Small name support code update for flowbits, flowvars and pktvars.

16 years ago · 451adaff34
parent 98fab9dab3
commit 451adaff34
5 changed files with 21 additions and 7 deletions
--- a/src/detect-flowbits.c
+++ b/src/detect-flowbits.c
@ -15,7 +15,7 @@
 * or
 *
 * flowbits:noalert;
- * 
+ *
 */

 #include <ctype.h>
@ -185,7 +185,7 @@ int DetectFlowbitSetup (DetectEngineCtx *de_ctx, Signature *s, SigMatch *m, char
        goto error;
    }

-    cd->idx = VariableNameGetIdx(de_ctx,fb_name,fb_cmd,DETECT_FLOWBITS);
+    cd->idx = VariableNameGetIdx(de_ctx,fb_name,DETECT_FLOWBITS);
    cd->cmd = fb_cmd;
    //printf("DetectFlowbitSetup: idx %" PRIu32 ", cmd %s, name %s\n", cd->idx, fb_cmd_str, fb_name ? fb_name : "(null)");

--- a/src/detect-flowvar.c
+++ b/src/detect-flowvar.c
@ -191,7 +191,7 @@ int DetectFlowvarSetup (DetectEngineCtx *de_ctx, Signature *s, SigMatch *m, char
        return -1;

    cd->name = strdup(varname);
-    cd->idx = VariableNameGetIdx(de_ctx,varname,0,DETECT_FLOWVAR);
+    cd->idx = VariableNameGetIdx(de_ctx,varname,DETECT_FLOWVAR);
    memcpy(cd->content, str, len);
    cd->content_len = len;
    cd->flags = 0;
--- a/src/detect-pcre.c
+++ b/src/detect-pcre.c
@ -254,9 +254,9 @@ int DetectPcreSetup (DetectEngineCtx *de_ctx, Signature *s, SigMatch *m, char *r
        }
        if (capture_str_ptr != NULL) {
            if (pd->flags & DETECT_PCRE_CAPTURE_PKT)
-                pd->capidx = VariableNameGetIdx(de_ctx,(char *)capture_str_ptr,0,DETECT_PKTVAR);
+                pd->capidx = VariableNameGetIdx(de_ctx,(char *)capture_str_ptr,DETECT_PKTVAR);
            else if (pd->flags & DETECT_PCRE_CAPTURE_FLOW)
-                pd->capidx = VariableNameGetIdx(de_ctx,(char *)capture_str_ptr,0,DETECT_FLOWVAR);
+                pd->capidx = VariableNameGetIdx(de_ctx,(char *)capture_str_ptr,DETECT_FLOWVAR);
        }
    }
    //printf("DetectPcreSetup: pd->capname %s\n", pd->capname ? pd->capname : "NULL");
--- a/src/util-var-name.c
+++ b/src/util-var-name.c
@ -2,6 +2,7 @@
 #include "detect.h"
 #include "util-hashlist.h"

+/** \brief Name2idx mapping structure for flowbits, flowvars and pktvars. */
 typedef struct VariableName_ {
    char *name;
    uint8_t type; /* flowbit, pktvar, etc */
@ -48,6 +49,11 @@ static void VariableNameFree(void *data) {
    free(fn);
 }

+/** \brief Initialize the Name idx hash.
+ *  \param de_ctx Ptr to the detection engine ctx.
+ *  \retval -1 in case of error
+ *  \retval 0 in case of success
+ */
 int VariableNameInitHash(DetectEngineCtx *de_ctx) {
    de_ctx->variable_names = HashListTableInit(4096, VariableNameHash, VariableNameCompare, VariableNameFree);
    if (de_ctx->variable_names == NULL)
@ -56,7 +62,14 @@ int VariableNameInitHash(DetectEngineCtx *de_ctx) {
    return 0;
 }

-uint16_t VariableNameGetIdx(DetectEngineCtx *de_ctx, char *name, uint8_t cmd, uint8_t type) {
+/** \brief Get a name idx for a name. If the name is already used reuse the idx.
+ *  \param de_ctx Ptr to the detection engine ctx.
+ *  \param name nul terminated string with the name
+ *  \param type variable type (DETECT_FLOWBITS, DETECT_PKTVAR, etc)
+ *  \retval 0 in case of error
+ *  \retval _ the idx.
+ */
+uint16_t VariableNameGetIdx(DetectEngineCtx *de_ctx, char *name, uint8_t type) {
    uint16_t idx = 0;

    VariableName *fn = malloc(sizeof(VariableName));
@ -78,6 +91,7 @@ uint16_t VariableNameGetIdx(DetectEngineCtx *de_ctx, char *name, uint8_t cmd, ui
        HashListTableAdd(de_ctx->variable_names, (void *)fn, 0);
    } else {
        idx = lookup_fn->idx;
+        VariableNameFree(fn);
    }

    return idx;
--- a/src/util-var-name.h
+++ b/src/util-var-name.h
@ -2,7 +2,7 @@
 #define __UTIL_VAR_NAME_H__

 int VariableNameInitHash(DetectEngineCtx *de_ctx);
-uint16_t VariableNameGetIdx(DetectEngineCtx *, char *, uint8_t, uint8_t);
+uint16_t VariableNameGetIdx(DetectEngineCtx *, char *, uint8_t);

 #endif