C++ (Cpp) FAIL_IF_NOT_NULL示例

示例#1

0

显示文件

文件： detect-flowbits.c 项目： P1sec/suricata

static int FlowBitsTestSig02(void)
{
    Signature *s = NULL;
    ThreadVars th_v;
    DetectEngineCtx *de_ctx = NULL;

    memset(&th_v, 0, sizeof(th_v));

    de_ctx = DetectEngineCtxInit();
    FAIL_IF_NULL(de_ctx);

    de_ctx->flags |= DE_QUIET;

    s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"isset rule need an option\"; flowbits:isset; content:\"GET \"; sid:1;)");
    FAIL_IF_NOT_NULL(s);

    s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"isnotset rule need an option\"; flowbits:isnotset; content:\"GET \"; sid:2;)");
    FAIL_IF_NOT_NULL(s);

    s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"set rule need an option\"; flowbits:set; content:\"GET \"; sid:3;)");
    FAIL_IF_NOT_NULL(s);

    s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"unset rule need an option\"; flowbits:unset; content:\"GET \"; sid:4;)");
    FAIL_IF_NOT_NULL(s);

    s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"toggle rule need an option\"; flowbits:toggle; content:\"GET \"; sid:5;)");
    FAIL_IF_NOT_NULL(s);

    DetectEngineCtxFree(de_ctx);

    PASS;
}

示例#2

0

显示文件

文件： detect-tls-cert-issuer.c 项目： P1sec/suricata

/**
 * \test Test that a signature containing a tls_cert_issuer is correctly parsed
 *       and that the keyword is registered.
 */
static int DetectTlsIssuerTest01(void)
{
    DetectEngineCtx *de_ctx = NULL;
    SigMatch *sm = NULL;

    de_ctx = DetectEngineCtxInit();
    FAIL_IF_NULL(de_ctx);

    de_ctx->flags |= DE_QUIET;
    de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
                               "(msg:\"Testing tls_cert_issuer\"; "
                               "tls_cert_issuer; content:\"test\"; sid:1;)");
    FAIL_IF_NULL(de_ctx->sig_list);

    /* sm should not be in the MATCH list */
    sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
    FAIL_IF_NOT_NULL(sm);

    sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_TLSISSUER_MATCH];
    FAIL_IF_NULL(sm);

    FAIL_IF(sm->type != DETECT_CONTENT);
    FAIL_IF_NOT_NULL(sm->next);

    SigGroupCleanup(de_ctx);
    SigCleanSignatures(de_ctx);
    DetectEngineCtxFree(de_ctx);

    PASS;
}

示例#3

0

显示文件

/**
 * \test DetectFlowTestParse14 is a test for a empty option
 */
int DetectFlowTestParse14 (void)
{
    DetectFlowData *fd = NULL;
    fd = DetectFlowParse("");
    FAIL_IF_NOT_NULL(fd);
    PASS;
}

示例#4

0

显示文件

/**
 * \test DetectFlowTestParse13 is a test for an invalid option
 */
int DetectFlowTestParse13 (void)
{
    DetectFlowData *fd = NULL;
    fd = DetectFlowParse("invalidoptiontest");
    FAIL_IF_NOT_NULL(fd);
    PASS;
}

示例#5

0

显示文件

/**
 * \test DetectFlowTestParse12 is a test for setting an invalid seperator :
 */
int DetectFlowTestParse12 (void)
{
    DetectFlowData *fd = NULL;
    fd = DetectFlowParse("from_server:stateless");
    FAIL_IF_NOT_NULL(fd);
    PASS;
}

示例#6

0

显示文件

/**
 * \test DetectFlowTestParse16 is a test for an invalid combo of options to_client,from_server
 * flowbit flags are the same
 */
int DetectFlowTestParse17 (void)
{
    DetectFlowData *fd = NULL;
    fd = DetectFlowParse("to_client,from_server");
    FAIL_IF_NOT_NULL(fd);
    PASS;
}

示例#7

0

显示文件

/**
 * \test DetectFlowTestParse19 is a test for one to many options passed to DetectFlowParse
 */
int DetectFlowTestParse19 (void)
{
    DetectFlowData *fd = NULL;
    fd = DetectFlowParse("from_server,established,only_stream,a");
    FAIL_IF_NOT_NULL(fd);
    PASS;
}

示例#8

0

显示文件

/**
 * \test DetectFlowTestParse21 is a test for an invalid opt between to valid opts
 */
int DetectFlowTestParse21 (void)
{
    DetectFlowData *fd = NULL;
    fd = DetectFlowParse("from_server,a,no_stream");
    FAIL_IF_NOT_NULL(fd);
    PASS;
}

示例#9

0

显示文件

文件： detect-nfs-version.c 项目： bmeeks8/suricata

/**
 * \test This is a test for a invalid value 1490000000<>1430000000.
 *
 * \retval 1 on success.
 * \retval 0 on failure.
 */
static int ValidityTestParse11 (void)
{
    DetectNfsVersionData *dd = NULL;
    dd = DetectNfsVersionParse("1490000000<>1430000000");
    FAIL_IF_NOT_NULL(dd);
    PASS;
}

示例#10

0

显示文件

文件： detect-nfs-version.c 项目： bmeeks8/suricata

/**
 * \test This is a test for a invalid value "".
 *
 * \retval 1 on success.
 * \retval 0 on failure.
 */
static int ValidityTestParse09 (void)
{
    DetectNfsVersionData *dd = NULL;
    dd = DetectNfsVersionParse("");
    FAIL_IF_NOT_NULL(dd);
    PASS;
}

示例#11

0

显示文件

/**
 * \test DetectFlowTestParse15 is a test for an invalid combo of options established,stateless
 */
int DetectFlowTestParse15 (void)
{
    DetectFlowData *fd = NULL;
    fd = DetectFlowParse("established,stateless");
    FAIL_IF_NOT_NULL(fd);
    PASS;
}

示例#12

0

显示文件

/**
 * \test Test that parsing of only_frag and no_frag together fails.
 */
static int DetectFlowTestParseNoFragOnlyFrag(void)
{
    DetectFlowData *fd = NULL;
    fd = DetectFlowParse("no_frag,only_frag");
    FAIL_IF_NOT_NULL(fd);
    PASS;
}

示例#13

0

显示文件

文件： detect-ssl-version.c 项目： micsoftvn/suricata

/**
 * \test DetectSslVersionTestParse02 is a test to make sure that we parse the
 *      "ssl_version" option correctly when given an invalid ssl_version option
 *       it should return ssl = NULL
 */
static int DetectSslVersionTestParse02(void)
{
    DetectSslVersionData *ssl = NULL;
    ssl = DetectSslVersionParse("2.5");
    FAIL_IF_NOT_NULL(ssl);
    DetectSslVersionFree(ssl);
    PASS;
}

示例#14

0

显示文件

文件： detect-ssl-state.c 项目： P1sec/suricata

int DetectSslStateTest06(void)
{
    DetectSslStateData *ssd = DetectSslStateParse("server_hello , client_keyx , "
                              "client_hello , server_keyx , "
                              "unknown , ");
    FAIL_IF_NOT_NULL(ssd);
    PASS;
}

示例#15

0

显示文件

文件： detect-app-layer-protocol.c 项目： bmeeks8/suricata

static int DetectAppLayerProtocolTest10(void)
{
    Signature *s = NULL;
    DetectEngineCtx *de_ctx = DetectEngineCtxInit();
    FAIL_IF_NULL(de_ctx);
    de_ctx->flags |= DE_QUIET;

    s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any "
            "(app-layer-protocol:smtp; app-layer-protocol:!http; sid:1;)");
    FAIL_IF_NOT_NULL(s);
    DetectEngineCtxFree(de_ctx);
    PASS;
}

示例#16

0

显示文件

文件： detect-flowbits.c 项目： P1sec/suricata

static int FlowBitsTestSig03(void)
{
    Signature *s = NULL;
    DetectEngineCtx *de_ctx = NULL;

    de_ctx = DetectEngineCtxInit();
    FAIL_IF_NULL(de_ctx);

    de_ctx->flags |= DE_QUIET;

    s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Unknown cmd\"; flowbits:wrongcmd; content:\"GET \"; sid:1;)");
    FAIL_IF_NOT_NULL(s);

    DetectEngineCtxFree(de_ctx);
    PASS;
}

示例#17

0

显示文件

文件： detect-flowbits.c 项目： norg/suricata

static int FlowBitsTestSig01(void)
{
    Signature *s = NULL;
    DetectEngineCtx *de_ctx = NULL;

    de_ctx = DetectEngineCtxInit();
    FAIL_IF_NULL(de_ctx);

    de_ctx->flags |= DE_QUIET;

    s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Noalert\"; flowbits:noalert,wrongusage; content:\"GET \"; sid:1;)");
    FAIL_IF_NOT_NULL(s);

    SigGroupBuild(de_ctx);
    DetectEngineCtxFree(de_ctx);
    PASS;
}

示例#18

0

显示文件

文件： detect-filestore.c 项目： gozzy/suricata

/*
 * The purpose of this test is to confirm that
 * filestore and bypass keywords can't
 * can't work together
 */
static int DetectFilestoreTest01(void)
{
    DetectEngineCtx *de_ctx = NULL;
    int result = 1;

    de_ctx = DetectEngineCtxInit();
    FAIL_IF(de_ctx == NULL);

    de_ctx->flags |= DE_QUIET;

    de_ctx->sig_list = SigInit(de_ctx,"alert http any any -> any any "
                               "(bypass; filestore; "
                               "content:\"message\"; http_host; "
                               "sid:1;)");
    FAIL_IF_NOT_NULL(de_ctx->sig_list);

    DetectEngineCtxFree(de_ctx);

    return result;
}