Go to the documentation of this file.
53 static void DetectFilesizeRegisterTests (
void);
55 static int g_file_match_list_id = 0;
101 SCLogDebug(
"file size %" PRIu64
", check %" PRIu64, file_size, fsd->arg1);
133 DetectFilesizeFree(
de_ctx, fsd);
148 SCDetectU64Free(ptr);
159 static int DetectFilesizeParseTest01(
void)
165 DetectFilesizeFree(NULL, fsd);
171 static int DetectFilesizeParseTest02(
void)
177 DetectFilesizeFree(NULL, fsd);
183 static int DetectFilesizeParseTest03(
void)
189 DetectFilesizeFree(NULL, fsd);
195 static int DetectFilesizeParseTest04(
void)
202 DetectFilesizeFree(NULL, fsd);
208 static int DetectFilesizeParseTest05(
void)
215 DetectFilesizeFree(NULL, fsd);
226 static int DetectFilesizeInitTest(
238 FAIL_IF(snprintf(fullstr, 1024,
239 "alert http any any -> any any (msg:\"Filesize "
240 "test\"; filesize:%s; sid:1;)",
246 *sig = (*de_ctx)->sig_list;
260 static int DetectFilesizeSetpTest01(
void)
268 res = DetectFilesizeInitTest(&
de_ctx, &sig, &fsd,
"1 <> 3 ");
276 DetectFilesizeFree(NULL, fsd);
285 void DetectFilesizeRegisterTests(
void)
287 UtRegisterTest(
"DetectFilesizeParseTest01", DetectFilesizeParseTest01);
288 UtRegisterTest(
"DetectFilesizeParseTest02", DetectFilesizeParseTest02);
289 UtRegisterTest(
"DetectFilesizeParseTest03", DetectFilesizeParseTest03);
290 UtRegisterTest(
"DetectFilesizeParseTest04", DetectFilesizeParseTest04);
291 UtRegisterTest(
"DetectFilesizeParseTest05", DetectFilesizeParseTest05);
292 UtRegisterTest(
"DetectFilesizeSetpTest01", DetectFilesizeSetpTest01);
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
SigTableElmt * sigmatch_table
void(* Free)(DetectEngineCtx *, void *)
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
int(* FileMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, File *, const Signature *, const SigMatchCtx *)
void DetectFilesizeRegister(void)
Registration function for filesize: keyword.
main detection engine ctx
void DetectEngineCtxFree(DetectEngineCtx *)
Free a DetectEngineCtx::
Signature * DetectEngineAppendSig(DetectEngineCtx *, const char *)
Parse and append a Signature into the Detection Engine Context signature list.
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
#define FAIL_IF_NOT(expr)
Fail a test if expression evaluates to false.
#define PASS
Pass the test.
#define SIGMATCH_INFO_MULTI_UINT
#define SIGMATCH_SUPPORT_DIR
SigMatch * SCSigMatchAppendSMToList(DetectEngineCtx *de_ctx, Signature *s, uint16_t type, SigMatchCtx *ctx, const int list)
Append a SigMatch to the list type.
uint64_t FileTrackedSize(const File *file)
get the size of the file
Data structures and function prototypes for keeping state for the detection engine.
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
#define FAIL_IF(expr)
Fail a test if expression evaluates to true.
int DetectBufferTypeRegister(const char *name)
#define SIGMATCH_INFO_UINT64
DetectUintData_u64 * DetectU64Parse(const char *u64str)
DetectUintData_u64 DetectU64Data
int DetectU64Match(const uint64_t parg, const DetectUintData_u64 *du64)
DetectEngineCtx * DetectEngineCtxInit(void)
#define FILE_SIG_NEED_FILE
#define FILE_SIG_NEED_SIZE
void(* RegisterTests)(void)