suricata: src/detect-bytemath.h File Reference

suricata

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions
void	DetectBytemathRegister (void)
	Registers the keyword handlers for the "byte_math" keyword.

SigMatch *	DetectByteMathRetrieveSMVar (const char , int sm_list, const Signature )
	Lookup the SigMatch for a named byte_math variable.

int	DetectByteMathDoMatch (DetectEngineThreadCtx , const DetectByteMathData , const Signature , const uint8_t , const uint32_t, uint8_t, uint64_t, uint64_t *, uint8_t)

Detailed Description

Author: Jeff Lucovsky jeff@.nosp@m.luco.nosp@m.vsky..nosp@m.org

Definition in file detect-bytemath.h.

Function Documentation

◆ DetectByteMathDoMatch()

int DetectByteMathDoMatch	(	DetectEngineThreadCtx *	det_ctx,
		const DetectByteMathData *	data,
		const Signature *	s,
		const uint8_t *	payload,
		const uint32_t	payload_len,
		uint8_t	nbytes,
		uint64_t	rvalue,
		uint64_t *	value,
		uint8_t	endian
	)

Definition at line 88 of file detect-bytemath.c.

References DetectEngineThreadCtx_::buffer_offset, BYTE_BIG_ENDIAN, BYTE_LITTLE_ENDIAN, ByteExtractStringUint64(), ByteExtractUint64(), DEBUG_VALIDATE_BUG_ON, len, payload_len, and SCLogDebug.

Here is the call graph for this function:

◆ DetectBytemathRegister()

void DetectBytemathRegister ( void )

Registers the keyword handlers for the "byte_math" keyword.

Definition at line 71 of file detect-bytemath.c.

References DETECT_BYTEMATH, SigTableElmt_::Free, SigTableElmt_::Match, SigTableElmt_::name, SigTableElmt_::RegisterTests, SigTableElmt_::Setup, and sigmatch_table.

Referenced by SigTableSetup().

Here is the caller graph for this function:

◆ DetectByteMathRetrieveSMVar()

SigMatch * DetectByteMathRetrieveSMVar	(	const char *	arg,
		int	sm_list,
		const Signature *	s
	)

Lookup the SigMatch for a named byte_math variable.

Parameters

arg	The name of the byte_math variable to lookup.
s	Pointer the signature to look in.

Return values

A	pointer to the SigMatch if found, otherwise NULL.

Definition at line 443 of file detect-bytemath.c.

References SignatureInitData_::buffer_index, SignatureInitData_::buffers, SigMatch_::ctx, DETECT_BYTEMATH, DETECT_SM_LIST_MAX, SignatureInitDataBuffer_::head, Signature_::init_data, SigMatch_::next, SCLogDebug, SignatureInitData_::smlists, and SigMatch_::type.

Referenced by DetectByteRetrieveSMVar().

Here is the caller graph for this function:

src
detect-bytemath.h
Generated on Wed Jul 23 2025 10:11:03 for suricata by 1.9.8