From 4324805478dabb699a1650490c89023c0a695b70 Mon Sep 17 00:00:00 2001
From: Eric Leblond <eric@regit.org>
Date: Fri, 16 Sep 2016 11:47:20 +0200
Subject: [PATCH] coccinelle: add siginit test

Add a test that check an inversion during keyword setup where
we add a sigmatch to a signature and then do error handling on it.
This was causing a double free of some elements and ultimately a
segfault.

Proposed-by: Victor Julien <victor@inliniac.net>
---
 qa/coccinelle/siginit.cocci | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 qa/coccinelle/siginit.cocci

diff --git a/qa/coccinelle/siginit.cocci b/qa/coccinelle/siginit.cocci
new file mode 100644
index 0000000000..9a2193be40
--- /dev/null
+++ b/qa/coccinelle/siginit.cocci
@@ -0,0 +1,26 @@
+@siginit@
+identifier func =~ "Detect.*Setup";
+expression E1;
+position p1;
+identifier de_ctx, s, str, error;
+type DetectEngineCtx, Signature;
+@@
+
+func(DetectEngineCtx *de_ctx, Signature *s, char *str) {
+...
+SigMatchAppendSMToList(s, ...)@p1;
+...
+if (s->alproto != E1 && ...) {
+...
+goto error;
+}
+...
+}
+
+
+@script:python@
+p1 << siginit.p1;
+@@
+print "SigMatch added at %s:%s but error handling can cause it to be freed later." % (p1[0].file, p1[0].line)
+import sys
+sys.exit(1)