suricata
Macros | Functions
detect-lua.c File Reference
#include "suricata-common.h"
#include "conf.h"
#include "decode.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-mpm.h"
#include "detect-engine-build.h"
#include "detect-byte.h"
#include "flow.h"
#include "flow-var.h"
#include "flow-util.h"
#include "util-byte.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "app-layer.h"
#include "app-layer-parser.h"
#include "app-layer-htp.h"
#include "stream-tcp.h"
#include "detect-lua.h"
#include "detect-lua-extensions.h"
#include "util-var-name.h"
#include "util-lua.h"
#include "util-lua-sandbox.h"
#include "detect-engine-alert.h"
Include dependency graph for detect-lua.c:

Go to the source code of this file.

Macros

#define FLAG_DATATYPE_PACKET   BIT_U32(0)
 
#define FLAG_DATATYPE_PAYLOAD   BIT_U32(1)
 
#define FLAG_DATATYPE_STREAM   BIT_U32(2)
 
#define FLAG_DATATYPE_HTTP_URI   BIT_U32(3)
 
#define FLAG_DATATYPE_HTTP_URI_RAW   BIT_U32(4)
 
#define FLAG_DATATYPE_HTTP_REQUEST_HEADERS   BIT_U32(5)
 
#define FLAG_DATATYPE_HTTP_REQUEST_HEADERS_RAW   BIT_U32(6)
 
#define FLAG_DATATYPE_HTTP_REQUEST_COOKIE   BIT_U32(7)
 
#define FLAG_DATATYPE_HTTP_REQUEST_UA   BIT_U32(8)
 
#define FLAG_DATATYPE_HTTP_REQUEST_LINE   BIT_U32(9)
 
#define FLAG_DATATYPE_HTTP_REQUEST_BODY   BIT_U32(10)
 
#define FLAG_DATATYPE_HTTP_RESPONSE_COOKIE   BIT_U32(11)
 
#define FLAG_DATATYPE_HTTP_RESPONSE_BODY   BIT_U32(12)
 
#define FLAG_DATATYPE_HTTP_RESPONSE_HEADERS   BIT_U32(13)
 
#define FLAG_DATATYPE_HTTP_RESPONSE_HEADERS_RAW   BIT_U32(14)
 
#define FLAG_DATATYPE_DNS_RRNAME   BIT_U32(15)
 
#define FLAG_DATATYPE_DNS_REQUEST   BIT_U32(16)
 
#define FLAG_DATATYPE_DNS_RESPONSE   BIT_U32(17)
 
#define FLAG_DATATYPE_TLS   BIT_U32(18)
 
#define FLAG_DATATYPE_SSH   BIT_U32(19)
 
#define FLAG_DATATYPE_SMTP   BIT_U32(20)
 
#define FLAG_DATATYPE_DNP3   BIT_U32(21)
 
#define FLAG_DATATYPE_BUFFER   BIT_U32(22)
 
#define FLAG_ERROR_LOGGED   BIT_U32(23)
 
#define FLAG_BLOCKED_FUNCTION_LOGGED   BIT_U32(24)
 
#define FLAG_INSTRUCTION_LIMIT_LOGGED   BIT_U32(25)
 
#define FLAG_MEMORY_LIMIT_LOGGED   BIT_U32(26)
 
#define DEFAULT_LUA_ALLOC_LIMIT   500000
 
#define DEFAULT_LUA_INSTRUCTION_LIMIT   500000
 

Functions

void DetectLuaRegister (void)
 Registration function for keyword: lua. More...
 
int DetectLuaMatchBuffer (DetectEngineThreadCtx *det_ctx, const Signature *s, const SigMatchData *smd, const uint8_t *buffer, uint32_t buffer_len, uint32_t offset, Flow *f)
 
void DetectLuaPostSetup (Signature *s)
 post-sig parse function to set the sid,rev,gid into the ctx, as this isn't available yet during parsing. More...
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Definition in file detect-lua.c.

Macro Definition Documentation

◆ DEFAULT_LUA_ALLOC_LIMIT

#define DEFAULT_LUA_ALLOC_LIMIT   500000

Definition at line 130 of file detect-lua.c.

◆ DEFAULT_LUA_INSTRUCTION_LIMIT

#define DEFAULT_LUA_INSTRUCTION_LIMIT   500000

Definition at line 131 of file detect-lua.c.

◆ FLAG_BLOCKED_FUNCTION_LOGGED

#define FLAG_BLOCKED_FUNCTION_LOGGED   BIT_U32(24)

Definition at line 126 of file detect-lua.c.

◆ FLAG_DATATYPE_BUFFER

#define FLAG_DATATYPE_BUFFER   BIT_U32(22)

Definition at line 124 of file detect-lua.c.

◆ FLAG_DATATYPE_DNP3

#define FLAG_DATATYPE_DNP3   BIT_U32(21)

Definition at line 123 of file detect-lua.c.

◆ FLAG_DATATYPE_DNS_REQUEST

#define FLAG_DATATYPE_DNS_REQUEST   BIT_U32(16)

Definition at line 118 of file detect-lua.c.

◆ FLAG_DATATYPE_DNS_RESPONSE

#define FLAG_DATATYPE_DNS_RESPONSE   BIT_U32(17)

Definition at line 119 of file detect-lua.c.

◆ FLAG_DATATYPE_DNS_RRNAME

#define FLAG_DATATYPE_DNS_RRNAME   BIT_U32(15)

Definition at line 117 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_REQUEST_BODY

#define FLAG_DATATYPE_HTTP_REQUEST_BODY   BIT_U32(10)

Definition at line 112 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_REQUEST_COOKIE

#define FLAG_DATATYPE_HTTP_REQUEST_COOKIE   BIT_U32(7)

Definition at line 109 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_REQUEST_HEADERS

#define FLAG_DATATYPE_HTTP_REQUEST_HEADERS   BIT_U32(5)

Definition at line 107 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_REQUEST_HEADERS_RAW

#define FLAG_DATATYPE_HTTP_REQUEST_HEADERS_RAW   BIT_U32(6)

Definition at line 108 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_REQUEST_LINE

#define FLAG_DATATYPE_HTTP_REQUEST_LINE   BIT_U32(9)

Definition at line 111 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_REQUEST_UA

#define FLAG_DATATYPE_HTTP_REQUEST_UA   BIT_U32(8)

Definition at line 110 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_RESPONSE_BODY

#define FLAG_DATATYPE_HTTP_RESPONSE_BODY   BIT_U32(12)

Definition at line 114 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_RESPONSE_COOKIE

#define FLAG_DATATYPE_HTTP_RESPONSE_COOKIE   BIT_U32(11)

Definition at line 113 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_RESPONSE_HEADERS

#define FLAG_DATATYPE_HTTP_RESPONSE_HEADERS   BIT_U32(13)

Definition at line 115 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_RESPONSE_HEADERS_RAW

#define FLAG_DATATYPE_HTTP_RESPONSE_HEADERS_RAW   BIT_U32(14)

Definition at line 116 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_URI

#define FLAG_DATATYPE_HTTP_URI   BIT_U32(3)

Definition at line 105 of file detect-lua.c.

◆ FLAG_DATATYPE_HTTP_URI_RAW

#define FLAG_DATATYPE_HTTP_URI_RAW   BIT_U32(4)

Definition at line 106 of file detect-lua.c.

◆ FLAG_DATATYPE_PACKET

#define FLAG_DATATYPE_PACKET   BIT_U32(0)

Definition at line 102 of file detect-lua.c.

◆ FLAG_DATATYPE_PAYLOAD

#define FLAG_DATATYPE_PAYLOAD   BIT_U32(1)

Definition at line 103 of file detect-lua.c.

◆ FLAG_DATATYPE_SMTP

#define FLAG_DATATYPE_SMTP   BIT_U32(20)

Definition at line 122 of file detect-lua.c.

◆ FLAG_DATATYPE_SSH

#define FLAG_DATATYPE_SSH   BIT_U32(19)

Definition at line 121 of file detect-lua.c.

◆ FLAG_DATATYPE_STREAM

#define FLAG_DATATYPE_STREAM   BIT_U32(2)

Definition at line 104 of file detect-lua.c.

◆ FLAG_DATATYPE_TLS

#define FLAG_DATATYPE_TLS   BIT_U32(18)

Definition at line 120 of file detect-lua.c.

◆ FLAG_ERROR_LOGGED

#define FLAG_ERROR_LOGGED   BIT_U32(23)

Definition at line 125 of file detect-lua.c.

◆ FLAG_INSTRUCTION_LIMIT_LOGGED

#define FLAG_INSTRUCTION_LIMIT_LOGGED   BIT_U32(25)

Definition at line 127 of file detect-lua.c.

◆ FLAG_MEMORY_LIMIT_LOGGED

#define FLAG_MEMORY_LIMIT_LOGGED   BIT_U32(26)

Definition at line 128 of file detect-lua.c.

Function Documentation

◆ DetectLuaMatchBuffer()

int DetectLuaMatchBuffer ( DetectEngineThreadCtx det_ctx,
const Signature s,
const SigMatchData smd,
const uint8_t *  buffer,
uint32_t  buffer_len,
uint32_t  offset,
Flow f 
)

Definition at line 273 of file detect-lua.c.

References DetectLuaData::buffername, SigMatchData_::ctx, DetectThreadCtxGetKeywordThreadCtx(), LuaExtensionsMatchSetup(), LuaPushStringBuffer(), DetectLuaThreadData::luastate, offset, SCEnter, SCReturnInt, and DetectLuaData::thread_ctx_id.

Here is the call graph for this function:

◆ DetectLuaPostSetup()

void DetectLuaPostSetup ( Signature s)

post-sig parse function to set the sid,rev,gid into the ctx, as this isn't available yet during parsing.

Definition at line 1021 of file detect-lua.c.

References SigMatch_::ctx, DETECT_LUA, DETECT_SM_LIST_MAX, DetectLuaData::gid, Signature_::gid, Signature_::id, Signature_::init_data, SigMatch_::next, DetectLuaData::rev, Signature_::rev, DetectLuaData::sid, SignatureInitData_::smlists, and SigMatch_::type.

◆ DetectLuaRegister()

void DetectLuaRegister ( void  )

Registration function for keyword: lua.

Definition at line 78 of file detect-lua.c.

References SigTableElmt_::desc, DETECT_LUA, SigTableElmt_::Match, SigTableElmt_::name, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the caller graph for this function: