suricata: src/detect-isdataat.c File Reference

suricata

#include "suricata-common.h"
#include "decode.h"
#include "detect.h"
#include "detect-engine.h"
#include "detect-parse.h"
#include "app-layer.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "detect-isdataat.h"
#include "detect-content.h"
#include "detect-uricontent.h"
#include "detect-engine-build.h"
#include "flow.h"
#include "flow-var.h"
#include "util-debug.h"
#include "util-byte.h"
#include "detect-pcre.h"
#include "detect-byte.h"

Include dependency graph for detect-isdataat.c:

Go to the source code of this file.

Macros
#define	PARSE_REGEX "^\\s!?([^\\s,]+)\\s(,\\srelative)?\\s(,\\srawbytes\\s)?\\s*$"
	Regex for parsing our isdataat options. More...

Functions
int	DetectIsdataatSetup (DetectEngineCtx de_ctx, Signature s, const char *isdataatstr)
	This function is used to add the parsed isdataatdata into the current signature. More...

void	DetectIsdataatFree (DetectEngineCtx de_ctx, void ptr)
	this function will free memory associated with DetectIsdataatData More...

void	DetectIsdataatRegister (void)
	Registration function for isdataat: keyword. More...

Detailed Description

Author: Pablo Rincon pablo.nosp@m..rin.nosp@m.con.c.nosp@m.resp.nosp@m.o@gma.nosp@m.il.c.nosp@m.om

Implements isdataat keyword

Definition in file detect-isdataat.c.

Macro Definition Documentation

◆ PARSE_REGEX

#define PARSE_REGEX "^\\s*!?([^\\s,]+)\\s*(,\\s*relative)?\\s*(,\\s*rawbytes\\s*)?\\s*$"

Regex for parsing our isdataat options.

Definition at line 53 of file detect-isdataat.c.

Function Documentation

◆ DetectIsdataatFree()

void DetectIsdataatFree	(	DetectEngineCtx *	de_ctx,
		void *	ptr
	)

this function will free memory associated with DetectIsdataatData

Parameters

idad	pointer to DetectIsdataatData

Definition at line 312 of file detect-isdataat.c.

References SCFree.

Referenced by DetectIsdataatRegister().

Here is the caller graph for this function:

◆ DetectIsdataatRegister()

void DetectIsdataatRegister ( void )

Registration function for isdataat: keyword.

Definition at line 67 of file detect-isdataat.c.

References SigTableElmt_::desc, DETECT_ISDATAAT, DetectIsdataatFree(), DetectIsdataatSetup(), SigTableElmt_::Free, SigTableElmt_::Match, SigTableElmt_::name, SigTableElmt_::RegisterTests, SigTableElmt_::Setup, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ DetectIsdataatSetup()

int DetectIsdataatSetup	(	DetectEngineCtx *	de_ctx,
		Signature *	s,
		const char *	isdataatstr
	)

This function is used to add the parsed isdataatdata into the current signature.

Parameters

de_ctx	pointer to the Detection Engine Context
s	pointer to the Current Signature
isdataatstr	pointer to the user provided isdataat options

Return values

0	on Success
-1	on Failure

Definition at line 212 of file detect-isdataat.c.

References offset.

Referenced by DetectIsdataatRegister().

Here is the caller graph for this function:

src
detect-isdataat.c
Generated on Wed Apr 24 2024 23:30:47 for suricata by 1.8.18