Go to the documentation of this file.
46 #define PARSE_REGEX "^\\s*([A-Za-z0-9]+)\\s*,\"?\\s*\"?\\s*([a-zA-Z0-9\\-_\\.\\/\\?\\=]+)\"?\\s*\"?"
51 static void ReferenceRegisterTests(
void);
106 "keyword argument - \"%s\". Invalid argument.",
116 pcre2len =
sizeof(key);
117 res = pcre2_substring_copy_bynumber(parse_regex.
match, 1, (PCRE2_UCHAR8 *)key, &pcre2len);
119 SCLogError(
"pcre2_substring_copy_bynumber failed");
123 pcre2len =
sizeof(content);
124 res = pcre2_substring_copy_bynumber(parse_regex.
match, 2, (PCRE2_UCHAR8 *)content, &pcre2len);
126 SCLogError(
"pcre2_substring_copy_bynumber failed");
130 if (strlen(key) == 0 || strlen(content) == 0)
134 if (lookup_ref_conf != NULL) {
135 ref->
key = lookup_ref_conf->
url;
138 SCLogError(
"unknown reference key \"%s\"", key);
145 snprintf(
str,
sizeof(
str),
"config reference: %s undefined\n", key);
150 if (lookup_ref_conf == NULL)
157 SCLogError(
"strdup failed: %s", strerror(errno));
198 while (sig_refs->
next != NULL) {
199 sig_refs = sig_refs->
next;
201 sig_refs->
next = ref;
218 static int DetectReferenceParseTest01(
void)
229 "(msg:\"One reference\"; reference:one,001-2010; sid:2;)");
234 FAIL_IF (strcmp(ref->
key,
"http://www.one.com") != 0);
247 static int DetectReferenceParseTest02(
void)
258 "(msg:\"Two references\"; "
259 "reference:one,openinfosecdoundation.txt; "
260 "reference:two,001-2010; sid:2;)");
266 FAIL_IF (strcmp(ref->
key,
"http://www.one.com") != 0);
270 FAIL_IF (strcmp(ref->
key,
"http://www.two.com") != 0);
283 static int DetectReferenceParseTest03(
void)
294 "(msg:\"invalid ref\"; "
295 "reference:unknownkey,001-2010; sid:2;)");
301 static void ReferenceRegisterTests(
void)
303 UtRegisterTest(
"DetectReferenceParseTest01", DetectReferenceParseTest01);
304 UtRegisterTest(
"DetectReferenceParseTest02", DetectReferenceParseTest02);
305 UtRegisterTest(
"DetectReferenceParseTest03", DetectReferenceParseTest03);
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
int DetectParsePcreExec(DetectParseRegex *parse_regex, const char *str, int start_offset, int options)
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
void DetectReferenceFree(DetectReference *ref)
Free a Reference object.
main detection engine ctx
void DetectEngineCtxFree(DetectEngineCtx *)
Free a DetectEngineCtx::
Signature * DetectEngineAppendSig(DetectEngineCtx *, const char *)
Parse and append a Signature into the Detection Engine Context signature list.
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
#define PASS
Pass the test.
void DetectSetupParseRegexes(const char *parse_str, DetectParseRegex *detect_parse)
DetectReference * references
bool SigMatchStrictEnabled(const enum DetectKeywordId id)
#define SCLogWarning(...)
Macro used to log WARNING messages.
Signature reference list.
#define REFERENCE_SYSTEM_NAME_MAX
int SCRConfLoadReferenceConfigFile(DetectEngineCtx *de_ctx, FILE *fd)
Loads the Reference info from the reference.config file.
#define SCReturnPtr(x, type)
void DetectReferenceRegister(void)
Registration function for the reference: keyword.
int SCRConfAddReference(DetectEngineCtx *de_ctx, const char *line)
Parses a line from the reference config file and adds it to Reference Config hash table DetectEngineC...
struct DetectReference_ * next
SCRConfReference * SCRConfGetReference(const char *rconf_name, DetectEngineCtx *de_ctx)
Gets the reference config from the corresponding hash table stored in the Detection Engine Context's ...
#define FAIL_IF(expr)
Fail a test if expression evaluates to true.
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
Holds a reference from the file - reference.config.
#define SCLogError(...)
Macro used to log ERROR messages.
DetectEngineCtx * DetectEngineCtxInit(void)
FILE * SCRConfGenerateValidDummyReferenceConfigFD01(void)
Creates a dummy reference config, with all valid references, for testing purposes.
#define REFERENCE_CONTENT_NAME_MAX
void(* RegisterTests)(void)