C++ (Cpp) DetectTosFree示例

示例#1

文件： detect-tos.c 项目： glongo/suricata

static int DetectTosTest08(void)
{
    DetectTosData *tosd = NULL;
    tosd = DetectTosParse("x121", false);
    if (tosd != NULL) {
        DetectTosFree(tosd);
        return 0;
    }

    return 1;
}

示例#2

文件： detect-tos.c 项目： glongo/suricata

static int DetectTosTest10(void)
{
    DetectTosData *tosd = NULL;
    tosd = DetectTosParse("x12", true);
    if (tosd != NULL && tosd->tos == 0x12 && tosd->negated) {
        DetectTosFree(tosd);
        return 1;
    }

    return 0;
}

示例#3

文件： detect-tos.c 项目： glongo/suricata

static int DetectTosTest02(void)
{
    DetectTosData *tosd = NULL;
    tosd = DetectTosParse("123", false);
    if (tosd != NULL && tosd->tos == 123 && !tosd->negated) {
        DetectTosFree(tosd);
        return 1;
    }

    return 0;
}

示例#4

文件： detect-tos.c 项目： H5eye/suricata

int DetectTosTest11(void)
{
    DetectTosData *tosd = NULL;
    tosd = DetectTosParse(" ! 12");
    if (tosd != NULL && tosd->tos == 12 && tosd->negated) {
        DetectTosFree(tosd);
        return 1;
    }

    return 0;
}

示例#5

文件： detect-tos.c 项目： H5eye/suricata

int DetectTosTest05(void)
{
    DetectTosData *tosd = NULL;
    tosd = DetectTosParse("boom");
    if (tosd != NULL) {
        DetectTosFree(tosd);
        return 0;
    }

    return 1;
}

示例#6

文件： detect-tos.c 项目： glongo/suricata

/**
 * \brief Setup function for tos argument.  Parse the argument and
 *        add it into the sig.
 *
 * \param de_ctx Detection Engine Context instance.
 * \param s Pointer to the signature.
 * \param arg Argument to be parsed.
 *
 * \retval  0 on Success.
 * \retval -1 on Failure.
 */
static int DetectTosSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
    DetectTosData *tosd = DetectTosParse(arg, s->init_data->negated);
    if (tosd == NULL)
        return -1;

    SigMatch *sm = SigMatchAlloc();
    if (sm == NULL) {
        DetectTosFree(tosd);
        return -1;
    }

    sm->type = DETECT_TOS;
    sm->ctx = (SigMatchCtx *)tosd;

    SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_MATCH);
    s->flags |= SIG_FLAG_REQUIRE_PACKET;
    return 0;
}

示例#7

文件： detect-tos.c 项目： H5eye/suricata

DetectTosData *DetectTosParse(char *arg)
{
    DetectTosData *tosd = NULL;
#define MAX_SUBSTRINGS 30
    int ret = 0, res = 0;
    int ov[MAX_SUBSTRINGS];

    ret = pcre_exec(parse_regex, parse_regex_study, arg, strlen(arg), 0, 0,
                    ov, MAX_SUBSTRINGS);

    if (ret != 2) {
        SCLogError(SC_ERR_PCRE_MATCH, "invalid tos option - %s. "
                   "The tos option value must be in the range "
                   "%u - %u", arg, DETECT_IPTOS_MIN, DETECT_IPTOS_MAX);
        goto error;
    }

    const char *str_ptr;
    res = pcre_get_substring((char *)arg, ov, MAX_SUBSTRINGS, 1,
                             &str_ptr);
    if (res < 0) {
        SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_get_substring failed");
        goto error;
    }

    int64_t tos = 0;
    int negated = 0;

    if (*str_ptr == '!') {
        str_ptr++;
        negated = 1;
    }

    while (isspace((unsigned char)*str_ptr))
        str_ptr++;

    if (*str_ptr == 'x' || *str_ptr == 'X') {
        int r = ByteExtractStringSigned(&tos, 16, 0, str_ptr + 1);
        if (r < 0) {
            goto error;
        }
    } else {
        int r = ByteExtractStringSigned(&tos, 10, 0, str_ptr);
        if (r < 0) {
            goto error;
        }
    }
    if (!(tos >= DETECT_IPTOS_MIN && tos <= DETECT_IPTOS_MAX)) {
        SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid tos argument - "
                   "%s.  The tos option value must be in the range "
                   "%u - %u", str_ptr, DETECT_IPTOS_MIN, DETECT_IPTOS_MAX);
        goto error;
    }

    tosd = SCMalloc(sizeof(DetectTosData));
    if (unlikely(tosd == NULL))
        goto error;
    tosd->tos = (uint8_t)tos;
    tosd->negated = negated;

    return tosd;

error:
    if (tosd != NULL)
        DetectTosFree(tosd);
    return NULL;
}