suricata
util-detect.c
Go to the documentation of this file.
1
/* Copyright (C) 2017 Open Information Security Foundation
2
*
3
* You can copy, redistribute or modify this Program under the terms of
4
* the GNU General Public License version 2 as published by the Free
5
* Software Foundation.
6
*
7
* This program is distributed in the hope that it will be useful,
8
* but WITHOUT ANY WARRANTY; without even the implied warranty of
9
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10
* GNU General Public License for more details.
11
*
12
* You should have received a copy of the GNU General Public License
13
* version 2 along with this program; if not, write to the Free Software
14
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15
* 02110-1301, USA.
16
*/
17
18
/**
19
* \file
20
*
21
* \author Giuseppe Longo <glongo@stamus-networks.com>
22
*
23
* Detection engine helper functions
24
*/
25
26
#include "
suricata-common.h
"
27
#include "
suricata.h
"
28
#include "
detect.h
"
29
#include "
util-detect.h
"
30
31
/**
32
* \brief Allocate SigString list member
33
*
34
* \retval Pointer to SigString
35
*/
36
SigString
*
SigStringAlloc
(
void
)
37
{
38
SigString
*sigstr =
SCCalloc
(1,
sizeof
(
SigString
));
39
if
(
unlikely
(sigstr == NULL))
40
return
NULL;
41
42
sigstr->
line
= 0;
43
44
return
sigstr;
45
}
46
47
/**
48
* \brief Assigns the filename, signature, lineno to SigString list member
49
*
50
* \param sig pointer to SigString
51
* \param sig_file filename that contains the signature
52
* \param sig_str signature in string format
53
* \param sig_error signature parsing error
54
* \param line line line number
55
*
56
* \retval 1 on success 0 on failure
57
*/
58
static
int
SigStringAddSig(
SigString
*sig,
const
char
*sig_file,
59
const
char
*sig_str,
const
char
*sig_error,
60
int
line)
61
{
62
if
(sig_file == NULL || sig_str == NULL) {
63
return
0;
64
}
65
66
sig->
filename
=
SCStrdup
(sig_file);
67
if
(sig->
filename
== NULL) {
68
SCLogError
(
"Error allocating memory"
);
69
return
0;
70
}
71
72
sig->
sig_str
=
SCStrdup
(sig_str);
73
if
(sig->
sig_str
== NULL) {
74
SCLogError
(
"Error allocating memory"
);
75
SCFree
(sig->
filename
);
76
return
0;
77
}
78
79
if
(sig_error) {
80
sig->
sig_error
=
SCStrdup
(sig_error);
81
if
(sig->
sig_error
== NULL) {
82
SCLogError
(
"Error allocating memory"
);
83
SCFree
(sig->
filename
);
84
SCFree
(sig->
sig_str
);
85
return
0;
86
}
87
}
88
89
sig->
line
= line;
90
91
return
1;
92
}
93
94
/**
95
* \brief Append a new list member to SigString list
96
*
97
* \param list pointer to the start of the SigString list
98
* \param sig_file filename that contains the signature
99
* \param sig_str signature in string format
100
* \param line line line number
101
*
102
* \retval 1 on success 0 on failure
103
*/
104
int
SigStringAppend
(
SigFileLoaderStat
*sig_stats,
const
char
*sig_file,
105
const
char
*sig_str,
const
char
*sig_error,
int
line)
106
{
107
SigString
*item =
SigStringAlloc
();
108
if
(item == NULL) {
109
return
0;
110
}
111
112
if
(!SigStringAddSig(item, sig_file, sig_str, sig_error, line)) {
113
SCFree
(item);
114
return
0;
115
}
116
117
TAILQ_INSERT_TAIL
(&sig_stats->failed_sigs, item,
next
);
118
119
return
1;
120
}
unlikely
#define unlikely(expr)
Definition:
util-optimize.h:35
SigString_
Definition:
detect.h:790
next
struct HtpBodyChunk_ * next
Definition:
app-layer-htp.h:0
TAILQ_INSERT_TAIL
#define TAILQ_INSERT_TAIL(head, elm, field)
Definition:
queue.h:294
SigString_::sig_error
char * sig_error
Definition:
detect.h:793
SigStringAppend
int SigStringAppend(SigFileLoaderStat *sig_stats, const char *sig_file, const char *sig_str, const char *sig_error, int line)
Append a new list member to SigString list.
Definition:
util-detect.c:104
detect.h
util-detect.h
SigString_::filename
char * filename
Definition:
detect.h:791
suricata-common.h
SigString_::line
int line
Definition:
detect.h:794
SCStrdup
#define SCStrdup(s)
Definition:
util-mem.h:56
SCLogError
#define SCLogError(...)
Macro used to log ERROR messages.
Definition:
util-debug.h:261
SCFree
#define SCFree(p)
Definition:
util-mem.h:61
suricata.h
SigString_::sig_str
char * sig_str
Definition:
detect.h:792
SCCalloc
#define SCCalloc(nm, sz)
Definition:
util-mem.h:53
SigFileLoaderStat_
Signature loader statistics.
Definition:
detect.h:799
SigStringAlloc
SigString * SigStringAlloc(void)
Allocate SigString list member.
Definition:
util-detect.c:36
src
util-detect.c
Generated on Sat Dec 21 2024 23:30:37 for suricata by
1.8.18