suricata
util-unittest-helper.c File Reference
#include "suricata-common.h"
#include "decode.h"
#include "flow-private.h"
#include "flow-util.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-sigorder.h"
#include "stream-tcp.h"
#include "stream-tcp-private.h"
#include "util-debug.h"
#include "util-time.h"
#include "util-error.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
Include dependency graph for util-unittest-helper.c:

Go to the source code of this file.

Functions

uint32_t UTHSetIPv4Address (const char *str)
 return the uint32_t for a ipv4 address string More...
 
PacketUTHBuildPacketIPV6Real (uint8_t *payload, uint16_t payload_len, uint8_t ipproto, const char *src, const char *dst, uint16_t sport, uint16_t dport)
 UTHBuildPacketReal is a function that create tcp/udp packets for unittests specifying ip and port sources and destinations (IPV6) More...
 
PacketUTHBuildPacketReal (uint8_t *payload, uint16_t payload_len, uint8_t ipproto, const char *src, const char *dst, uint16_t sport, uint16_t dport)
 UTHBuildPacketReal is a function that create tcp/udp packets for unittests specifying ip and port sources and destinations. More...
 
PacketUTHBuildPacket (uint8_t *payload, uint16_t payload_len, uint8_t ipproto)
 UTHBuildPacket is a wrapper that build packets with default ip and port fields. More...
 
Packet ** UTHBuildPacketArrayFromEth (uint8_t *raw_eth[], int *pktsize, int numpkts)
 UTHBuildPacketArrayFromEth is a wrapper that build a packets from an array of packets in ethernet rawbytes. Hint: It also share the flows. More...
 
PacketUTHBuildPacketFromEth (uint8_t *raw_eth, uint16_t pktsize)
 UTHBuildPacketFromEth is a wrapper that build a packet for the rawbytes. More...
 
PacketUTHBuildPacketSrcDst (uint8_t *payload, uint16_t payload_len, uint8_t ipproto, const char *src, const char *dst)
 UTHBuildPacketSrcDst is a wrapper that build packets specifying IPs and defaulting ports. More...
 
PacketUTHBuildPacketIPV6SrcDst (uint8_t *payload, uint16_t payload_len, uint8_t ipproto, const char *src, const char *dst)
 UTHBuildPacketSrcDst is a wrapper that build packets specifying IPs and defaulting ports (IPV6) More...
 
PacketUTHBuildPacketSrcDstPorts (uint8_t *payload, uint16_t payload_len, uint8_t ipproto, uint16_t sport, uint16_t dport)
 UTHBuildPacketSrcDstPorts is a wrapper that build packets specifying src and dst ports and defaulting IPs. More...
 
void UTHFreePackets (Packet **p, int numpkts)
 UTHFreePackets: function to release the allocated data from UTHBuildPacket and the packet itself. More...
 
void UTHFreePacket (Packet *p)
 UTHFreePacket: function to release the allocated data from UTHBuildPacket and the packet itself. More...
 
void UTHAssignFlow (Packet *p, Flow *f)
 
FlowUTHBuildFlow (int family, const char *src, const char *dst, Port sp, Port dp)
 
void UTHFreeFlow (Flow *flow)
 
int UTHAddStreamToFlow (Flow *f, int direction, uint8_t *data, uint32_t data_len)
 
int UTHAddSessionToFlow (Flow *f, uint32_t ts_isn, uint32_t tc_isn)
 
int UTHRemoveSessionFromFlow (Flow *f)
 
int UTHGenericTest (Packet **pkt, int numpkts, const char *sigs[], uint32_t sids[], uint32_t *results, int numsigs)
 UTHGenericTest: function that perfom a generic check taking care of as maximum common unittest elements as possible. It will create a detection engine, append an array of signatures an check the spected results for each of them, it check matches for an array of packets. More...
 
int UTHCheckPacketMatchResults (Packet *p, uint32_t sids[], uint32_t results[], int numsids)
 UTHCheckPacketMatches: function to check if a packet match some sids. More...
 
int UTHAppendSigs (DetectEngineCtx *de_ctx, const char *sigs[], int numsigs)
 UTHAppendSigs: Add sigs to the detection_engine checking for errors. More...
 
int UTHMatchPacketsWithResults (DetectEngineCtx *de_ctx, Packet **p, int num_packets, uint32_t sids[], uint32_t *results, int numsigs)
 
int UTHMatchPackets (DetectEngineCtx *de_ctx, Packet **p, int num_packets)
 
int UTHPacketMatchSigMpm (Packet *p, char *sig, uint16_t mpm_type)
 
int UTHPacketMatchSig (Packet *p, const char *sig)
 
uint32_t UTHBuildPacketOfFlows (uint32_t start, uint32_t end, uint8_t dir)
 
int UTHParseSignature (const char *str, bool expect)
 parser a sig and see if the expected result is correct More...
 
void UTHRegisterTests (void)
 

Detailed Description

Author
Pablo Rincon Crespo pablo.nosp@m..rin.nosp@m.con.c.nosp@m.resp.nosp@m.o@gma.nosp@m.il.c.nosp@m.om

This file provide a set of helper functions for reducing the complexity when constructing unittests

Definition in file util-unittest-helper.c.

Function Documentation

int UTHAddSessionToFlow ( Flow f,
uint32_t  ts_isn,
uint32_t  tc_isn 
)
int UTHAddStreamToFlow ( Flow f,
int  direction,
uint8_t *  data,
uint32_t  data_len 
)

Definition at line 504 of file util-unittest-helper.c.

References TcpSession_::client, FAIL_IF_NOT, FAIL_IF_NULL, TcpStream_::last_ack, Flow_::proto, Flow_::protoctx, TcpStream_::sb, TcpSession_::server, and StreamingBufferAppend().

Referenced by DetectPcrePayloadMatch(), and DetectUricontentRegister().

Here is the call graph for this function:

Here is the caller graph for this function:

int UTHAppendSigs ( DetectEngineCtx de_ctx,
const char *  sigs[],
int  numsigs 
)

UTHAppendSigs: Add sigs to the detection_engine checking for errors.

Parameters
de_ctxpointer to the DetectEngineCtx used
sigsarray of char* pointing to signatures to load
numsigsnumber of signatures to load from the array (size of the array)
Return values
int0 if we have errors; 1 if all the signatures loaded succesfuly

Definition at line 652 of file util-unittest-helper.c.

References DetectEngineAppendSig(), SC_ERR_INVALID_ARGUMENT, and SCLogError.

Referenced by ActionInitConfig(), DetectBypassRegister(), DetectFlowintFree(), DetectSetupParseRegexes(), SCSigSignatureOrderingModuleCleanup(), TagTimeoutCheck(), and UTHGenericTest().

Here is the call graph for this function:

Here is the caller graph for this function:

void UTHAssignFlow ( Packet p,
Flow f 
)

Definition at line 438 of file util-unittest-helper.c.

References Packet_::flags, Packet_::flow, and PKT_HAS_FLOW.

Referenced by DetectFlowintFree().

Here is the caller graph for this function:

Flow* UTHBuildFlow ( int  family,
const char *  src,
const char *  dst,
Port  sp,
Port  dp 
)
Packet* UTHBuildPacket ( uint8_t *  payload,
uint16_t  payload_len,
uint8_t  ipproto 
)

UTHBuildPacket is a wrapper that build packets with default ip and port fields.

Parameters
payloadpointer to the payloadd buffer
payload_lenpointer to the length of the payload
ipprotoProtocols allowed atm are IPPROTO_TCP and IPPROTO_UDP
Return values
Packetpointer to the built in packet

Definition at line 262 of file util-unittest-helper.c.

References UTHBuildPacketReal().

Referenced by AlertFastLogInitCtx(), DetectAckRegister(), DetectAsn1Register(), DetectBase64DecodeDoMatch(), DetectBypassRegister(), DetectBytejumpDoMatch(), DetectBytetestDoMatch(), DetectDceIfaceRegister(), DetectDceOpnumRegister(), DetectDceStubDataRegister(), DetectDistanceRegister(), DetectDNP3Register(), DetectEngineInspectENIP(), DetectEngineInspectModbus(), DetectEngineInspectStream(), DetectEngineStateResetTxs(), DetectFastPatternRegister(), DetectFlowFree(), DetectFlowintFree(), DetectHttpRequestLineRegister(), DetectHttpResponseLineRegister(), DetectIcmpIdFree(), DetectIcmpSeqFree(), DetectICodeFree(), DetectIdFree(), DetectIPProtoRemoveAllSMs(), DetectIPRepFree(), DetectIsdataatFree(), DetectITypeFree(), DetectLuaRegister(), DetectPcrePayloadMatch(), DetectProtoContainsProto(), DetectRpcFree(), DetectSeqRegister(), DetectSshSoftwareVersionRegister(), DetectSshVersionRegister(), DetectTemplateRustBufferRegister(), DetectTosRegister(), DetectUricontentRegister(), DetectUrilenValidateContent(), DetectWindowFree(), DetectWithinRegister(), HtpConfigRestoreBackup(), IPOnlyAddSignature(), MpmACRegister(), MpmACTileRegister(), RegisterModbusParsers(), SCACBSPrintInfo(), SCSigSignatureOrderingModuleCleanup(), SCThresholdConfParseFile(), SMTPParserCleanup(), UTHBuildPacketOfFlows(), and UTHParseSignature().

Here is the call graph for this function:

Packet** UTHBuildPacketArrayFromEth ( uint8_t *  raw_eth[],
int *  pktsize,
int  numpkts 
)

UTHBuildPacketArrayFromEth is a wrapper that build a packets from an array of packets in ethernet rawbytes. Hint: It also share the flows.

Parameters
raw_ethpointer to the array of ethernet packets in rawbytes
pktsizepointer to the array of sizes corresponding to each buffer pointed from pktsize.
numpktsnumber of packets in the array
Return values
Packetpointer to the array of built in packets; NULL if something fail

Definition at line 281 of file util-unittest-helper.c.

References DecodeEthernet(), PacketGetFromAlloc(), SC_ERR_INVALID_ARGUMENT, SCFree, SCLogError, SCMalloc, and unlikely.

Here is the call graph for this function:

Packet* UTHBuildPacketFromEth ( uint8_t *  raw_eth,
uint16_t  pktsize 
)

UTHBuildPacketFromEth is a wrapper that build a packet for the rawbytes.

Parameters
raw_ethpointer to the rawbytes containing an ethernet packet (and any other headers inside)
pktsizepointer to the length of the payload
Return values
Packetpointer to the built in packet; NULL if something fail

Definition at line 319 of file util-unittest-helper.c.

References DecodeEthernet(), PacketGetFromAlloc(), and unlikely.

Referenced by DetectPortHashFree(), and DetectSetupParseRegexes().

Here is the call graph for this function:

Here is the caller graph for this function:

Packet* UTHBuildPacketIPV6Real ( uint8_t *  payload,
uint16_t  payload_len,
uint8_t  ipproto,
const char *  src,
const char *  dst,
uint16_t  sport,
uint16_t  dport 
)

UTHBuildPacketReal is a function that create tcp/udp packets for unittests specifying ip and port sources and destinations (IPV6)

Parameters
payloadpointer to the payloadd buffer
payload_lenpointer to the length of the payload
ipprotoProtocols allowed atm are IPPROTO_TCP and IPPROTO_UDP
srcpointer to a string containing the ip source
dstpointer to a string containing the ip destination
sportpointer to a string containing the port source
dportpointer to a string containing the port destination
Return values
Packetpointer to the built in packet

Definition at line 81 of file util-unittest-helper.c.

References Packet_::dp, Packet_::dst, Address_::family, Packet_::ip6h, PacketGetFromAlloc(), Packet_::payload, payload_len, Packet_::payload_len, Packet_::proto, SCFree, SCMalloc, SET_PKT_LEN, Packet_::sp, Packet_::src, Packet_::tcph, TimeGet(), Packet_::ts, and unlikely.

Referenced by UTHBuildPacketIPV6SrcDst().

Here is the call graph for this function:

Here is the caller graph for this function:

Packet* UTHBuildPacketIPV6SrcDst ( uint8_t *  payload,
uint16_t  payload_len,
uint8_t  ipproto,
const char *  src,
const char *  dst 
)

UTHBuildPacketSrcDst is a wrapper that build packets specifying IPs and defaulting ports (IPV6)

Parameters
payloadpointer to the payload buffer
payload_lenpointer to the length of the payload
ipprotoProtocols allowed atm are IPPROTO_TCP and IPPROTO_UDP
Return values
Packetpointer to the built in packet

Definition at line 361 of file util-unittest-helper.c.

References UTHBuildPacketIPV6Real().

Referenced by IPOnlyAddSignature().

Here is the call graph for this function:

Here is the caller graph for this function:

uint32_t UTHBuildPacketOfFlows ( uint32_t  start,
uint32_t  end,
uint8_t  dir 
)

Definition at line 902 of file util-unittest-helper.c.

References Packet_::dst, Packet_::flow, FlowHandlePacket(), FLOWLOCK_UNLOCK, SC_ATOMIC_RESET, Packet_::src, UTHBuildPacket(), and UTHFreePacket().

Referenced by FlowUpdateState(), TmModuleFlowRecyclerRegister(), and UTHParseSignature().

Here is the call graph for this function:

Here is the caller graph for this function:

Packet* UTHBuildPacketReal ( uint8_t *  payload,
uint16_t  payload_len,
uint8_t  ipproto,
const char *  src,
const char *  dst,
uint16_t  sport,
uint16_t  dport 
)

UTHBuildPacketReal is a function that create tcp/udp packets for unittests specifying ip and port sources and destinations.

Parameters
payloadpointer to the payloadd buffer
payload_lenpointer to the length of the payload
ipprotoProtocols allowed atm are IPPROTO_TCP and IPPROTO_UDP
srcpointer to a string containing the ip source
dstpointer to a string containing the ip destination
sportpointer to a string containing the port source
dportpointer to a string containing the port destination
Return values
Packetpointer to the built in packet

Definition at line 167 of file util-unittest-helper.c.

References COPY_TIMESTAMP, GET_PKT_DATA, PacketCopyDataOffset(), PacketGetFromAlloc(), payload_len, SCFree, SET_PKT_LEN, TimeGet(), and unlikely.

Referenced by ActionInitConfig(), DetectDetectionFilterRegister(), DetectDnsQueryRegister(), DetectThresholdRegister(), SCThresholdConfParseFile(), StreamTcpUTAddPayload(), StreamTcpUTAddSegmentWithByte(), StreamTcpUTAddSegmentWithPayload(), TagTimeoutCheck(), UTHBuildPacket(), UTHBuildPacketSrcDst(), UTHBuildPacketSrcDstPorts(), and UTHParseSignature().

Here is the call graph for this function:

Here is the caller graph for this function:

Packet* UTHBuildPacketSrcDst ( uint8_t *  payload,
uint16_t  payload_len,
uint8_t  ipproto,
const char *  src,
const char *  dst 
)

UTHBuildPacketSrcDst is a wrapper that build packets specifying IPs and defaulting ports.

Parameters
payloadpointer to the payloadd buffer
payload_lenpointer to the length of the payload
ipprotoProtocols allowed atm are IPPROTO_TCP and IPPROTO_UDP
Return values
Packetpointer to the built in packet

Definition at line 343 of file util-unittest-helper.c.

References UTHBuildPacketReal().

Referenced by DetectFtpbounceRegister(), DetectSameipRegister(), IPOnlyAddSignature(), SCThresholdConfParseFile(), SigGroupHeadContainsSigId(), and UTHParseSignature().

Here is the call graph for this function:

Here is the caller graph for this function:

Packet* UTHBuildPacketSrcDstPorts ( uint8_t *  payload,
uint16_t  payload_len,
uint8_t  ipproto,
uint16_t  sport,
uint16_t  dport 
)

UTHBuildPacketSrcDstPorts is a wrapper that build packets specifying src and dst ports and defaulting IPs.

Parameters
payloadpointer to the payloadd buffer
payload_lenpointer to the length of the payload
ipprotoProtocols allowed atm are IPPROTO_TCP and IPPROTO_UDP
Return values
Packetpointer to the built in packet

Definition at line 379 of file util-unittest-helper.c.

References UTHBuildPacketReal().

Referenced by UTHParseSignature().

Here is the call graph for this function:

Here is the caller graph for this function:

int UTHCheckPacketMatchResults ( Packet p,
uint32_t  sids[],
uint32_t  results[],
int  numsids 
)

UTHCheckPacketMatches: function to check if a packet match some sids.

Parameters
ppointer to the Packet
sigsarray of char* pointing to signatures to load
numsigsnumber of signatures to load from the array
resultspointer to an array of numbers to check if sids matches that number of times or not.
Return values
int1 if the match of all the sids is the specified has the specified results; 0 if not

Definition at line 618 of file util-unittest-helper.c.

References PacketAlertCheck(), res, SC_ERR_INVALID_ARGUMENT, SCLogError, and SCLogInfo.

Referenced by DetectSetupParseRegexes(), SCSigSignatureOrderingModuleCleanup(), TagTimeoutCheck(), and UTHMatchPacketsWithResults().

Here is the call graph for this function:

Here is the caller graph for this function:

void UTHFreeFlow ( Flow flow)
int UTHGenericTest ( Packet **  pkt,
int  numpkts,
const char *  sigs[],
uint32_t  sids[],
uint32_t *  results,
int  numsigs 
)

UTHGenericTest: function that perfom a generic check taking care of as maximum common unittest elements as possible. It will create a detection engine, append an array of signatures an check the spected results for each of them, it check matches for an array of packets.

Parameters
pktpointer to the array of packets
numpktsnumber of packets to match
sigsarray of char* pointing to signatures to load
numsigsnumber of signatures to load and check
resultspointer to arrays of numbers, each of them foreach packet to check if sids matches that packet as expected with that number of times or not. The size of results should be numpkts * numsigs * sizeof(uint16_t *)

Example: result[1][3] would mean the number of times the pkt[1] match the sid[3]

Return values
int1 if the match of all the sids is the specified has the specified results; 0 if not

Definition at line 575 of file util-unittest-helper.c.

References DE_QUIET, DetectEngineCtxFree(), DetectEngineCtxInit(), DetectEngineCtx_::flags, SC_ERR_INVALID_ARGUMENT, SCLogError, SigCleanSignatures(), SigGroupCleanup(), UTHAppendSigs(), and UTHMatchPacketsWithResults().

Referenced by DetectAsn1Register(), DetectIdFree(), DetectIPProtoRemoveAllSMs(), DetectIsdataatFree(), DetectSeqRegister(), DetectTosRegister(), DetectWindowFree(), IPOnlyAddSignature(), and TagTimeoutCheck().

Here is the call graph for this function:

Here is the caller graph for this function:

int UTHMatchPackets ( DetectEngineCtx de_ctx,
Packet **  p,
int  num_packets 
)
Test:
UTHMatchPackets Match a packet or a array of packets against sigs of a de_ctx, but note that the return value doesn't mean that we have a match, we have to check it later with PacketAlertCheck()
Parameters
de_ctxpointer with the signatures loaded
ppointer to the array of packets
num_packetsnumber of packets in the array
Return values
return1 if all goes well
return0 if something fail

Definition at line 741 of file util-unittest-helper.c.

References DetectEngineThreadCtxDeinit(), DetectEngineThreadCtxInit(), SC_ERR_INVALID_ARGUMENT, SCLogError, SCSigOrderSignatures(), SCSigRegisterSignatureOrderingFuncs(), SCSigSignatureOrderingModuleCleanup(), SigGroupBuild(), SigGroupCleanup(), and SigMatchSignatures().

Referenced by DetectSetupParseRegexes(), and SCSigSignatureOrderingModuleCleanup().

Here is the call graph for this function:

Here is the caller graph for this function:

int UTHMatchPacketsWithResults ( DetectEngineCtx de_ctx,
Packet **  p,
int  num_packets,
uint32_t  sids[],
uint32_t *  results,
int  numsigs 
)
Test:
UTHMatchPacketsWithResults Match a packet or a array of packets against sigs of a de_ctx, checking that each signature match match X times for certain packets
Parameters
de_ctxpointer with the signatures loaded
ppointer to the array of packets
num_packetsnumber of packets in the array
Return values
return1 if all goes well
return0 if something fail

Definition at line 691 of file util-unittest-helper.c.

References DetectEngineThreadCtxDeinit(), DetectEngineThreadCtxInit(), SC_ERR_INVALID_ARGUMENT, SCLogError, SigGroupBuild(), SigMatchSignatures(), and UTHCheckPacketMatchResults().

Referenced by ActionInitConfig(), and UTHGenericTest().

Here is the call graph for this function:

Here is the caller graph for this function:

int UTHPacketMatchSig ( Packet p,
const char *  sig 
)
Test:
Test if a packet match a signature given as string Hint: Useful for unittests with only one packet and one signature
Parameters
sigpointer to the string signature to test
sidsid number of the signature
Return values
return1 if match
return0 if not

Definition at line 853 of file util-unittest-helper.c.

References DE_QUIET, DetectEngineCtxFree(), DetectEngineCtxInit(), DetectEngineThreadCtxDeinit(), DetectEngineThreadCtxInit(), DetectEngineCtx_::flags, Signature_::id, PacketAlertCheck(), DetectEngineCtx_::sig_list, SigCleanSignatures(), SigGroupBuild(), SigGroupCleanup(), SigInit(), and SigMatchSignatures().

Referenced by DetectBytejumpDoMatch(), DetectBytetestDoMatch(), DetectDistanceRegister(), DetectIsdataatFree(), DetectPcrePayloadMatch(), DetectPortHashFree(), and DetectWithinRegister().

Here is the call graph for this function:

Here is the caller graph for this function:

int UTHPacketMatchSigMpm ( Packet p,
char *  sig,
uint16_t  mpm_type 
)
Test:
Test if a packet match a signature given as string and a mpm_type Hint: Useful for unittests with only one packet and one signature
Parameters
sigpointer to the string signature to test
sidsid number of the signature
Return values
return1 if match
return0 if not

Definition at line 792 of file util-unittest-helper.c.

References DE_QUIET, DetectEngineCtxFree(), DetectEngineCtxInit(), DetectEngineThreadCtxDeinit(), DetectEngineThreadCtxInit(), DetectEngineCtx_::flags, Signature_::id, DetectEngineCtx_::mpm_matcher, PacketAlertCheck(), SCEnter, SCReturnInt, DetectEngineCtx_::sig_list, SigCleanSignatures(), SigGroupBuild(), SigGroupCleanup(), SigInit(), and SigMatchSignatures().

Referenced by DetectEngineInspectStream().

Here is the call graph for this function:

Here is the caller graph for this function:

void UTHRegisterTests ( void  )

Definition at line 1147 of file util-unittest-helper.c.

References UtRegisterTest().

Here is the call graph for this function:

int UTHRemoveSessionFromFlow ( Flow f)

Definition at line 540 of file util-unittest-helper.c.

References FAIL_IF_NOT, FAIL_IF_NULL, Flow_::proto, Flow_::protoctx, SCFree, and StreamTcpSessionCleanup().

Referenced by DetectPcrePayloadMatch(), and DetectUricontentRegister().

Here is the call graph for this function:

Here is the caller graph for this function:

uint32_t UTHSetIPv4Address ( const char *  str)

return the uint32_t for a ipv4 address string

Parameters
strValid ipaddress in string form (e.g. 1.2.3.4)
Return values
uintthe uin32_t representation

Definition at line 57 of file util-unittest-helper.c.

Referenced by DetectIPRepFree(), and ICMPv4GetCounterpart().

Here is the caller graph for this function: