static int FlowBitTest03 (void) {
int ret = 0;
Flow f;
memset(&f, 0, sizeof(Flow));
FlowBitAdd(&f, 0);
FlowBit *fb = FlowBitGet(&f,0);
if (fb == NULL) {
printf("fb == NULL although it was just added: ");
goto end;
}
FlowBitRemove(&f, 0);
fb = FlowBitGet(&f,0);
if (fb != NULL) {
printf("fb != NULL although it was just removed: ");
goto end;
} else {
ret = 1;
}
end:
GenericVarFree(f.flowvar);
return ret;
}
static int FlowBitTest11 (void) {
int ret = 0;
Flow f;
memset(&f, 0, sizeof(Flow));
FlowBitAdd(&f, 0);
FlowBitAdd(&f, 1);
FlowBitAdd(&f, 2);
FlowBitAdd(&f, 3);
FlowBit *fb = FlowBitGet(&f,3);
if (fb == NULL)
goto end;
FlowBitRemove(&f,3);
fb = FlowBitGet(&f,3);
if (fb != NULL) {
printf("fb != NULL even though it was removed: ");
goto end;
}
ret = 1;
end:
GenericVarFree(f.flowvar);
return ret;
}
static int FlowBitTest02 (void) {
int ret = 0;
Flow f;
memset(&f, 0, sizeof(Flow));
FlowBit *fb = FlowBitGet(&f,0);
if (fb == NULL)
ret = 1;
GenericVarFree(f.flowvar);
return ret;
}
static int FlowAlertSidTest01 (void) {
int ret = 0;
Flow f;
memset(&f, 0, sizeof(Flow));
FlowAlertSidAdd(&f, 0);
FlowAlertSid *fb = FlowAlertSidGet(&f,0);
if (fb != NULL)
ret = 1;
GenericVarFree(f.flowvar);
return ret;
}
static int FlowAlertSidTest05 (void) {
int ret = 0;
Flow f;
memset(&f, 0, sizeof(Flow));
FlowAlertSidAdd(&f, 0);
FlowAlertSidAdd(&f, 1);
FlowAlertSidAdd(&f, 2);
FlowAlertSidAdd(&f, 3);
FlowAlertSid *fb = FlowAlertSidGet(&f,1);
if (fb == NULL) {
printf("fb == NULL: ");
goto end;
}
ret = 1;
end:
GenericVarFree(f.flowvar);
return ret;
}
void GenericVarFree(GenericVar *gv) {
if (gv == NULL)
return;
SCLogDebug("gv %p, gv->type %" PRIu32 "", gv, gv->type);
GenericVar *next_gv = gv->next;
switch (gv->type) {
case DETECT_FLOWBITS:
{
FlowBit *fb = (FlowBit *)gv;
//printf("GenericVarFree: fb %p, removing\n", fb);
FlowBitFree(fb);
break;
}
case DETECT_FLOWVAR:
{
FlowVar *fv = (FlowVar *)gv;
FlowVarFree(fv);
break;
}
case DETECT_PKTVAR:
{
PktVar *pv = (PktVar *)gv;
PktVarFree(pv);
break;
}
default:
{
printf("ERROR: GenericVarFree unknown type %" PRIu32 "\n", gv->type);
break;
}
}
GenericVarFree(next_gv);
}
void HostBitFreeAll(void *store) {
GenericVar *gv = store;
GenericVarFree(gv);
}
static int FlowBitsTestSig08(void)
{
uint8_t *buf = (uint8_t *)
"GET /one/ HTTP/1.1\r\n"
"Host: one.example.org\r\n"
"\r\n";
uint16_t buflen = strlen((char *)buf);
Packet *p = SCMalloc(SIZE_OF_PACKET);
if (unlikely(p == NULL))
return 0;
Signature *s = NULL;
ThreadVars th_v;
DetectEngineThreadCtx *det_ctx = NULL;
DetectEngineCtx *de_ctx = NULL;
Flow f;
GenericVar flowvar, *gv = NULL;
int result = 0;
int idx = 0;
memset(p, 0, SIZE_OF_PACKET);
memset(&th_v, 0, sizeof(th_v));
memset(&f, 0, sizeof(Flow));
memset(&flowvar, 0, sizeof(GenericVar));
FLOW_INITIALIZE(&f);
p->flow = &f;
p->flow->flowvar = &flowvar;
p->src.family = AF_INET;
p->dst.family = AF_INET;
p->payload = buf;
p->payload_len = buflen;
p->proto = IPPROTO_TCP;
de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL) {
goto end;
}
de_ctx->flags |= DE_QUIET;
s = de_ctx->sig_list = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Flowbit set\"; flowbits:set,myflow2; sid:10;)");
if (s == NULL) {
goto end;
}
s = s->next = SigInit(de_ctx,"alert ip any any -> any any (msg:\"Flowbit unset\"; flowbits:toggle,myflow2; sid:11;)");
if (s == NULL) {
goto end;
}
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
idx = VariableNameGetIdx(de_ctx, "myflow", VAR_TYPE_FLOW_BIT);
gv = p->flow->flowvar;
for ( ; gv != NULL; gv = gv->next) {
if (gv->type == DETECT_FLOWBITS && gv->idx == idx) {
result = 1;
}
}
SigGroupCleanup(de_ctx);
SigCleanSignatures(de_ctx);
DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEngineCtxFree(de_ctx);
if(gv) GenericVarFree(gv);
FLOW_DESTROY(&f);
SCFree(p);
PASS_IF(result == 0);
end:
if (de_ctx != NULL) {
SigGroupCleanup(de_ctx);
SigCleanSignatures(de_ctx);
}
if (det_ctx != NULL) {
DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
}
if (de_ctx != NULL) {
DetectEngineCtxFree(de_ctx);
}
if(gv) GenericVarFree(gv);
FLOW_DESTROY(&f);
SCFree(p);
PASS_IF(result == 0);
}
