Go to the documentation of this file.
53 static void DetectFilesizeRegisterTests (
void);
55 static int g_file_match_list_id = 0;
100 SCLogDebug(
"file size %" PRIu64
", check %" PRIu64, file_size, fsd->arg1);
132 DetectFilesizeFree(
de_ctx, fsd);
147 SCDetectU64Free(ptr);
158 static int DetectFilesizeParseTest01(
void)
164 DetectFilesizeFree(NULL, fsd);
170 static int DetectFilesizeParseTest02(
void)
176 DetectFilesizeFree(NULL, fsd);
182 static int DetectFilesizeParseTest03(
void)
188 DetectFilesizeFree(NULL, fsd);
194 static int DetectFilesizeParseTest04(
void)
201 DetectFilesizeFree(NULL, fsd);
207 static int DetectFilesizeParseTest05(
void)
214 DetectFilesizeFree(NULL, fsd);
225 static int DetectFilesizeInitTest(
237 FAIL_IF(snprintf(fullstr, 1024,
238 "alert http any any -> any any (msg:\"Filesize "
239 "test\"; filesize:%s; sid:1;)",
245 *sig = (*de_ctx)->sig_list;
259 static int DetectFilesizeSetpTest01(
void)
267 res = DetectFilesizeInitTest(&
de_ctx, &sig, &fsd,
"1 <> 3 ");
275 DetectFilesizeFree(NULL, fsd);
284 void DetectFilesizeRegisterTests(
void)
286 UtRegisterTest(
"DetectFilesizeParseTest01", DetectFilesizeParseTest01);
287 UtRegisterTest(
"DetectFilesizeParseTest02", DetectFilesizeParseTest02);
288 UtRegisterTest(
"DetectFilesizeParseTest03", DetectFilesizeParseTest03);
289 UtRegisterTest(
"DetectFilesizeParseTest04", DetectFilesizeParseTest04);
290 UtRegisterTest(
"DetectFilesizeParseTest05", DetectFilesizeParseTest05);
291 UtRegisterTest(
"DetectFilesizeSetpTest01", DetectFilesizeSetpTest01);
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
SigTableElmt * sigmatch_table
void(* Free)(DetectEngineCtx *, void *)
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
int(* FileMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, File *, const Signature *, const SigMatchCtx *)
void DetectFilesizeRegister(void)
Registration function for filesize: keyword.
main detection engine ctx
void DetectEngineCtxFree(DetectEngineCtx *)
Free a DetectEngineCtx::
Signature * DetectEngineAppendSig(DetectEngineCtx *, const char *)
Parse and append a Signature into the Detection Engine Context signature list.
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
#define FAIL_IF_NOT(expr)
Fail a test if expression evaluates to false.
#define PASS
Pass the test.
#define SIGMATCH_SUPPORT_DIR
uint64_t FileTrackedSize(const File *file)
get the size of the file
Data structures and function prototypes for keeping state for the detection engine.
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
#define FAIL_IF(expr)
Fail a test if expression evaluates to true.
int DetectBufferTypeRegister(const char *name)
DetectUintData_u64 * DetectU64Parse(const char *u64str)
DetectUintData_u64 DetectU64Data
int DetectU64Match(const uint64_t parg, const DetectUintData_u64 *du64)
DetectEngineCtx * DetectEngineCtxInit(void)
#define FILE_SIG_NEED_FILE
SigMatch * SigMatchAppendSMToList(DetectEngineCtx *de_ctx, Signature *s, uint16_t type, SigMatchCtx *ctx, const int list)
Append a SigMatch to the list type.
#define FILE_SIG_NEED_SIZE
void(* RegisterTests)(void)