suricata
util-detect.c
Go to the documentation of this file.
1/* Copyright (C) 2017 Open Information Security Foundation
2 *
3 * You can copy, redistribute or modify this Program under the terms of
4 * the GNU General Public License version 2 as published by the Free
5 * Software Foundation.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * version 2 along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15 * 02110-1301, USA.
16 */
17
18/**
19 * \file
20 *
21 * \author Giuseppe Longo <glongo@stamus-networks.com>
22 *
23 * Detection engine helper functions
24 */
25
26#include "suricata-common.h"
27#include "suricata.h"
28#include "detect.h"
29#include "util-detect.h"
30
31/**
32 * \brief Allocate SigString list member
33 *
34 * \retval Pointer to SigString
35 */
37{
38 SigString *sigstr = SCCalloc(1, sizeof(SigString));
39 if (unlikely(sigstr == NULL))
40 return NULL;
41
42 sigstr->line = 0;
43
44 return sigstr;
45}
46
47/**
48 * \brief Assigns the filename, signature, lineno to SigString list member
49 *
50 * \param sig pointer to SigString
51 * \param sig_file filename that contains the signature
52 * \param sig_str signature in string format
53 * \param sig_error signature parsing error
54 * \param line line line number
55 *
56 * \retval 1 on success 0 on failure
57 */
58static int SigStringAddSig(SigString *sig, const char *sig_file,
59 const char *sig_str, const char *sig_error,
60 int line)
61{
62 if (sig_file == NULL || sig_str == NULL) {
63 return 0;
64 }
65
66 sig->filename = SCStrdup(sig_file);
67 if (sig->filename == NULL) {
68 SCLogError("Error allocating memory");
69 return 0;
70 }
71
72 sig->sig_str = SCStrdup(sig_str);
73 if (sig->sig_str == NULL) {
74 SCLogError("Error allocating memory");
75 SCFree(sig->filename);
76 return 0;
77 }
78
79 if (sig_error) {
80 sig->sig_error = SCStrdup(sig_error);
81 if (sig->sig_error == NULL) {
82 SCLogError("Error allocating memory");
83 SCFree(sig->filename);
84 SCFree(sig->sig_str);
85 return 0;
86 }
87 }
88
89 sig->line = line;
90
91 return 1;
92}
93
94/**
95 * \brief Append a new list member to SigString list
96 *
97 * \param list pointer to the start of the SigString list
98 * \param sig_file filename that contains the signature
99 * \param sig_str signature in string format
100 * \param line line line number
101 *
102 * \retval 1 on success 0 on failure
103 */
104int SigStringAppend(SigFileLoaderStat *sig_stats, const char *sig_file,
105 const char *sig_str, const char *sig_error, int line)
106{
107 SigString *item = SigStringAlloc();
108 if (item == NULL) {
109 return 0;
110 }
111
112 if (!SigStringAddSig(item, sig_file, sig_str, sig_error, line)) {
113 SCFree(item);
114 return 0;
115 }
116
117 TAILQ_INSERT_TAIL(&sig_stats->failed_sigs, item, next);
118
119 return 1;
120}
struct HtpBodyChunk_ * next
#define TAILQ_INSERT_TAIL(head, elm, field)
Definition queue.h:294
Signature loader statistics.
Definition detect.h:876
int line
Definition detect.h:871
char * filename
Definition detect.h:868
char * sig_error
Definition detect.h:870
char * sig_str
Definition detect.h:869
#define SCLogError(...)
Macro used to log ERROR messages.
Definition util-debug.h:267
SigString * SigStringAlloc(void)
Allocate SigString list member.
Definition util-detect.c:36
int SigStringAppend(SigFileLoaderStat *sig_stats, const char *sig_file, const char *sig_str, const char *sig_error, int line)
Append a new list member to SigString list.
#define SCFree(p)
Definition util-mem.h:61
#define SCCalloc(nm, sz)
Definition util-mem.h:53
#define SCStrdup(s)
Definition util-mem.h:56
#define unlikely(expr)