suricata
detect-requires.c
Go to the documentation of this file.
1
/* Copyright (C) 2023 Open Information Security Foundation
2
*
3
* You can copy, redistribute or modify this Program under the terms of
4
* the GNU General Public License version 2 as published by the Free
5
* Software Foundation.
6
*
7
* This program is distributed in the hope that it will be useful,
8
* but WITHOUT ANY WARRANTY; without even the implied warranty of
9
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10
* GNU General Public License for more details.
11
*
12
* You should have received a copy of the GNU General Public License
13
* version 2 along with this program; if not, write to the Free Software
14
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15
* 02110-1301, USA.
16
*/
17
18
#include "
detect-requires.h
"
19
#include "
suricata-common.h
"
20
#include "
detect-engine.h
"
21
#include "
rust.h
"
22
23
static
int
DetectRequiresSetup(
DetectEngineCtx
*
de_ctx
,
Signature
*s,
const
char
*rawstr)
24
{
25
if
(
de_ctx
->
requirements
== NULL) {
26
de_ctx
->
requirements
= (
void
*)SCDetectRequiresStatusNew();
27
BUG_ON
(
de_ctx
->
requirements
== NULL);
28
}
29
30
const
char
*errmsg = NULL;
31
int
res = SCDetectCheckRequires(rawstr,
PROG_VER
, &errmsg,
de_ctx
->
requirements
);
32
if
(res == -1) {
33
// The requires expression is bad, log an error.
34
SCLogError
(
"%s: %s"
, errmsg, rawstr);
35
de_ctx
->
sigerror
= errmsg;
36
}
else
if
(res < -1) {
37
// This Suricata instance didn't meet the requirements.
38
SCLogInfo
(
"Suricata did not meet the rule requirements: %s: %s"
, errmsg, rawstr);
39
return
-4;
40
}
41
return
res;
42
}
43
44
void
DetectRequiresRegister
(
void
)
45
{
46
sigmatch_table
[
DETECT_REQUIRES
].
name
=
"requires"
;
47
sigmatch_table
[
DETECT_REQUIRES
].
desc
=
"require Suricata version or features"
;
48
sigmatch_table
[
DETECT_REQUIRES
].
url
=
"/rules/meta-keywords.html#requires"
;
49
sigmatch_table
[
DETECT_REQUIRES
].
Setup
= DetectRequiresSetup;
50
}
SigTableElmt_::url
const char * url
Definition:
detect.h:1312
detect-engine.h
SigTableElmt_::desc
const char * desc
Definition:
detect.h:1311
sigmatch_table
SigTableElmt * sigmatch_table
Definition:
detect-parse.c:128
SigTableElmt_::name
const char * name
Definition:
detect.h:1309
DetectEngineCtx_
main detection engine ctx
Definition:
detect.h:843
rust.h
SigTableElmt_::Setup
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
Definition:
detect.h:1294
DETECT_REQUIRES
@ DETECT_REQUIRES
Definition:
detect-engine-register.h:135
DetectEngineCtx_::requirements
SCDetectRequiresStatus * requirements
Definition:
detect.h:1049
de_ctx
DetectEngineCtx * de_ctx
Definition:
fuzz_siginit.c:17
BUG_ON
#define BUG_ON(x)
Definition:
suricata-common.h:300
detect-requires.h
DetectRequiresRegister
void DetectRequiresRegister(void)
Definition:
detect-requires.c:44
SCLogInfo
#define SCLogInfo(...)
Macro used to log INFORMATIONAL messages.
Definition:
util-debug.h:224
suricata-common.h
SCLogError
#define SCLogError(...)
Macro used to log ERROR messages.
Definition:
util-debug.h:261
Signature_
Signature container.
Definition:
detect.h:603
DetectEngineCtx_::sigerror
const char * sigerror
Definition:
detect.h:939
PROG_VER
#define PROG_VER
Definition:
suricata.h:71
src
detect-requires.c
Generated on Wed Dec 25 2024 23:30:33 for suricata by
1.8.18