Beispiel #1
0
/**
 * \brief Setup function for tos argument.  Parse the argument and
 *        add it into the sig.
 *
 * \param de_ctx Detection Engine Context instance.
 * \param s Pointer to the signature.
 * \param arg Argument to be parsed.
 *
 * \retval  0 on Success.
 * \retval -1 on Failure.
 */
int DetectTosSetup(DetectEngineCtx *de_ctx, Signature *s, char *arg)
{
    DetectTosData *tosd;
    SigMatch *sm;

    tosd = DetectTosParse(arg);
    if (tosd == NULL)
        goto error;

    /* Okay so far so good, lets get this into a SigMatch
     * and put it in the Signature. */
    sm = SigMatchAlloc();
    if (sm == NULL)
        goto error;

    sm->type = DETECT_TOS;
    sm->ctx = (SigMatchCtx *)tosd;

    SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_MATCH);
    s->flags |= SIG_FLAG_REQUIRE_PACKET;

    return 0;

error:
    return -1;
}
Beispiel #2
0
static int DetectTosTest10(void)
{
    DetectTosData *tosd = NULL;
    tosd = DetectTosParse("x12", true);
    if (tosd != NULL && tosd->tos == 0x12 && tosd->negated) {
        DetectTosFree(tosd);
        return 1;
    }

    return 0;
}
Beispiel #3
0
static int DetectTosTest08(void)
{
    DetectTosData *tosd = NULL;
    tosd = DetectTosParse("x121", false);
    if (tosd != NULL) {
        DetectTosFree(tosd);
        return 0;
    }

    return 1;
}
Beispiel #4
0
static int DetectTosTest02(void)
{
    DetectTosData *tosd = NULL;
    tosd = DetectTosParse("123", false);
    if (tosd != NULL && tosd->tos == 123 && !tosd->negated) {
        DetectTosFree(tosd);
        return 1;
    }

    return 0;
}
Beispiel #5
0
int DetectTosTest11(void)
{
    DetectTosData *tosd = NULL;
    tosd = DetectTosParse(" ! 12");
    if (tosd != NULL && tosd->tos == 12 && tosd->negated) {
        DetectTosFree(tosd);
        return 1;
    }

    return 0;
}
Beispiel #6
0
int DetectTosTest05(void)
{
    DetectTosData *tosd = NULL;
    tosd = DetectTosParse("boom");
    if (tosd != NULL) {
        DetectTosFree(tosd);
        return 0;
    }

    return 1;
}
Beispiel #7
0
/**
 * \brief Setup function for tos argument.  Parse the argument and
 *        add it into the sig.
 *
 * \param de_ctx Detection Engine Context instance.
 * \param s Pointer to the signature.
 * \param arg Argument to be parsed.
 *
 * \retval  0 on Success.
 * \retval -1 on Failure.
 */
static int DetectTosSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
    DetectTosData *tosd = DetectTosParse(arg, s->init_data->negated);
    if (tosd == NULL)
        return -1;

    SigMatch *sm = SigMatchAlloc();
    if (sm == NULL) {
        DetectTosFree(tosd);
        return -1;
    }

    sm->type = DETECT_TOS;
    sm->ctx = (SigMatchCtx *)tosd;

    SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_MATCH);
    s->flags |= SIG_FLAG_REQUIRE_PACKET;
    return 0;
}