suricata
Data Fields
InspectionBuffer Struct Reference

#include <detect.h>

Data Fields

const uint8_t * inspect
 
uint64_t inspect_offset
 
uint32_t inspect_len
 
bool initialized
 
uint8_t flags
 
uint32_t len
 
uint8_t * buf
 
uint32_t size
 
uint32_t orig_len
 
const uint8_t * orig
 

Detailed Description

Definition at line 364 of file detect.h.

Field Documentation

◆ buf

uint8_t* InspectionBuffer::buf

Definition at line 374 of file detect.h.

Referenced by FileSwfDecompression(), InspectionBufferCheckAndExpand(), InspectionBufferCopy(), InspectionBufferFree(), and InspectionBufferInit().

◆ flags

uint8_t InspectionBuffer::flags

DETECT_CI_FLAGS_* for use with DetectEngineContentInspection

Definition at line 369 of file detect.h.

Referenced by DetectEngineInspectBufferGeneric(), and DetectEngineInspectPktBufferGeneric().

◆ initialized

bool InspectionBuffer::initialized

is initialized. ::inspect might be NULL if transform lead to 0 size

Definition at line 368 of file detect.h.

Referenced by InspectionBufferClean(), InspectionBufferCopy(), InspectionBufferSetup(), InspectionBufferSetupMulti(), and InspectionBufferSetupMultiEmpty().

◆ inspect

const uint8_t* InspectionBuffer::inspect

active pointer, points either to ::buf or ::orig

Definition at line 365 of file detect.h.

Referenced by DetectEngineInspectBufferGeneric(), DetectEngineInspectPktBufferGeneric(), FileSwfDecompression(), InspectionBufferClean(), InspectionBufferCopy(), InspectionBufferSetup(), InspectionBufferSetupMulti(), InspectionBufferSetupMultiEmpty(), Ja3DetectGetHash(), and Ja3DetectGetString().

◆ inspect_len

uint32_t InspectionBuffer::inspect_len

size of active data. See to len or ::orig_len

Definition at line 367 of file detect.h.

Referenced by DetectEngineInspectBufferGeneric(), DetectEngineInspectPktBufferGeneric(), FileSwfDecompression(), InspectionBufferCopy(), InspectionBufferSetup(), InspectionBufferSetupMulti(), and InspectionBufferSetupMultiEmpty().

◆ inspect_offset

uint64_t InspectionBuffer::inspect_offset

Definition at line 366 of file detect.h.

Referenced by DetectEngineInspectBufferGeneric().

◆ len

uint32_t InspectionBuffer::len

how much is in use

Definition at line 373 of file detect.h.

Referenced by FileSwfDecompression(), InspectionBufferSetup(), InspectionBufferSetupMulti(), and InspectionBufferSetupMultiEmpty().

◆ orig

const uint8_t* InspectionBuffer::orig

Definition at line 378 of file detect.h.

Referenced by InspectionBufferSetup(), and InspectionBufferSetupMulti().

◆ orig_len

uint32_t InspectionBuffer::orig_len

Definition at line 377 of file detect.h.

Referenced by InspectionBufferSetup(), and InspectionBufferSetupMulti().

◆ size

uint32_t InspectionBuffer::size

size of the memory allocation

Definition at line 375 of file detect.h.

Referenced by FileSwfDecompression(), InspectionBufferCheckAndExpand(), InspectionBufferCopy(), and InspectionBufferInit().

The documentation for this struct was generated from the following file: