From 243c285fe91baf1fd32c56ef4b5ed19388c73a8f Mon Sep 17 00:00:00 2001
From: Victor Julien <vjulien@oisf.net>
Date: Fri, 17 Mar 2023 14:55:40 +0100
Subject: [PATCH] detect/isdataat: remove obsolete test; reduce sm_lists use

---
 src/detect-isdataat.c | 123 ++++--------------------------------------
 1 file changed, 9 insertions(+), 114 deletions(-)

diff --git a/src/detect-isdataat.c b/src/detect-isdataat.c
index 748d84b5e2..6695bb8238 100644
--- a/src/detect-isdataat.c
+++ b/src/detect-isdataat.c
@@ -421,113 +421,8 @@ static int DetectIsdataatTestParse04(void)
     result &= (s->sm_lists[g_dce_stub_data_buffer_id] == NULL && s->sm_lists[DETECT_SM_LIST_PMATCH] != NULL);
 
     SigFree(NULL, s);
-
-    return result;
-}
-
-/**
- * \test Test isdataat option for dce sig.
- */
-static int DetectIsdataatTestParse05(void)
-{
-    DetectEngineCtx *de_ctx = NULL;
-    int result = 1;
-    Signature *s = NULL;
-    DetectIsdataatData *data = NULL;
-
-    de_ctx = DetectEngineCtxInit();
-    if (de_ctx == NULL)
-        goto end;
-
-    de_ctx->flags |= DE_QUIET;
-    de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any "
-                               "(msg:\"Testing bytejump_body\"; "
-                               "dce_iface:3919286a-b10c-11d0-9ba8-00c04fd92ef5; "
-                               "dce_stub_data; "
-                               "content:\"one\"; distance:0; "
-                               "isdataat:4,relative; sid:1;)");
-    if (de_ctx->sig_list == NULL) {
-        result = 0;
-        goto end;
-    }
-    s = de_ctx->sig_list;
-    if (s->sm_lists_tail[g_dce_stub_data_buffer_id] == NULL) {
-        result = 0;
-        goto end;
-    }
-    result &= (s->sm_lists_tail[g_dce_stub_data_buffer_id]->type == DETECT_ISDATAAT);
-    data = (DetectIsdataatData *)s->sm_lists_tail[g_dce_stub_data_buffer_id]->ctx;
-    if ( !(data->flags & ISDATAAT_RELATIVE) ||
-         (data->flags & ISDATAAT_RAWBYTES) ) {
-        result = 0;
-        goto end;
-    }
-
-    s->next = SigInit(de_ctx, "alert tcp any any -> any any "
-                      "(msg:\"Testing bytejump_body\"; "
-                      "dce_iface:3919286a-b10c-11d0-9ba8-00c04fd92ef5; "
-                      "dce_stub_data; "
-                      "content:\"one\"; distance:0; "
-                      "isdataat:4,relative; sid:1;)");
-    if (s->next == NULL) {
-        result = 0;
-        goto end;
-    }
-    s = s->next;
-    if (s->sm_lists_tail[g_dce_stub_data_buffer_id] == NULL) {
-        result = 0;
-        goto end;
-    }
-    result &= (s->sm_lists_tail[g_dce_stub_data_buffer_id]->type == DETECT_ISDATAAT);
-    data = (DetectIsdataatData *)s->sm_lists_tail[g_dce_stub_data_buffer_id]->ctx;
-    if ( !(data->flags & ISDATAAT_RELATIVE) ||
-         (data->flags & ISDATAAT_RAWBYTES) ) {
-        result = 0;
-        goto end;
-    }
-
-    s->next = SigInit(de_ctx, "alert tcp any any -> any any "
-                      "(msg:\"Testing bytejump_body\"; "
-                      "dce_iface:3919286a-b10c-11d0-9ba8-00c04fd92ef5; "
-                      "dce_stub_data; "
-                      "content:\"one\"; distance:0; "
-                      "isdataat:4,relative,rawbytes; sid:1;)");
-    if (s->next == NULL) {
-        result = 0;
-        goto end;
-    }
-    s = s->next;
-    if (s->sm_lists_tail[g_dce_stub_data_buffer_id] == NULL) {
-        result = 0;
-        goto end;
-    }
-    result &= (s->sm_lists_tail[g_dce_stub_data_buffer_id]->type == DETECT_ISDATAAT);
-    data = (DetectIsdataatData *)s->sm_lists_tail[g_dce_stub_data_buffer_id]->ctx;
-    if ( !(data->flags & ISDATAAT_RELATIVE) ||
-         !(data->flags & ISDATAAT_RAWBYTES) ) {
-        result = 0;
-        goto end;
-    }
-
-    s->next = SigInit(de_ctx, "alert tcp any any -> any any "
-                      "(msg:\"Testing bytejump_body\"; "
-                      "content:\"one\"; isdataat:4,relative,rawbytes; sid:1;)");
-    if (s->next == NULL) {
-        result = 0;
-        goto end;
-    }
-    s = s->next;
-    if (s->sm_lists_tail[g_dce_stub_data_buffer_id] != NULL) {
-        result = 0;
-        goto end;
-    }
-
- end:
-    SigGroupCleanup(de_ctx);
-    SigCleanSignatures(de_ctx);
-    DetectEngineCtxFree(de_ctx);
-
-    return result;
+    FAIL_IF(result == 0);
+    PASS;
 }
 
 static int DetectIsdataatTestParse06(void)
@@ -542,10 +437,11 @@ static int DetectIsdataatTestParse06(void)
                                "isdataat:!4,relative; sid:1;)");
     FAIL_IF(s == NULL);
 
-    FAIL_IF(s->sm_lists_tail[DETECT_SM_LIST_PMATCH] == NULL);
+    FAIL_IF(s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH] == NULL);
 
-    FAIL_IF_NOT(s->sm_lists_tail[DETECT_SM_LIST_PMATCH]->type == DETECT_ISDATAAT);
-    DetectIsdataatData *data = (DetectIsdataatData *)s->sm_lists_tail[DETECT_SM_LIST_PMATCH]->ctx;
+    FAIL_IF_NOT(s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH]->type == DETECT_ISDATAAT);
+    DetectIsdataatData *data =
+            (DetectIsdataatData *)s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH]->ctx;
 
     FAIL_IF_NOT(data->flags & ISDATAAT_RELATIVE);
     FAIL_IF(data->flags & ISDATAAT_RAWBYTES);
@@ -557,10 +453,10 @@ static int DetectIsdataatTestParse06(void)
                                "isdataat: !4,relative; sid:2;)");
     FAIL_IF(s == NULL);
 
-    FAIL_IF(s->sm_lists_tail[DETECT_SM_LIST_PMATCH] == NULL);
+    FAIL_IF(s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH] == NULL);
 
-    FAIL_IF_NOT(s->sm_lists_tail[DETECT_SM_LIST_PMATCH]->type == DETECT_ISDATAAT);
-    data = (DetectIsdataatData *)s->sm_lists_tail[DETECT_SM_LIST_PMATCH]->ctx;
+    FAIL_IF_NOT(s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH]->type == DETECT_ISDATAAT);
+    data = (DetectIsdataatData *)s->init_data->smlists_tail[DETECT_SM_LIST_PMATCH]->ctx;
 
     FAIL_IF_NOT(data->flags & ISDATAAT_RELATIVE);
     FAIL_IF(data->flags & ISDATAAT_RAWBYTES);
@@ -686,7 +582,6 @@ void DetectIsdataatRegisterTests(void)
     UtRegisterTest("DetectIsdataatTestParse02", DetectIsdataatTestParse02);
     UtRegisterTest("DetectIsdataatTestParse03", DetectIsdataatTestParse03);
     UtRegisterTest("DetectIsdataatTestParse04", DetectIsdataatTestParse04);
-    UtRegisterTest("DetectIsdataatTestParse05", DetectIsdataatTestParse05);
     UtRegisterTest("DetectIsdataatTestParse06", DetectIsdataatTestParse06);
 
     UtRegisterTest("DetectIsdataatTestPacket01", DetectIsdataatTestPacket01);