Adding upstream version 1:7.0.3.upstream/1%7.0.3

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 201 insertions, 0 deletions

diff --git a/src/util-mpm.h b/src/util-mpm.h
new file mode 100644
index 0000000..4ddd4de
--- /dev/null
+++ b/src/util-mpm.h
@@ -0,0 +1,201 @@
+/* Copyright (C) 2007-2014 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+/**
+ * \file
+ *
+ * \author Victor Julien <victor@inliniac.net>
+ */
+
+#ifndef __UTIL_MPM_H__
+#define __UTIL_MPM_H__
+
+#include "app-layer-protos.h"
+#include "util-prefilter.h"
+
+#define MPM_INIT_HASH_SIZE 65536
+
+enum {
+    MPM_NOTSET = 0,
+
+    /* aho-corasick */
+    MPM_AC,
+    MPM_AC_BS,
+    MPM_AC_KS,
+    MPM_HS,
+    /* table size */
+    MPM_TABLE_SIZE,
+};
+
+/* Internal Pattern Index: 0 to pattern_cnt-1 */
+typedef uint32_t MpmPatternIndex;
+
+typedef struct MpmThreadCtx_ {
+    void *ctx;
+
+    uint32_t memory_cnt;
+    uint32_t memory_size;
+
+} MpmThreadCtx;
+
+typedef struct MpmPattern_ {
+    /* length of the pattern */
+    uint16_t len;
+    /* flags describing the pattern */
+    uint8_t flags;
+
+    /* offset into the buffer where match may start */
+    uint16_t offset;
+
+    /* offset into the buffer before which match much complete */
+    uint16_t depth;
+
+    /* holds the original pattern that was added */
+    uint8_t *original_pat;
+    /* case sensitive */
+    uint8_t *cs;
+    /* case insensitive */
+    uint8_t *ci;
+    /* pattern id */
+    uint32_t id;
+
+    /* sid(s) for this pattern */
+    uint32_t sids_size;
+    SigIntId *sids;
+
+    struct MpmPattern_ *next;
+} MpmPattern;
+
+/* Indicates if this a global mpm_ctx.  Global mpm_ctx is the one that
+ * is instantiated when we use "single".  Non-global is "full", i.e.
+ * one per sgh. */
+#define MPMCTX_FLAGS_GLOBAL     BIT_U8(0)
+#define MPMCTX_FLAGS_NODEPTH    BIT_U8(1)
+
+typedef struct MpmCtx_ {
+    void *ctx;
+    uint8_t mpm_type;
+
+    uint8_t flags;
+
+    uint16_t maxdepth;
+
+    /* unique patterns */
+    uint32_t pattern_cnt;
+
+    uint16_t minlen;
+    uint16_t maxlen;
+
+    uint32_t memory_cnt;
+    uint32_t memory_size;
+
+    uint32_t max_pat_id;
+
+    /* hash used during ctx initialization */
+    MpmPattern **init_hash;
+} MpmCtx;
+
+/* if we want to retrieve an unique mpm context from the mpm context factory
+ * we should supply this as the key */
+#define MPM_CTX_FACTORY_UNIQUE_CONTEXT -1
+
+typedef struct MpmCtxFactoryItem {
+    const char *name;
+    MpmCtx *mpm_ctx_ts;
+    MpmCtx *mpm_ctx_tc;
+    int32_t id;
+    int32_t sm_list;
+    AppProto alproto; /**< ALPROTO_UNKNOWN is not an app item */
+    struct MpmCtxFactoryItem *next;
+} MpmCtxFactoryItem;
+
+typedef struct MpmCtxFactoryContainer_ {
+    MpmCtxFactoryItem *items;
+    int32_t no_of_items;
+    int32_t max_id;
+} MpmCtxFactoryContainer;
+
+/** pattern is case insensitive */
+#define MPM_PATTERN_FLAG_NOCASE 0x01
+/** pattern has a depth setting */
+#define MPM_PATTERN_FLAG_DEPTH      0x04
+/** pattern has an offset setting */
+#define MPM_PATTERN_FLAG_OFFSET 0x08
+/** the ctx uses it's own internal id instead of
+ *  what is passed through the API */
+#define MPM_PATTERN_CTX_OWNS_ID     0x20
+
+typedef struct MpmTableElmt_ {
+    const char *name;
+    void (*InitCtx)(struct MpmCtx_ *);
+    void (*InitThreadCtx)(struct MpmCtx_ *, struct MpmThreadCtx_ *);
+    void (*DestroyCtx)(struct MpmCtx_ *);
+    void (*DestroyThreadCtx)(struct MpmCtx_ *, struct MpmThreadCtx_ *);
+
+    /** function pointers for adding patterns to the mpm ctx.
+     *
+     *  \param mpm_ctx Mpm context to add the pattern to
+     *  \param pattern pointer to the pattern
+     *  \param pattern_len length of the pattern in bytes
+     *  \param offset pattern offset setting
+     *  \param depth pattern depth setting
+     *  \param pid pattern id
+     *  \param sid signature _internal_ id
+     *  \param flags pattern flags
+     */
+    int  (*AddPattern)(struct MpmCtx_ *, uint8_t *, uint16_t, uint16_t, uint16_t, uint32_t, SigIntId, uint8_t);
+    int  (*AddPatternNocase)(struct MpmCtx_ *, uint8_t *, uint16_t, uint16_t, uint16_t, uint32_t, SigIntId, uint8_t);
+    int  (*Prepare)(struct MpmCtx_ *);
+    uint32_t (*Search)(const struct MpmCtx_ *, struct MpmThreadCtx_ *, PrefilterRuleStore *, const uint8_t *, uint32_t);
+    void (*PrintCtx)(struct MpmCtx_ *);
+    void (*PrintThreadCtx)(struct MpmThreadCtx_ *);
+    void (*RegisterUnittests)(void);
+    uint8_t flags;
+} MpmTableElmt;
+
+extern MpmTableElmt mpm_table[MPM_TABLE_SIZE];
+extern uint8_t mpm_default_matcher;
+
+struct DetectEngineCtx_;
+
+int32_t MpmFactoryRegisterMpmCtxProfile(
+        struct DetectEngineCtx_ *, const char *, const int, const AppProto);
+void MpmFactoryReClaimMpmCtx(const struct DetectEngineCtx_ *, MpmCtx *);
+MpmCtx *MpmFactoryGetMpmCtxForProfile(const struct DetectEngineCtx_ *, int32_t, int);
+void MpmFactoryDeRegisterAllMpmCtxProfiles(struct DetectEngineCtx_ *);
+int32_t MpmFactoryIsMpmCtxAvailable(const struct DetectEngineCtx_ *, const MpmCtx *);
+
+void MpmTableSetup(void);
+void MpmRegisterTests(void);
+
+void MpmInitCtx(MpmCtx *mpm_ctx, uint8_t matcher);
+void MpmInitThreadCtx(MpmThreadCtx *mpm_thread_ctx, uint16_t);
+
+int MpmAddPatternCS(struct MpmCtx_ *mpm_ctx, uint8_t *pat, uint16_t patlen,
+                    uint16_t offset, uint16_t depth,
+                    uint32_t pid, SigIntId sid, uint8_t flags);
+int MpmAddPatternCI(struct MpmCtx_ *mpm_ctx, uint8_t *pat, uint16_t patlen,
+                    uint16_t offset, uint16_t depth,
+                    uint32_t pid, SigIntId sid, uint8_t flags);
+
+void MpmFreePattern(MpmCtx *mpm_ctx, MpmPattern *p);
+
+int MpmAddPattern(MpmCtx *mpm_ctx, uint8_t *pat, uint16_t patlen,
+                            uint16_t offset, uint16_t depth, uint32_t pid,
+                            SigIntId sid, uint8_t flags);
+
+#endif /* __UTIL_MPM_H__ */