Go to the source code of this file.
Data Structures | |
| struct | InspectionBuffer |
Typedefs | |
| typedef struct InspectionBuffer | InspectionBuffer |
| typedef struct DetectEngineThreadCtx_ | DetectEngineThreadCtx |
| typedef struct DetectEngineTransforms | DetectEngineTransforms |
| typedef struct SigMatch_ | SigMatch |
Functions | |
| void | InspectionBufferInit (InspectionBuffer *buffer, uint32_t initial_size) |
| void | InspectionBufferSetup (DetectEngineThreadCtx *det_ctx, const int list_id, InspectionBuffer *buffer, const uint8_t *data, const uint32_t data_len) |
| setup the buffer with our initial data More... | |
| void | InspectionBufferSetupAndApplyTransforms (DetectEngineThreadCtx *det_ctx, const int list_id, InspectionBuffer *buffer, const uint8_t *data, const uint32_t data_len, const DetectEngineTransforms *transforms) |
| setup the buffer with our initial data More... | |
| void | InspectionBufferFree (InspectionBuffer *buffer) |
| uint8_t * | SCInspectionBufferCheckAndExpand (InspectionBuffer *buffer, uint32_t min_size) |
| make sure that the buffer has at least 'min_size' bytes Expand the buffer if necessary More... | |
| void | SCInspectionBufferTruncate (InspectionBuffer *buffer, uint32_t buf_len) |
| void | InspectionBufferCopy (InspectionBuffer *buffer, uint8_t *buf, uint32_t buf_len) |
| void | InspectionBufferApplyTransforms (DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer, const DetectEngineTransforms *transforms) |
| void | InspectionBufferClean (DetectEngineThreadCtx *det_ctx) |
| InspectionBuffer * | InspectionBufferGet (DetectEngineThreadCtx *det_ctx, const int list_id) |
| void | InspectionBufferSetupMultiEmpty (InspectionBuffer *buffer) |
| setup the buffer empty More... | |
| void | InspectionBufferSetupMulti (DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer, const DetectEngineTransforms *transforms, const uint8_t *data, const uint32_t data_len) |
| setup the buffer with our initial data More... | |
| InspectionBuffer * | InspectionBufferMultipleForListGet (DetectEngineThreadCtx *det_ctx, const int list_id, uint32_t local_id) |
| for a InspectionBufferMultipleForList get a InspectionBuffer More... | |
Detailed Description
Definition in file detect-engine-inspect-buffer.h.
Typedef Documentation
◆ DetectEngineThreadCtx
| typedef struct DetectEngineThreadCtx_ DetectEngineThreadCtx |
Definition at line 1 of file detect-engine-inspect-buffer.h.
◆ DetectEngineTransforms
| typedef struct DetectEngineTransforms DetectEngineTransforms |
Definition at line 1 of file detect-engine-inspect-buffer.h.
◆ InspectionBuffer
| typedef struct InspectionBuffer InspectionBuffer |
◆ SigMatch
Definition at line 1 of file detect-engine-inspect-buffer.h.
Function Documentation
◆ InspectionBufferApplyTransforms()
| void InspectionBufferApplyTransforms | ( | DetectEngineThreadCtx * | det_ctx, |
| InspectionBuffer * | buffer, | ||
| const DetectEngineTransforms * | transforms | ||
| ) |
Definition at line 128 of file detect-engine-inspect-buffer.c.
◆ InspectionBufferClean()
| void InspectionBufferClean | ( | DetectEngineThreadCtx * | det_ctx | ) |
Definition at line 30 of file detect-engine-inspect-buffer.c.
References DetectEngineThreadCtx_::buffers, InspectionBufferMultipleForList::init, InspectionBuffer::initialized, InspectionBuffer::inspect, DetectEngineThreadCtx_::inspect, InspectionBufferMultipleForList::inspection_buffers, InspectionBufferMultipleForList::max, DetectEngineThreadCtx_::multi_inspect, DetectEngineThreadCtx_::to_clear_idx, and DetectEngineThreadCtx_::to_clear_queue.
◆ InspectionBufferCopy()
| void InspectionBufferCopy | ( | InspectionBuffer * | buffer, |
| uint8_t * | buf, | ||
| uint32_t | buf_len | ||
| ) |
Definition at line 246 of file detect-engine-inspect-buffer.c.
References InspectionBuffer::buf, InspectionBuffer::initialized, InspectionBuffer::inspect, InspectionBuffer::inspect_len, MIN, SCInspectionBufferCheckAndExpand(), and InspectionBuffer::size.
◆ InspectionBufferFree()
| void InspectionBufferFree | ( | InspectionBuffer * | buffer | ) |
Definition at line 205 of file detect-engine-inspect-buffer.c.
References InspectionBuffer::buf, and SCFree.
◆ InspectionBufferGet()
| InspectionBuffer* InspectionBufferGet | ( | DetectEngineThreadCtx * | det_ctx, |
| const int | list_id | ||
| ) |
Definition at line 56 of file detect-engine-inspect-buffer.c.
References DetectEngineThreadCtx_::buffers, and DetectEngineThreadCtx_::inspect.
Referenced by DetectHelperGetData().
◆ InspectionBufferInit()
| void InspectionBufferInit | ( | InspectionBuffer * | buffer, |
| uint32_t | initial_size | ||
| ) |
Definition at line 134 of file detect-engine-inspect-buffer.c.
References InspectionBuffer::buf, SCCalloc, and InspectionBuffer::size.
◆ InspectionBufferMultipleForListGet()
| InspectionBuffer* InspectionBufferMultipleForListGet | ( | DetectEngineThreadCtx * | det_ctx, |
| const int | list_id, | ||
| const uint32_t | local_id | ||
| ) |
for a InspectionBufferMultipleForList get a InspectionBuffer
- Parameters
-
fb the multiple buffer array local_id the index to get a buffer buffer the inspect buffer or NULL in case of error
Definition at line 76 of file detect-engine-inspect-buffer.c.
References DETECT_EVENT_TOO_MANY_BUFFERS, DetectEngineSetEvent(), and unlikely.
Referenced by DetectGetMultiData().
◆ InspectionBufferSetup()
| void InspectionBufferSetup | ( | DetectEngineThreadCtx * | det_ctx, |
| const int | list_id, | ||
| InspectionBuffer * | buffer, | ||
| const uint8_t * | data, | ||
| const uint32_t | data_len | ||
| ) |
setup the buffer with our initial data
Definition at line 190 of file detect-engine-inspect-buffer.c.
◆ InspectionBufferSetupAndApplyTransforms()
| void InspectionBufferSetupAndApplyTransforms | ( | DetectEngineThreadCtx * | det_ctx, |
| const int | list_id, | ||
| InspectionBuffer * | buffer, | ||
| const uint8_t * | data, | ||
| const uint32_t | data_len, | ||
| const DetectEngineTransforms * | transforms | ||
| ) |
setup the buffer with our initial data
Definition at line 197 of file detect-engine-inspect-buffer.c.
Referenced by DetectHelperGetData().
◆ InspectionBufferSetupMulti()
| void InspectionBufferSetupMulti | ( | DetectEngineThreadCtx * | det_ctx, |
| InspectionBuffer * | buffer, | ||
| const DetectEngineTransforms * | transforms, | ||
| const uint8_t * | data, | ||
| const uint32_t | data_len | ||
| ) |
setup the buffer with our initial data
Definition at line 157 of file detect-engine-inspect-buffer.c.
References DEBUG_VALIDATE_BUG_ON, InspectionBuffer::initialized, InspectionBuffer::inspect, InspectionBuffer::inspect_len, InspectionBuffer::len, InspectionBuffer::orig, and InspectionBuffer::orig_len.
Referenced by DetectGetMultiData().
◆ InspectionBufferSetupMultiEmpty()
| void InspectionBufferSetupMultiEmpty | ( | InspectionBuffer * | buffer | ) |
setup the buffer empty
Definition at line 144 of file detect-engine-inspect-buffer.c.
References DEBUG_VALIDATE_BUG_ON, InspectionBuffer::initialized, InspectionBuffer::inspect, InspectionBuffer::inspect_len, and InspectionBuffer::len.
Referenced by DetectGetMultiData().
◆ SCInspectionBufferCheckAndExpand()
| uint8_t* SCInspectionBufferCheckAndExpand | ( | InspectionBuffer * | buffer, |
| uint32_t | min_size | ||
| ) |
make sure that the buffer has at least 'min_size' bytes Expand the buffer if necessary
Definition at line 217 of file detect-engine-inspect-buffer.c.
References InspectionBuffer::buf, likely, SCRealloc, and InspectionBuffer::size.
Referenced by FileSwfDecompression(), and InspectionBufferCopy().
◆ SCInspectionBufferTruncate()
| void SCInspectionBufferTruncate | ( | InspectionBuffer * | buffer, |
| uint32_t | buf_len | ||
| ) |
Definition at line 237 of file detect-engine-inspect-buffer.c.
References InspectionBuffer::buf, DEBUG_VALIDATE_BUG_ON, InspectionBuffer::initialized, InspectionBuffer::inspect, InspectionBuffer::inspect_len, and InspectionBuffer::size.
