  goto error;
1559  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1560  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1561  goto error;
1562  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1563  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1564  goto error;
1565  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1566  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_GE);
1567 
1568  if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1569  goto error;
1570  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1571  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1572  goto error;
1573  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1574  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1575  goto error;
1576  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1577  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1578  goto error;
1579  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1580  result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_GT);
1581 
1582  if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1583  goto error;
1584  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1585  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1586  goto error;
1587  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1588  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1589  goto error;
1590  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1591  if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1592  goto error;
1593  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1594  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_GT);
1595 
1596  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1597  goto error;
1598  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1599  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1600  goto error;
1601  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1602  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1603  goto error;
1604  memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1605  if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1606  goto error;
1607  memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1608  result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_GT);
1609 
1610  if (a != NULL)
1611  DetectAddressFree(a);
1612  if (b != NULL)
1613  DetectAddressFree(b);
1614  return result;
1615 
1616  error:
1617  if (a != NULL)
1618  DetectAddressFree(a);
1619  if (b != NULL)
1620  DetectAddressFree(b);
1621  return 0;
1622 }
1623 
1624 static int AddressTestIPv6CutNot01(void)
1625 {
1626  DetectAddress *a = NULL;
1627  DetectAddress *b = NULL;
1628  struct in6_addr in6;
1629  int result = 1;
1630 
1631  if ( (a = DetectAddressInit()) == NULL)
1632  goto error;
1633 
1634  if (inet_pton(AF_INET6, "::", &in6) != 1)
1635  goto error;
1636  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1637  if (inet_pton(AF_INET6, "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1638  goto error;
1639  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1640  result &= (DetectAddressCutNotIPv6(a, &b) == -1);
1641 
1642  if (a != NULL)
1643  DetectAddressFree(a);
1644  if (b != NULL)
1645  DetectAddressFree(b);
1646  return result;
1647 
1648  error:
1649  if (a != NULL)
1650  DetectAddressFree(a);
1651  if (b != NULL)
1652  DetectAddressFree(b);
1653  return 0;
1654 }
1655 
1656 static int AddressTestIPv6CutNot02(void)
1657 {
1658  DetectAddress *a = NULL;
1659  DetectAddress *b = NULL;
1660  DetectAddress *temp = NULL;
1661  struct in6_addr in6;
1662  int result = 1;
1663 
1664  if ( (a = DetectAddressInit()) == NULL)
1665  goto error;
1666  if ( (temp = DetectAddressInit()) == NULL)
1667  goto error;
1668 
1669  if (inet_pton(AF_INET6, "::", &in6) != 1)
1670  goto error;
1671  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1672  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1673  goto error;
1674  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1675  result &= (DetectAddressCutNotIPv6(a, &b) == 0);
1676 
1677  result &= (b == NULL);
1678 
1679  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1680  goto error;
1681  memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1682  if (inet_pton(AF_INET6, "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1683  goto error;
1684  memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1685 
1686  result = (DetectAddressCmpIPv6(a, temp) == ADDRESS_EQ);
1687 
1688  if (a != NULL)
1689  DetectAddressFree(a);
1690  if (b != NULL)
1691  DetectAddressFree(b);
1692  if (temp != NULL)
1693  DetectAddressFree(temp);
1694  return result;
1695 
1696  error:
1697  if (a != NULL)
1698  DetectAddressFree(a);
1699  if (b != NULL)
1700  DetectAddressFree(b);
1701  if (temp != NULL)
1702  DetectAddressFree(temp);
1703  return 0;
1704 }
1705 
1706 static int AddressTestIPv6CutNot03(void)
1707 {
1708  DetectAddress *a = NULL;
1709  DetectAddress *b = NULL;
1710  DetectAddress *temp = NULL;
1711  struct in6_addr in6;
1712  int result = 1;
1713 
1714  if ( (a = DetectAddressInit()) == NULL)
1715  goto error;
1716  if ( (temp = DetectAddressInit()) == NULL)
1717  goto error;
1718 
1719  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1720  goto error;
1721  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1722  if (inet_pton(AF_INET6, "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1723  goto error;
1724  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1725  result &= (DetectAddressCutNotIPv6(a, &b) == 0);
1726 
1727  result &= (b == NULL);
1728 
1729  if (inet_pton(AF_INET6, "::", &in6) != 1)
1730  goto error;
1731  memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1732  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1733  goto error;
1734  memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1735 
1736  result = (DetectAddressCmpIPv6(a, temp) == ADDRESS_EQ);
1737 
1738  if (a != NULL)
1739  DetectAddressFree(a);
1740  if (b != NULL)
1741  DetectAddressFree(b);
1742  if (temp != NULL)
1743  DetectAddressFree(temp);
1744  return result;
1745 
1746  error:
1747  if (a != NULL)
1748  DetectAddressFree(a);
1749  if (b != NULL)
1750  DetectAddressFree(b);
1751  if (temp != NULL)
1752  DetectAddressFree(temp);
1753  return 0;
1754 }
1755 
1756 static int AddressTestIPv6CutNot04(void)
1757 {
1758  DetectAddress *a = NULL;
1759  DetectAddress *b = NULL;
1760  DetectAddress *temp = NULL;
1761  struct in6_addr in6;
1762  int result = 1;
1763 
1764  if ( (a = DetectAddressInit()) == NULL)
1765  goto error;
1766  if ( (temp = DetectAddressInit()) == NULL)
1767  goto error;
1768 
1769  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1770  goto error;
1771  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1772  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1773  goto error;
1774  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1775  result &= (DetectAddressCutNotIPv6(a, &b) == 0);
1776 
1777  if (inet_pton(AF_INET6, "::", &in6) != 1)
1778  goto error;
1779  memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1780  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1781  goto error;
1782  memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1783  result = (DetectAddressCmpIPv6(a, temp) == ADDRESS_EQ);
1784 
1785  result &= (b != NULL);
1786  if (result == 0)
1787  goto error;
1788  if (inet_pton(AF_INET6, "2000::2", &in6) != 1)
1789  goto error;
1790  memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1791  if (inet_pton(AF_INET6, "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1792  goto error;
1793  memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1794  result = (DetectAddressCmpIPv6(b, temp) == ADDRESS_EQ);
1795 
1796  if (a != NULL)
1797  DetectAddressFree(a);
1798  if (b != NULL)
1799  DetectAddressFree(b);
1800  if (temp != NULL)
1801  DetectAddressFree(temp);
1802  return result;
1803 
1804  error:
1805  if (a != NULL)
1806  DetectAddressFree(a);
1807  if (b != NULL)
1808  DetectAddressFree(b);
1809  if (temp != NULL)
1810  DetectAddressFree(temp);
1811  return 0;
1812 }
1813 
1814 static int AddressTestIPv6CutNot05(void)
1815 {
1816  DetectAddress *a = NULL;
1817  DetectAddress *b = NULL;
1818  DetectAddress *temp = NULL;
1819  struct in6_addr in6;
1820  int result = 1;
1821 
1822  if ( (a = DetectAddressInit()) == NULL)
1823  goto error;
1824  if ( (temp = DetectAddressInit()) == NULL)
1825  goto error;
1826 
1827  if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1828  goto error;
1829  memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1830  if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1831  goto error;
1832  memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1833  result &= (DetectAddressCutNotIPv6(a, &b) == 0);
1834 
1835  if (inet_pton(AF_INET6, "::", &in6) != 1)
1836  goto error;
1837  memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1838  if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1839  goto error;
1840  memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1841  result = (DetectAddressCmpIPv6(a, temp) == ADDRESS_EQ);
1842 
1843  result &= (b != NULL);
1844  if (result == 0)
1845  goto error;
1846  if (inet_pton(AF_INET6, "2000::21", &in6) != 1)
1847  goto error;
1848  memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1849  if (inet_pton(AF_INET6, "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1850  goto error;
1851  memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1852  result = (DetectAddressCmpIPv6(b, temp) == ADDRESS_EQ);
1853 
1854  if (a != NULL)
1855  DetectAddressFree(a);
1856  if (b != NULL)
1857  DetectAddressFree(b);
1858  if (temp != NULL)
1859  DetectAddressFree(temp);
1860  return result;
1861 
1862  error:
1863  if (a != NULL)
1864  DetectAddressFree(a);
1865  if (b != NULL)
1866  DetectAddressFree(b);
1867  if (temp != NULL)
1868  DetectAddressFree(temp);
1869  return 0;
1870 }
1871 
1872 #endif /* UNITTESTS */
1873 
1874 void DetectAddressIPv6Tests(void)
1875 {
1876 
1877 #ifdef UNITTESTS
1878  UtRegisterTest("AddressTestIPv6Gt01", AddressTestIPv6Gt01);
1879  UtRegisterTest("AddressTestIPv6Gt02", AddressTestIPv6Gt02);
1880  UtRegisterTest("AddressTestIPv6Gt03", AddressTestIPv6Gt03);
1881  UtRegisterTest("AddressTestIPv6Gt04", AddressTestIPv6Gt04);
1882 
1883  UtRegisterTest("AddressTestIPv6Lt01", AddressTestIPv6Lt01);
1884  UtRegisterTest("AddressTestIPv6Lt02", AddressTestIPv6Lt02);
1885  UtRegisterTest("AddressTestIPv6Lt03", AddressTestIPv6Lt03);
1886  UtRegisterTest("AddressTestIPv6Lt04", AddressTestIPv6Lt04);
1887 
1888  UtRegisterTest("AddressTestIPv6Eq01", AddressTestIPv6Eq01);
1889  UtRegisterTest("AddressTestIPv6Eq02", AddressTestIPv6Eq02);
1890  UtRegisterTest("AddressTestIPv6Eq03", AddressTestIPv6Eq03);
1891  UtRegisterTest("AddressTestIPv6Eq04", AddressTestIPv6Eq04);
1892 
1893  UtRegisterTest("AddressTestIPv6Le01", AddressTestIPv6Le01);
1894  UtRegisterTest("AddressTestIPv6Le02", AddressTestIPv6Le02);
1895  UtRegisterTest("AddressTestIPv6Le03", AddressTestIPv6Le03);
1896  UtRegisterTest("AddressTestIPv6Le04", AddressTestIPv6Le04);
1897  UtRegisterTest("AddressTestIPv6Le05", AddressTestIPv6Le05);
1898 
1899  UtRegisterTest("AddressTestIPv6Ge01", AddressTestIPv6Ge01);
1900  UtRegisterTest("AddressTestIPv6Ge02", AddressTestIPv6Ge02);
1901  UtRegisterTest("AddressTestIPv6Ge03", AddressTestIPv6Ge03);
1902  UtRegisterTest("AddressTestIPv6Ge04", AddressTestIPv6Ge04);
1903  UtRegisterTest("AddressTestIPv6Ge05", AddressTestIPv6Ge05);
1904 
1905  UtRegisterTest("AddressTestIPv6SubOne01", AddressTestIPv6SubOne01);
1906  UtRegisterTest("AddressTestIPv6SubOne02", AddressTestIPv6SubOne02);
1907 
1908  UtRegisterTest("AddressTestIPv6AddOne01", AddressTestIPv6AddOne01);
1909  UtRegisterTest("AddressTestIPv6AddOne02", AddressTestIPv6AddOne02);
1910 
1911  UtRegisterTest("AddressTestIPv6AddressCmp01", AddressTestIPv6AddressCmp01);
1912 
1913  UtRegisterTest("AddressTestIPv6CutNot01", AddressTestIPv6CutNot01);
1914  UtRegisterTest("AddressTestIPv6CutNot02", AddressTestIPv6CutNot02);
1915  UtRegisterTest("AddressTestIPv6CutNot03", AddressTestIPv6CutNot03);
1916  UtRegisterTest("AddressTestIPv6CutNot04", AddressTestIPv6CutNot04);
1917  UtRegisterTest("AddressTestIPv6CutNot05", AddressTestIPv6CutNot05);
1918 #endif /* UNITTESTS */
1919 }
DetectAddress_::ip
Address ip
Definition: detect.h:167
DetectAddressFree
void DetectAddressFree(DetectAddress *ag)
Frees a DetectAddress instance.
Definition: detect-engine-address.c:82
DetectAddressCutIPv6
int DetectAddressCutIPv6(DetectEngineCtx *de_ctx, DetectAddress *a, DetectAddress *b, DetectAddress **c)
Definition: detect-engine-address-ipv6.c:353
detect-engine-siggroup.h
AddressIPv6Le
int AddressIPv6Le(const Address *a, const Address *b)
Compares 2 ipv6 addresses and returns if the first address(a) is less than or equal to the second add...
Definition: detect-engine-address-ipv6.c:162
UtRegisterTest
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
Definition: util-unittest.c:103
DetectAddress_
address structure for use in the detection engine.
Definition: detect.h:165
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:269
AddressIPv6Eq
int AddressIPv6Eq(const Address *a, const Address *b)
Compares 2 ipv6 addresses and returns if the addresses are equal or not.
Definition: detect-engine-address-ipv6.c:128
Address_::address
union Address_::@26 address
ADDRESS_EB
@ ADDRESS_EB
Definition: detect.h:154
DetectEngineCtx_
main detection engine ctx
Definition: detect.h:841
Address_
Definition: decode.h:108
ADDRESS_GT
@ ADDRESS_GT
Definition: detect.h:156
util-unittest.h
util-cidr.h
decode.h
util-debug.h
de_ctx
DetectEngineCtx * de_ctx
Definition: fuzz_siginit.c:17
ADDRESS_GE
@ ADDRESS_GE
Definition: detect.h:155
detect.h
ADDRESS_LT
@ ADDRESS_LT
Definition: detect.h:150
detect-engine-port.h
ADDRESS_LE
@ ADDRESS_LE
Definition: detect.h:151
DetectAddress_::ip2
Address ip2
Definition: detect.h:168
ADDRESS_ER
@ ADDRESS_ER
Definition: detect.h:149
suricata-common.h
AddressIPv6EqU32
int AddressIPv6EqU32(uint32_t *a, uint32_t *b)
Definition: detect-engine-address-ipv6.c:140
AddressIPv6GeU32
int AddressIPv6GeU32(uint32_t *a, uint32_t *b)
Definition: detect-engine-address-ipv6.c:205
detect-engine-address-ipv6.h
DetectAddressCmpIPv6
int DetectAddressCmpIPv6(DetectAddress *a, DetectAddress *b)
Compares 2 addresses(address ranges) and returns the relationship between the 2 addresses.
Definition: detect-engine-address-ipv6.c:232
SCNtohl
#define SCNtohl(x)
Definition: suricata-common.h:413
AddressIPv6Lt
int AddressIPv6Lt(const Address *a, const Address *b)
Compares 2 ipv6 addresses and returns if the first address(a) is less than the second address(b) or n...
Definition: detect-engine-address-ipv6.c:52
AddressIPv6LeU32
int AddressIPv6LeU32(uint32_t *a, uint32_t *b)
Definition: detect-engine-address-ipv6.c:173
DetectAddressCutNotIPv6
int DetectAddressCutNotIPv6(DetectAddress *a, DetectAddress **b)
Cuts and returns an address range, which is the complement of the address range that is supplied as t...
Definition: detect-engine-address-ipv6.c:704
Address_::family
char family
Definition: decode.h:109
AddressIPv6GtU32
int AddressIPv6GtU32(uint32_t *a, uint32_t *b)
Definition: detect-engine-address-ipv6.c:104
DetectAddressIPv6Tests
void DetectAddressIPv6Tests(void)
Definition: detect-engine-address-ipv6.c:1874
AddressIPv6Gt
int AddressIPv6Gt(const Address *a, const Address *b)
Compares 2 ipv6 addresses and returns if the first address(a) is greater than the second address(b) o...
Definition: detect-engine-address-ipv6.c:90
AddressIPv6LtU32
int AddressIPv6LtU32(uint32_t *a, uint32_t *b)
Definition: detect-engine-address-ipv6.c:66
AddressIPv6Ge
int AddressIPv6Ge(const Address *a, const Address *b)
Compares 2 ipv6 addresses and returns if the first address(a) is greater than or equal to the second ...
Definition: detect-engine-address-ipv6.c:194
flow-var.h
detect-engine-address.h
ADDRESS_EQ
@ ADDRESS_EQ
Definition: detect.h:152
DetectAddressInit
DetectAddress * DetectAddressInit(void)
Creates and returns a new instance of a DetectAddress.
Definition: detect-engine-address.c:69
ADDRESS_ES
@ ADDRESS_ES
Definition: detect.h:153