HRESULT U2Dx9ShaderMgr::CreateShader( LPD3DXBUFFER pbufShader,
U2Dx9ShaderDesc::ShaderType ShaderType,
U2Dx9ShaderDesc * pDesc )
{
HRESULT hr = S_OK;
FAIL_IF_NULL( pbufShader );
FAIL_IF_NULL( pDesc );
FAIL_IF_NULL( ms_pD3DDev );
pDesc->m_type = ShaderType;
if( ShaderType == U2Dx9ShaderDesc::SHADERTYPE_VERTEX )
{
hr = ms_pD3DDev->CreateVertexShader( (DWORD*) pbufShader->GetBufferPointer(),
(IDirect3DVertexShader9**) & pDesc->m_pShader );
SAFE_RELEASE( pbufShader );
BREAK_AND_RET_VAL_IF_FAILED(hr);
}
else
{
hr = ms_pD3DDev->CreatePixelShader( (DWORD*) pbufShader->GetBufferPointer(),
(IDirect3DPixelShader9**) & pDesc->m_pShader );
SAFE_RELEASE( pbufShader );
BREAK_AND_RET_VAL_IF_FAILED(hr);
}
return( hr );
}
static int DetectFiledataIsdataatParseTest1(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
Signature *s = DetectEngineAppendSig(de_ctx,
"alert tcp any any -> any any ("
"file_data; content:\"one\"; "
"isdataat:!4,relative; sid:1;)");
FAIL_IF_NULL(s);
SigMatch *sm = s->init_data->smlists[g_file_data_buffer_id];
FAIL_IF_NULL(sm);
FAIL_IF_NOT(sm->type == DETECT_CONTENT);
sm = sm->next;
FAIL_IF_NULL(sm);
FAIL_IF_NOT(sm->type == DETECT_ISDATAAT);
DetectIsdataatData *data = (DetectIsdataatData *)sm->ctx;
FAIL_IF_NOT(data->flags & ISDATAAT_RELATIVE);
FAIL_IF_NOT(data->flags & ISDATAAT_NEGATED);
FAIL_IF(data->flags & ISDATAAT_RAWBYTES);
DetectEngineCtxFree(de_ctx);
PASS;
}
HRESULT DXDiagNVUtil::GetDirectXVersion( DWORD * pdwDirectXVersionMajor,
DWORD * pdwDirectXVersionMinor,
TCHAR * pcDirectXVersionLetter )
{
HRESULT hr = S_OK;
FAIL_IF_NULL( m_pDxDiagRoot );
FAIL_IF_NULL( pdwDirectXVersionMajor );
FAIL_IF_NULL( pdwDirectXVersionMinor );
FAIL_IF_NULL( pcDirectXVersionLetter );
wstring propval;
GetProperty( L"DxDiag_SystemInfo", L"dwDirectXVersionMajor", &propval );
*pdwDirectXVersionMajor = _wtoi( propval.c_str() );
GetProperty( L"DxDiag_SystemInfo", L"dwDirectXVersionMinor", &propval );
*pdwDirectXVersionMinor = _wtoi( propval.c_str() );
GetProperty( L"DxDiag_SystemInfo", L"szDirectXVersionLetter", &propval );
string str;
str = WStringToString( &propval );
if( str.length() > 0 )
*pcDirectXVersionLetter = str.at(0);
else
*pcDirectXVersionLetter = ' ';
return( hr );
}
static int DetectAppLayerProtocolTest04(void)
{
Signature *s = NULL;
DetectAppLayerProtocolData *data = NULL;
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any "
"(app-layer-protocol:!http; sid:1;)");
FAIL_IF_NULL(s);
FAIL_IF(s->alproto != ALPROTO_UNKNOWN);
FAIL_IF(s->flags & SIG_FLAG_APPLAYER);
FAIL_IF_NULL(s->sm_lists[DETECT_SM_LIST_MATCH]);
FAIL_IF_NULL(s->sm_lists[DETECT_SM_LIST_MATCH]->ctx);
data = (DetectAppLayerProtocolData*)s->sm_lists[DETECT_SM_LIST_MATCH]->ctx;
FAIL_IF_NULL(data);
FAIL_IF(data->alproto != ALPROTO_HTTP);
FAIL_IF(data->negated == 0);
DetectEngineCtxFree(de_ctx);
PASS;
}
/**
* \test Test that a signature containing a tls_cert_issuer is correctly parsed
* and that the keyword is registered.
*/
static int DetectTlsIssuerTest01(void)
{
DetectEngineCtx *de_ctx = NULL;
SigMatch *sm = NULL;
de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
"(msg:\"Testing tls_cert_issuer\"; "
"tls_cert_issuer; content:\"test\"; sid:1;)");
FAIL_IF_NULL(de_ctx->sig_list);
/* sm should not be in the MATCH list */
sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_TLSISSUER_MATCH];
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);
FAIL_IF_NOT_NULL(sm->next);
SigGroupCleanup(de_ctx);
SigCleanSignatures(de_ctx);
DetectEngineCtxFree(de_ctx);
PASS;
}
/* out: */
PyObject *supp_convertDocumentToPythonDocument(lucene::document::Document *doc) {
lucene::document::DocumentFieldEnumeration *fieldEnum = NULL;
PyObject *docFields = NULL;
PyObject *pyDoc = PyObject_CallFunctionObjArgs(global_DocumentConstructor, Py_False, NULL);
FAIL_IF_NULL(pyDoc);
docFields = PyDict_New();
FAIL_IF_NULL(docFields);
fieldEnum = doc->fields();
while (fieldEnum->hasMoreElements()) {
lucene::document::Field *field = fieldEnum->nextElement();
PyObject *pyName;
CONVERT_STRING_OUT(field->Name(), pyName);
if (pyName == NULL) goto fail;
PyObject *pyValue;
CONVERT_STRING_OUT(field->StringValue(), pyValue);
if (pyValue == NULL) {
Py_DECREF(pyName);
goto fail;
}
PyObject *pyIsStored = PyBool_FromLong( (long) field->IsStored() );
PyObject *pyIsIndexed = PyBool_FromLong( (long) field->IsIndexed() );
PyObject *pyIsTokenized = PyBool_FromLong( (long) field->IsTokenized() );
PyObject *pyField = PyObject_CallFunctionObjArgs(global_FieldConstructor,
pyName, pyValue, pyIsStored, pyIsIndexed, pyIsTokenized,
NULL
);
Py_DECREF(pyValue);
Py_DECREF(pyIsStored);
Py_DECREF(pyIsIndexed);
Py_DECREF(pyIsTokenized);
if (pyField == NULL) {
Py_DECREF(pyName);
goto fail;
}
if ( PyDict_SetItem(docFields, pyName, pyField) == -1) goto fail;
/* PyDict_SetItem established its own references to pyName and pyField. */
Py_DECREF(pyName);
Py_DECREF(pyField);
}
/* Now we have a dict containing the fields. Attach it to pyDoc. */
if ( PyObject_SetAttr(pyDoc, global_string__fields, docFields) == -1) goto fail;
Py_DECREF(docFields);
delete fieldEnum;
return pyDoc;
fail:
if (!PyErr_Occurred()) PyErr_NoMemory();
Py_XDECREF(pyDoc);
Py_XDECREF(docFields);
delete fieldEnum;
return NULL;
}
static int DetectTemplateSignatureTest01 (void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
Signature *sig = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any (template:1,10; sid:1; rev:1;)");
FAIL_IF_NULL(sig);
DetectEngineCtxFree(de_ctx);
PASS;
}
static int DetectFtpdataSignatureTest01(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
Signature *sig = DetectEngineAppendSig(de_ctx, "alert ip any any -> any any (ftpdata_command:stor; sid:1; rev:1;)");
FAIL_IF_NULL(sig);
DetectEngineCtxFree(de_ctx);
PASS;
}
static int DetectKrb5ErrCodeSignatureTest01 (void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
Signature *sig = DetectEngineAppendSig(de_ctx, "alert krb5 any any -> any any (krb5_err_code:10; sid:1; rev:1;)");
FAIL_IF_NULL(sig);
DetectEngineCtxFree(de_ctx);
PASS;
}
int UTHRemoveSessionFromFlow(Flow *f)
{
FAIL_IF_NULL(f);
FAIL_IF_NOT(f->proto == IPPROTO_TCP);
TcpSession *ssn = f->protoctx;
FAIL_IF_NULL(ssn);
StreamTcpSessionCleanup(ssn);
SCFree(ssn);
f->protoctx = NULL;
return 1;
}
/**
* \test Test that a signature containting a http_request_line is correctly parsed
* and the keyword is registered.
*/
static int DetectHttpRequestLineTest01(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any "
"(http_request_line; content:\"GET /\"; sid:1;)");
FAIL_IF_NULL(de_ctx->sig_list);
DetectEngineCtxFree(de_ctx);
PASS;
}
int UTHAddStreamToFlow(Flow *f, int direction,
uint8_t *data, uint32_t data_len)
{
FAIL_IF_NULL(f);
FAIL_IF_NOT(f->proto == IPPROTO_TCP);
FAIL_IF_NULL(f->protoctx);
TcpSession *ssn = f->protoctx;
StreamingBufferSegment seg;
TcpStream *stream = direction == 0 ? &ssn->client : &ssn->server;
int r = StreamingBufferAppend(&stream->sb, &seg, data, data_len);
FAIL_IF_NOT(r == 0);
stream->last_ack += data_len;
return 1;
}
HRESULT DXDiagNVUtil::GetDebugLevels( wstring * pwstrLevels )
{
HRESULT hr = S_OK;
FAIL_IF_NULL( pwstrLevels );
*pwstrLevels = L"";
wstring propval;
hr = GetProperty( L"DxDiag_SystemInfo", L"nD3DDebugLevel", &propval );
pwstrLevels->append( L"D3DDebugLevel = "); pwstrLevels->append( propval ); pwstrLevels->append(L"\n");
hr = GetProperty( L"DxDiag_SystemInfo", L"nDDrawDebugLevel", &propval );
pwstrLevels->append( L"DDrawDebugLevel = "); pwstrLevels->append( propval ); pwstrLevels->append(L"\n");
hr = GetProperty( L"DxDiag_SystemInfo", L"nDIDebugLevel", &propval );
pwstrLevels->append( L"DIDebugLevel = "); pwstrLevels->append( propval ); pwstrLevels->append(L"\n");
hr = GetProperty( L"DxDiag_SystemInfo", L"nDMusicDebugLevel", &propval );
pwstrLevels->append( L"DMusicDebugLevel = "); pwstrLevels->append( propval ); pwstrLevels->append(L"\n");
hr = GetProperty( L"DxDiag_SystemInfo", L"nDPlayDebugLevel", &propval );
pwstrLevels->append( L"DPlayDebugLevel = "); pwstrLevels->append( propval ); pwstrLevels->append(L"\n");
hr = GetProperty( L"DxDiag_SystemInfo", L"nDSoundDebugLevel", &propval );
pwstrLevels->append( L"DSoundDebugLevel = "); pwstrLevels->append( propval ); pwstrLevels->append(L"\n");
hr = GetProperty( L"DxDiag_SystemInfo", L"nDShowDebugLevel", &propval );
pwstrLevels->append( L"DShowDebugLevel = "); pwstrLevels->append( propval ); pwstrLevels->append(L"\n");
return( hr );
}
/**
* \test Test parsing of negated states.
*/
int DetectSslStateTestParseNegate(void)
{
DetectSslStateData *ssd = DetectSslStateParse("!client_hello");
FAIL_IF_NULL(ssd);
uint32_t expected = DETECT_SSL_STATE_CLIENT_HELLO;
FAIL_IF(ssd->flags != expected || ssd->mask != expected);
SCFree(ssd);
ssd = DetectSslStateParse("!client_hello,!server_hello");
FAIL_IF_NULL(ssd);
expected = DETECT_SSL_STATE_CLIENT_HELLO | DETECT_SSL_STATE_SERVER_HELLO;
FAIL_IF(ssd->flags != expected || ssd->mask != expected);
SCFree(ssd);
PASS;
}
void MixedApp::InitializeWindow(HINSTANCE instance)
{
WNDCLASSEX wcx{};
wcx.cbSize = sizeof(wcx);
wcx.hbrBackground = static_cast<HBRUSH>(GetStockObject(BLACK_BRUSH));
wcx.hInstance = instance;
wcx.lpfnWndProc = s_WindowProc;
wcx.lpszClassName = ClassName;
if (RegisterClassEx(&wcx) == INVALID_ATOM)
{
FAIL(L"RegisterClassEx failed.");
}
DWORD style = WS_OVERLAPPEDWINDOW;
RECT rc{ 0, 0, 1280, 720 };
AdjustWindowRect(&rc, style, FALSE);
Window = CreateWindow(ClassName, ClassName, style, CW_USEDEFAULT, CW_USEDEFAULT,
rc.right - rc.left, rc.bottom - rc.top, nullptr, nullptr, instance, nullptr);
FAIL_IF_NULL(Window, L"Failed to create window. Error %d", GetLastError());
ShowWindow(Window, SW_SHOW);
UpdateWindow(Window);
}
/**
* Test that a DCE ethernet frame, followed by data that is too small
* for an ethernet header.
*
* Redmine issue:
* https://redmine.openinfosecfoundation.org/issues/2887
*/
static int DecodeEthernetTestDceNextTooSmall(void)
{
uint8_t raw_eth[] = {
0x00, 0x10, 0x94, 0x55, 0x00, 0x01, 0x00, 0x10,
0x94, 0x56, 0x00, 0x01, 0x89, 0x03, //0x88, 0x64,
0x00, 0x00,
0x00, 0x10, 0x94, 0x55, 0x00, 0x01, 0x00, 0x10,
0x94, 0x56, 0x00, 0x01,
};
Packet *p = SCMalloc(SIZE_OF_PACKET);
FAIL_IF_NULL(p);
ThreadVars tv;
DecodeThreadVars dtv;
memset(&dtv, 0, sizeof(DecodeThreadVars));
memset(&tv, 0, sizeof(ThreadVars));
memset(p, 0, SIZE_OF_PACKET);
DecodeEthernet(&tv, &dtv, p, raw_eth, sizeof(raw_eth), NULL);
FAIL_IF_NOT(ENGINE_ISSET_EVENT(p, ETHERNET_PKT_TOO_SMALL));
SCFree(p);
PASS;
}
void frameq_enqueue_send_and_recv_vr(void* arg, struct modtest_result* result) {
//int ret = 0;
const char buf[] = { 0x7E, 0x00, 0x04, 0x08, 0x01, 0x56, 0x52, 0x4E };
const int count = 8;
struct xb_device* xbdev = (struct xb_device*)arg;
struct sk_buff* send_buf = alloc_skb(128, GFP_KERNEL);
struct sk_buff* skb;
unsigned char* tail = skb_put(send_buf, count);
memcpy(tail, buf, count);
frameq_enqueue_send(&xbdev->send_queue, send_buf);
FAIL_IF_NOT_EQ(1, skb_queue_len(&xbdev->send_queue));
FAIL_IF_NOT_EQ(0, xbdev->recv_buf->len);
xb_send(xbdev);
skb = xb_recv(xbdev, 1, 1000);
FAIL_IF_NULL(skb);
FAIL_IF_NOT_EQ(0, skb_queue_len(&xbdev->send_queue));
TEST_SUCCESS();
}
static int FlowBitsTestSig02(void)
{
Signature *s = NULL;
ThreadVars th_v;
DetectEngineCtx *de_ctx = NULL;
memset(&th_v, 0, sizeof(th_v));
de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"isset rule need an option\"; flowbits:isset; content:\"GET \"; sid:1;)");
FAIL_IF_NOT_NULL(s);
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"isnotset rule need an option\"; flowbits:isnotset; content:\"GET \"; sid:2;)");
FAIL_IF_NOT_NULL(s);
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"set rule need an option\"; flowbits:set; content:\"GET \"; sid:3;)");
FAIL_IF_NOT_NULL(s);
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"unset rule need an option\"; flowbits:unset; content:\"GET \"; sid:4;)");
FAIL_IF_NOT_NULL(s);
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"toggle rule need an option\"; flowbits:toggle; content:\"GET \"; sid:5;)");
FAIL_IF_NOT_NULL(s);
DetectEngineCtxFree(de_ctx);
PASS;
}
static int DecodeMPLSTestPacketTooSmall(void)
{
ThreadVars tv;
DecodeThreadVars dtv;
memset(&dtv, 0, sizeof(DecodeThreadVars));
memset(&tv, 0, sizeof(ThreadVars));
Packet *p0 = SCCalloc(1, SIZE_OF_PACKET);
memset(p0, 0, SIZE_OF_PACKET);
uint8_t pkt0[] = { 0x00, 0x01, 0x51, 0xff };
DecodeMPLS(&tv, &dtv, p0, pkt0, sizeof(pkt0), NULL);
FAIL_IF_NOT(ENGINE_ISSET_EVENT(p0, MPLS_PKT_TOO_SMALL));
SCFree(p0);
Packet *p1 = SCCalloc(1, SIZE_OF_PACKET);
FAIL_IF_NULL(p1);
uint8_t pkt1[] = { 0x00, 0x01, 0x51, 0xff, 0x45 };
DecodeMPLS(&tv, &dtv, p1, pkt1, sizeof(pkt1), NULL);
FAIL_IF_NOT(ENGINE_ISSET_EVENT(p1, MPLS_PKT_TOO_SMALL));
SCFree(p1);
Packet *p2 = SCCalloc(1, SIZE_OF_PACKET);
FAIL_IF_NULL(p2);
uint8_t pkt2[] = { 0x00, 0x01, 0x51, 0xff, 0x45, 0x01 };
DecodeMPLS(&tv, &dtv, p2, pkt2, sizeof(pkt2), NULL);
FAIL_IF_NOT(ENGINE_ISSET_EVENT(p2, MPLS_PKT_TOO_SMALL));
SCFree(p2);
Packet *p3 = SCCalloc(1, SIZE_OF_PACKET);
FAIL_IF_NULL(p3);
uint8_t pkt3[] = { 0x00, 0x01, 0x51, 0xff, 0x45, 0x01, 0x02 };
DecodeMPLS(&tv, &dtv, p3, pkt3, sizeof(pkt3), NULL);
FAIL_IF_NOT(ENGINE_ISSET_EVENT(p3, MPLS_PKT_TOO_SMALL));
SCFree(p3);
// This should not create a too small event is it has one more byte
// than required.
Packet *p4 = SCCalloc(1, SIZE_OF_PACKET);
FAIL_IF_NULL(p4);
uint8_t pkt4[] = { 0x00, 0x01, 0x51, 0xff, 0x45, 0x01, 0x02, 0x03 };
DecodeMPLS(&tv, &dtv, p4, pkt4, sizeof(pkt4), NULL);
FAIL_IF(ENGINE_ISSET_EVENT(p4, MPLS_PKT_TOO_SMALL));
SCFree(p4);
PASS;
}
/**
* \test DetectFlowTestParse01 is a test to make sure that we return "something"
* when given valid flow opt
*/
int DetectFlowTestParse01 (void)
{
DetectFlowData *fd = NULL;
fd = DetectFlowParse("established");
FAIL_IF_NULL(fd);
DetectFlowFree(fd);
PASS;
}
int DetectSslStateTest01(void)
{
DetectSslStateData *ssd = DetectSslStateParse("client_hello");
FAIL_IF_NULL(ssd);
FAIL_IF_NOT(ssd->flags == DETECT_SSL_STATE_CLIENT_HELLO);
SCFree(ssd);
PASS;
}
static int DetectKrb5ErrCodeParseTest01 (void)
{
DetectKrb5ErrCodeData *krb5d = DetectKrb5ErrCodeParse("10");
FAIL_IF_NULL(krb5d);
FAIL_IF(!(krb5d->err_code == 10));
DetectKrb5ErrCodeFree(krb5d);
PASS;
}
static int DetectTemplateParseTest01 (void)
{
DetectTemplateData *templated = DetectTemplateParse("1,10");
FAIL_IF_NULL(templated);
FAIL_IF(!(templated->arg1 == 1 && templated->arg2 == 10));
DetectTemplateFree(templated);
PASS;
}
HRESULT DXDiagNVUtil::GetDisplayDeviceProp( DWORD dwDevice, LPCWSTR prop_name, wstring * pwstrProp )
{
HRESULT hr = S_OK;
FAIL_IF_NULL( prop_name );
FAIL_IF_NULL( pwstrProp );
*pwstrProp = L"";
IDxDiagContainer * pDisplayDevice;
hr = GetDisplayDeviceNode( dwDevice, &pDisplayDevice );
RET_VAL_IF_FAILED( hr );
FAIL_IF_NULL( pDisplayDevice );
hr = GetProperty( pDisplayDevice, prop_name, pwstrProp );
MSG_IF( FAILED(hr), "GetDisplayDeviceProp() Couldn't get the property string!\n");
return( hr );
}
static int DetectAppLayerProtocolTest14(void)
{
DetectAppLayerProtocolData *data = NULL;
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
Signature *s1 = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any "
"(app-layer-protocol:http; flowbits:set,blah; sid:1;)");
FAIL_IF_NULL(s1);
FAIL_IF(s1->alproto != ALPROTO_UNKNOWN);
FAIL_IF_NULL(s1->sm_lists[DETECT_SM_LIST_MATCH]);
FAIL_IF_NULL(s1->sm_lists[DETECT_SM_LIST_MATCH]->ctx);
data = (DetectAppLayerProtocolData *)s1->sm_lists[DETECT_SM_LIST_MATCH]->ctx;
FAIL_IF(data->alproto != ALPROTO_HTTP);
FAIL_IF(data->negated);
Signature *s2 = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any "
"(app-layer-protocol:http; flow:to_client; sid:2;)");
FAIL_IF_NULL(s2);
FAIL_IF(s2->alproto != ALPROTO_UNKNOWN);
FAIL_IF_NULL(s2->sm_lists[DETECT_SM_LIST_MATCH]);
FAIL_IF_NULL(s2->sm_lists[DETECT_SM_LIST_MATCH]->ctx);
data = (DetectAppLayerProtocolData *)s2->sm_lists[DETECT_SM_LIST_MATCH]->ctx;
FAIL_IF(data->alproto != ALPROTO_HTTP);
FAIL_IF(data->negated);
/* flow:established and other options not supported for PD-only */
Signature *s3 = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any "
"(app-layer-protocol:http; flow:to_client,established; sid:3;)");
FAIL_IF_NULL(s3);
FAIL_IF(s3->alproto != ALPROTO_UNKNOWN);
FAIL_IF_NULL(s3->sm_lists[DETECT_SM_LIST_MATCH]);
FAIL_IF_NULL(s3->sm_lists[DETECT_SM_LIST_MATCH]->ctx);
data = (DetectAppLayerProtocolData *)s3->sm_lists[DETECT_SM_LIST_MATCH]->ctx;
FAIL_IF(data->alproto != ALPROTO_HTTP);
FAIL_IF(data->negated);
SigGroupBuild(de_ctx);
FAIL_IF_NOT(s1->flags & SIG_FLAG_PDONLY);
FAIL_IF_NOT(s2->flags & SIG_FLAG_PDONLY);
FAIL_IF(s3->flags & SIG_FLAG_PDONLY); // failure now
DetectEngineCtxFree(de_ctx);
PASS;
}
/**
* \test FlagsTestParse01 is a test for a valid flags value
*
* \retval 1 on succces
* \retval 0 on failure
*/
static int FlagsTestParse01 (void)
{
DetectFlagsData *de = DetectFlagsParse("S");
FAIL_IF_NULL(de);
FAIL_IF_NOT(de->flags == TH_SYN);
DetectFlagsFree(de);
PASS;
}
/**
* \test DetectFlowTestParseNocase01 is a test to make sure that we return "something"
* when given valid flow opt
*/
int DetectFlowTestParseNocase01 (void)
{
DetectFlowData *fd = NULL;
fd = DetectFlowParse("ESTABLISHED");
FAIL_IF_NULL(fd);
DetectFlowFree(fd);
PASS;
}
static int DetectFtpdataParseTest01(void)
{
DetectFtpdataData *ftpcommandd = DetectFtpdataParse("stor");
FAIL_IF_NULL(ftpcommandd);
FAIL_IF(!(ftpcommandd->command == FTP_COMMAND_STOR));
DetectFtpdataFree(ftpcommandd);
PASS;
}
/**
* \test DetectFlowTestParseNocase03 is a test for setting the stateless flow opt
*/
int DetectFlowTestParseNocase03 (void)
{
DetectFlowData *fd = NULL;
fd = DetectFlowParse("STATELESS");
FAIL_IF_NULL(fd);
FAIL_IF_NOT(fd->flags == DETECT_FLOW_FLAG_STATELESS && fd->match_cnt == 1); DetectFlowFree(fd);
PASS;
}
static int FlowBitsTestSig05(void)
{
Signature *s = NULL;
DetectEngineCtx *de_ctx = NULL;
de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Noalert\"; flowbits:noalert; content:\"GET \"; sid:1;)");
FAIL_IF_NULL(s);
FAIL_IF((s->flags & SIG_FLAG_NOALERT) != SIG_FLAG_NOALERT);
DetectEngineCtxFree(de_ctx);
PASS;
}