diff options
Diffstat (limited to 'src/detect-ipopts.c')
| -rw-r--r-- | src/detect-ipopts.c | 75 |
1 files changed, 31 insertions, 44 deletions
diff --git a/src/detect-ipopts.c b/src/detect-ipopts.c index 105751c..01b4712 100644 --- a/src/detect-ipopts.c +++ b/src/detect-ipopts.c @@ -25,23 +25,13 @@ #include "suricata-common.h" #include "suricata.h" -#include "decode.h" #include "detect.h" #include "detect-parse.h" -#include "flow-var.h" -#include "decode-events.h" - -#include "util-debug.h" - #include "detect-ipopts.h" #include "util-unittest.h" -#define PARSE_REGEX "\\S[A-z]" - -static DetectParseRegex parse_regex; - static int DetectIpOptsMatch (DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *); static int DetectIpOptsSetup (DetectEngineCtx *, Signature *, const char *); @@ -64,7 +54,6 @@ void DetectIpOptsRegister (void) #ifdef UNITTESTS sigmatch_table[DETECT_IPOPTS].RegisterTests = IpOptsRegisterTests; #endif - DetectSetupParseRegexes(PARSE_REGEX, &parse_regex); } /** @@ -173,11 +162,7 @@ static int DetectIpOptsMatch (DetectEngineThreadCtx *det_ctx, Packet *p, if (!de || !PKT_IS_IPV4(p) || PKT_IS_PSEUDOPKT(p)) return 0; - if (p->ip4vars.opts_set & de->ipopt) { - return 1; - } - - return 0; + return (p->ip4vars.opts_set & de->ipopt) == de->ipopt; } /** @@ -191,42 +176,30 @@ static int DetectIpOptsMatch (DetectEngineThreadCtx *det_ctx, Packet *p, */ static DetectIpOptsData *DetectIpOptsParse (const char *rawstr) { - int i; - DetectIpOptsData *de = NULL; - int found = 0; - - pcre2_match_data *match = NULL; - int ret = DetectParsePcreExec(&parse_regex, &match, rawstr, 0, 0); - if (ret < 1) { - SCLogError("pcre_exec parse error, ret %" PRId32 ", string %s", ret, rawstr); - goto error; - } + if (rawstr == NULL || strlen(rawstr) == 0) + return NULL; + int i; + bool found = false; for(i = 0; ipopts[i].ipopt_name != NULL; i++) { if((strcasecmp(ipopts[i].ipopt_name,rawstr)) == 0) { - found = 1; + found = true; break; } } - if(found == 0) - goto error; + if (!found) { + SCLogError("unknown IP option specified \"%s\"", rawstr); + return NULL; + } - de = SCMalloc(sizeof(DetectIpOptsData)); + DetectIpOptsData *de = SCMalloc(sizeof(DetectIpOptsData)); if (unlikely(de == NULL)) - goto error; + return NULL; de->ipopt = ipopts[i].code; - pcre2_match_data_free(match); return de; - -error: - if (match) { - pcre2_match_data_free(match); - } - if (de) SCFree(de); - return NULL; } /** @@ -242,10 +215,8 @@ error: */ static int DetectIpOptsSetup (DetectEngineCtx *de_ctx, Signature *s, const char *rawstr) { - DetectIpOptsData *de = NULL; SigMatch *sm = NULL; - - de = DetectIpOptsParse(rawstr); + DetectIpOptsData *de = DetectIpOptsParse(rawstr); if (de == NULL) goto error; @@ -275,8 +246,9 @@ error: */ void DetectIpOptsFree(DetectEngineCtx *de_ctx, void *de_ptr) { - DetectIpOptsData *de = (DetectIpOptsData *)de_ptr; - if(de) SCFree(de); + if (de_ptr) { + SCFree(de_ptr); + } } /* @@ -381,6 +353,20 @@ static int IpOptsTestParse04 (void) } /** + * \test IpOptsTestParse05 tests the NULL and empty string + */ +static int IpOptsTestParse05(void) +{ + DetectIpOptsData *de = DetectIpOptsParse(""); + FAIL_IF_NOT_NULL(de); + + de = DetectIpOptsParse(NULL); + FAIL_IF_NOT_NULL(de); + + PASS; +} + +/** * \brief this function registers unit tests for IpOpts */ void IpOptsRegisterTests(void) @@ -389,5 +375,6 @@ void IpOptsRegisterTests(void) UtRegisterTest("IpOptsTestParse02", IpOptsTestParse02); UtRegisterTest("IpOptsTestParse03", IpOptsTestParse03); UtRegisterTest("IpOptsTestParse04", IpOptsTestParse04); + UtRegisterTest("IpOptsTestParse05", IpOptsTestParse05); } #endif /* UNITTESTS */ |