57 static void DetectFileextRegisterTests(
void);
58 static void DetectFileextFree(
void *);
59 static int g_file_match_list_id = 0;
103 if (file->
name == NULL)
112 if (file->
name[offset - 1] ==
'.' &&
113 SCMemcmpLowercase(fileext->
ext, file->
name + offset, fileext->
len) == 0)
150 for (u = 0; u < fileext->
len; u++)
151 fileext->
ext[u] = tolower(fileext->
ext[u]);
166 memcpy(ext, fileext->
ext, fileext->
len);
167 ext[fileext->
len] =
'\0';
178 DetectFileextFree(fileext);
210 sm->
ctx = (
void *)fileext;
219 DetectFileextFree(fileext);
231 static void DetectFileextFree(
void *ptr)
235 if (fileext->
ext != NULL)
246 static int DetectFileextTestParse01 (
void)
250 DetectFileextFree(dfd);
259 static int DetectFileextTestParse02 (
void)
265 if (dfd->
len == 6 && memcmp(dfd->
ext,
"tar.gz", 6) == 0) {
269 DetectFileextFree(dfd);
278 static int DetectFileextTestParse03 (
void)
284 if (dfd->
len == 3 && memcmp(dfd->
ext,
"pdf", 3) == 0) {
288 DetectFileextFree(dfd);
299 void DetectFileextRegisterTests(
void)
302 UtRegisterTest(
"DetectFileextTestParse01", DetectFileextTestParse01);
303 UtRegisterTest(
"DetectFileextTestParse02", DetectFileextTestParse02);
304 UtRegisterTest(
"DetectFileextTestParse03", DetectFileextTestParse03);
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
SignatureInitData * init_data
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int DetectContentDataParse(const char *keyword, const char *contentstr, uint8_t **pstr, uint16_t *plen)
Parse a content string, ie "abc|DE|fgh".
#define FILE_SIG_NEED_FILENAME
void DetectFileextRegister(void)
Registration function for keyword: fileext.
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
main detection engine ctx
int SCLogDebugEnabled(void)
Returns whether debug messages are enabled to be logged or not.
int(* FileMatch)(ThreadVars *, DetectEngineThreadCtx *, Flow *, uint8_t flags, File *, const Signature *, const SigMatchCtx *)
Data structures and function prototypes for keeping state for the detection engine.
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
#define SIGMATCH_QUOTES_OPTIONAL
#define FILE_SIG_NEED_FILE
void SigMatchAppendSMToList(Signature *s, SigMatch *new, int list)
Append a SigMatch to the list type.
int DetectBufferTypeRegister(const char *name)
#define DETECT_CONTENT_NEGATED
SigMatch * SigMatchAlloc(void)
Per thread variable structure.
#define SIGMATCH_HANDLE_NEGATION
void(* RegisterTests)(void)
a single match condition for a signature