suricata
util-validate.h
Go to the documentation of this file.
1 /* Copyright (C) 2007-2010 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Victor Julien <victor@inliniac.net>
22  *
23  * Functions & Macro's for validation of data structures. This is used for
24  * code correctness.
25  *
26  * These will abort() the program if they fail, so they should _only_ be
27  * used for testing.
28  */
29 
30 
31 #ifndef __UTIL_VALIDATE_H__
32 #define __UTIL_VALIDATE_H__
33 
34 #ifdef DEBUG_VALIDATION
35 
36 /** \brief test if a flow is locked.
37  *
38  * If trylock returns 0 it got a lock. Which means
39  * the flow was previously unlocked.
40  */
41 #define DEBUG_ASSERT_FLOW_LOCKED(f) do { \
42  if ((f) != NULL) { \
43  int r = SCMutexTrylock(&(f)->m); \
44  if (r == 0) { \
45  BUG_ON(1); \
46  } \
47  } \
48 } while(0)
49 
50 /** \brief validate the integrity of the flow
51  *
52  * BUG_ON's on problems
53  */
54 #define DEBUG_VALIDATE_FLOW(f) do { \
55  if ((f) != NULL) { \
56  BUG_ON((f)->flags & FLOW_IPV4 && \
57  (f)->flags & FLOW_IPV6); \
58  if ((f)->proto == IPPROTO_TCP) { \
59  BUG_ON((f)->alstate != NULL && \
60  (f)->alparser == NULL); \
61  } \
62  } \
63 } while(0)
64 
65 /** \brief validate the integrity of the packet
66  *
67  * BUG_ON's on problems
68  */
69 #define DEBUG_VALIDATE_PACKET(p) do { \
70  if ((p) != NULL) { \
71  if ((p)->flow != NULL) { \
72  DEBUG_VALIDATE_FLOW((p)->flow); \
73  } \
74  if (!((p)->flags & (PKT_IS_FRAGMENT|PKT_IS_INVALID))) { \
75  if ((p)->proto == IPPROTO_TCP) { \
76  BUG_ON((p)->tcph == NULL); \
77  } else if ((p)->proto == IPPROTO_UDP) { \
78  BUG_ON((p)->udph == NULL); \
79  } else if ((p)->proto == IPPROTO_ICMP) { \
80  BUG_ON((p)->icmpv4h == NULL); \
81  } else if ((p)->proto == IPPROTO_SCTP) { \
82  BUG_ON((p)->sctph == NULL); \
83  } else if ((p)->proto == IPPROTO_ICMPV6) { \
84  BUG_ON((p)->icmpv6h == NULL); \
85  } \
86  } \
87  if ((p)->payload_len > 0) { \
88  BUG_ON((p)->payload == NULL); \
89  } \
90  BUG_ON((p)->ip4h != NULL && (p)->ip6h != NULL); \
91  BUG_ON((p)->flowflags != 0 && (p)->flow == NULL); \
92  BUG_ON((p)->flowflags & FLOW_PKT_TOSERVER &&\
93  (p)->flowflags & FLOW_PKT_TOCLIENT); \
94  } \
95 } while(0)
96 
97 #define DEBUG_VALIDATE_BUG_ON(exp) BUG_ON((exp))
98 
99 #elif defined(__clang_analyzer__)
100 
101 #define DEBUG_ASSERT_FLOW_LOCKED(f)
102 #define DEBUG_VALIDATE_FLOW(f)
103 #define DEBUG_VALIDATE_PACKET(p)
104 #define DEBUG_VALIDATE_BUG_ON(exp) BUG_ON((exp))
105 
106 #else /* DEBUG_VALIDATE */
107 
108 #define DEBUG_ASSERT_FLOW_LOCKED(f)
109 #define DEBUG_VALIDATE_FLOW(f)
110 #define DEBUG_VALIDATE_PACKET(p)
111 #define DEBUG_VALIDATE_BUG_ON(exp)
112 
113 #endif /* DEBUG_VALIDATE */
114 
115 #endif /* __UTIL_VALIDATE_H__ */
116