suricata
Data Fields
InspectionBuffer Struct Reference

#include <detect.h>

Data Fields

const uint8_t * inspect
 
uint64_t inspect_offset
 
uint32_t inspect_len
 
bool initialized
 
uint8_t flags
 
uint32_t len
 
uint8_t * buf
 
uint32_t size
 
uint32_t orig_len
 
const uint8_t * orig
 

Detailed Description

Definition at line 373 of file detect.h.

Field Documentation

◆ buf

uint8_t* InspectionBuffer::buf

Definition at line 383 of file detect.h.

Referenced by FileSwfDecompression(), InspectionBufferCheckAndExpand(), InspectionBufferCopy(), InspectionBufferFree(), InspectionBufferInit(), and InspectionBufferTruncate().

◆ flags

uint8_t InspectionBuffer::flags

DETECT_CI_FLAGS_* for use with DetectEngineContentInspection

Definition at line 378 of file detect.h.

Referenced by DetectEngineInspectBufferGeneric(), DetectEngineInspectPktBufferGeneric(), and DetectHelperGetMultiData().

◆ initialized

bool InspectionBuffer::initialized

is initialized. ::inspect might be NULL if transform lead to 0 size

Definition at line 377 of file detect.h.

Referenced by DetectHelperGetMultiData(), InspectionBufferClean(), InspectionBufferCopy(), InspectionBufferSetup(), InspectionBufferSetupMulti(), InspectionBufferSetupMultiEmpty(), and InspectionBufferTruncate().

◆ inspect

const uint8_t* InspectionBuffer::inspect

active pointer, points either to ::buf or ::orig

Definition at line 374 of file detect.h.

Referenced by DetectEngineInspectBufferGeneric(), DetectEngineInspectMultiBufferGeneric(), DetectEngineInspectPktBufferGeneric(), DetectHelperGetData(), FileSwfDecompression(), InspectionBufferClean(), InspectionBufferCopy(), InspectionBufferPtr(), InspectionBufferSetup(), InspectionBufferSetupMulti(), InspectionBufferSetupMultiEmpty(), and InspectionBufferTruncate().

◆ inspect_len

uint32_t InspectionBuffer::inspect_len

size of active data. See to len or ::orig_len

Definition at line 376 of file detect.h.

Referenced by DetectEngineInspectBufferGeneric(), DetectEngineInspectPktBufferGeneric(), FileSwfDecompression(), InspectionBufferCopy(), InspectionBufferLength(), InspectionBufferSetup(), InspectionBufferSetupMulti(), InspectionBufferSetupMultiEmpty(), and InspectionBufferTruncate().

◆ inspect_offset

uint64_t InspectionBuffer::inspect_offset

Definition at line 375 of file detect.h.

Referenced by DetectEngineInspectBufferGeneric().

◆ len

uint32_t InspectionBuffer::len

how much is in use

Definition at line 382 of file detect.h.

Referenced by FileSwfDecompression(), InspectionBufferSetup(), InspectionBufferSetupMulti(), and InspectionBufferSetupMultiEmpty().

◆ orig

const uint8_t* InspectionBuffer::orig

Definition at line 387 of file detect.h.

Referenced by InspectionBufferSetup(), and InspectionBufferSetupMulti().

◆ orig_len

uint32_t InspectionBuffer::orig_len

Definition at line 386 of file detect.h.

Referenced by InspectionBufferSetup(), and InspectionBufferSetupMulti().

◆ size

uint32_t InspectionBuffer::size

size of the memory allocation

Definition at line 384 of file detect.h.

Referenced by FileSwfDecompression(), InspectionBufferCheckAndExpand(), InspectionBufferCopy(), InspectionBufferInit(), and InspectionBufferTruncate().

The documentation for this struct was generated from the following file: